Monthly Patch
December 2021 Monthly Patch Release
15 December 2021
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
The vulnerabilities that have been classified as Critical in severity are listed in the table below.
For the full list of security patches released by Microsoft, please refer to
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2021-Dec
Critical vulnerabilities
CVE Number | CVE Name | Base Score | Reference |
|---|---|---|---|
CVE-2021-43215 | iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | 9.8 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43215 |
CVE-2021-43907 | Visual Studio Code WSL Extension Remote Code Execution Vulnerability | 9.8 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43907 |
CVE-2021-43899 | Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability | 9.8 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43899 |
CVE-2021-43905 | Microsoft Office app Remote Code Execution Vulnerability | 9.6 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43905 |
CVE-2021-43217 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | 8.1 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43217 |
CVE-2021-42310 | Microsoft Defender for IoT Remote Code Execution Vulnerability | 8.1 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42310 |
CVE-2021-43233 | Remote Desktop Client Remote Code Execution Vulnerability | 7.5 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43233 |