Microsoft squashes multiple vulnerabilities in its solutions. Among them is critical spoofing vulnerability CVE-2021-43890, frequently exploited for Emotet, Trickbot and Bazaloader attacks.

Microsoft releases a December update fixing various vulnerabilities through no less than 67 patches. In November, there were 55. This year, the tech giant released a total of 887 CVE patches.

The December round concerns vulnerabilities in Microsoft Office, Microsoft PowerShell, the Chromium-based Edge browser, the Windows Kernel, the Windows Print Spooler and the Windows Remote Desktop Client. Of the 67 patches released, six involved zero-day exploits.

The issues fixed included Remote Code Execution (RCE), security flaws in escalating privileges, spoofing bugs and denial-of-service methods.

Six zero-day patches

The most significant patch covered CVE-2021-43890. It concerns a zero-day Windows AppX Installer spoofing vulnerability, rated as very critical and frequently being exploited by hackers. Above all, hackers leverage the vulnerability to spread Emotet, Trickbot and Bazaloader malware.

Other zero-day fixes include a Windows Print Spooler Elevation of Privilege vulnerability (CVE-2021-413330), a Windows Mobile Device Management Elevation of Privilege (EoP) vulnerability (CVE-2021-43880) and an EoP in the Windows Encrypting File System (CVE-2021-43893).

Additionally, zero-day vulnerabilities have been resolved for a ‘NTFS Set Short Name elevation of privilege’ software flaw (CVE-2021-43240) and the Windows Installer (CVE-2021-43883).

New Exchange attacks

Furthermore, the tech giant discovered that a patched Exchange Server post-authentication flaw (CVE-2021-42321) is being actively exploited for new attacks.