Microsoft December Patch Tuesday: fix 6 zero-day security vulnerabilities

On December 14, Microsoft released December Patch Tuesday to fix 67 security vulnerabilities (including 6 zero-day) in Windows and products. Microsoft marked 7 flaws as critical and 60 flaws as important. This patch includes 21 escalation vulnerabilities, 26 remote code execution vulnerabilities, 10 information disclosure vulnerabilities, 3 denial of service vulnerabilities, and 7 spoofing vulnerabilities. Some high-risk flaws have been actively exploited by hackers.

6 zero-day security vulnerabilities include:

• CVE-2021-43890: Windows AppX Installer Spoofing Vulnerability
  “We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader.

  An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

• CVE-2021-43240: NTFS Set Short Name Elevation of Privilege Vulnerability
• CVE-2021-43883: Windows Installer Elevation of Privilege Vulnerability
• CVE-2021-41333: Windows Print Spooler Elevation of Privilege Vulnerability
• CVE-2021-43217: Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
• CVE-2021-43880: Windows Mobile Device Management Elevation of Privilege Vulnerability
  “An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents.”
• CVE-2021-43893: Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

We recommend that Windows users install the Microsoft December Patch Tuesday as soon as possible.