October 2021 Monthly Patch Release

Published on 13 Oct 2021

Updated on 13 Oct 2021

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2021-Oct

Separately, Microsoft has fixed CVE-2021-40449, an escalation of privilege vulnerability in Win32k that was actively exploited in the wild. Users and administrators are advised to apply the necessary patches immediately. For more information, please refer to https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40449

CRITICAL VULNERABILITIES
CVE Number CVE Name Base Score Reference
CVE-2021-38672 Windows Hyper-V Remote Code Execution Vulnerability 8.0 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38672
CVE-2021-40461 Windows Hyper-V Remote Code Execution Vulnerability 8.0 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40461
CVE-2021-40486 Microsoft Word Remote Code Execution Vulnerability 7.8 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40486