Issued: Wednesday, 9 June, 2021 |
Last Revision: Wednesday, 9 June, 2021 |
Vendor: |
Product: |
Threat Actor: |
Severity Level: |
Microsoft has released its June 2021 security update with 55 critical and important vulnerabilities in multiple products. A threat actor PuzzleMaker has been exploiting both CVE-2021-31955 and CVE-2021-31956 while utilizing unpatched Chrome (CVE-2021-21220).
Six zero-day vulnerabilities are being actively exploited:
- CVE-2021-31955 - Windows Kernel Information Disclosure Vulnerability
- CVE-2021-31956 - Windows NTFS Elevation of Privilege Vulnerability
- CVE-2021-33739 - Microsoft DWM Core Library Elevation of Privilege Vulnerability
- CVE-2021-33742 - Windows MSHTML Platform Remote Code Execution Vulnerability
- CVE-2021-31199 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
It is strongly advised to apply the recommendations below in order to prevent security incidents from happening.
It is recommended to apply these security updates as soon as possible to prevent vulnerability exploitation.
Please do review andd assess critical systems for such malicious activities related to possible exploitation of these vulnerabilities.
Please note that the Q-CERT Incident Response Team will be available on call through our following Hotline details:
- Q-CERT Hotline Numbers: (+974) 4493-3408 / (+974) 4499-5444
- For reporting an incident, please send an email to: incidents@qcert.org
- Visit our website to report an incident: www.qcert.org
media-seoengine[.]com
%SYSTEM%\WmiPrvMon.exe
MD5 09A5055DB44FC1C9E3ADD608EFFF038C
SHA-1 BFFA4462901B74DBFBFFAA3A3DB27DAA61211412
SHA-256 982F7C4700C75B81833D5D59AD29147C392B20C760FE36B200B541A0F841C8A9
%SYSTEM%\wmimon.dll
MD5 D6B850C950379D5EE0F254F7164833E8
SHA-1 E63ED3B56A5F9A1EA5C92D3D2444196EA13BE94B
SHA-256 8A17279BA26C8FBE6966EA3300FDEFB1ADAE1B3ED68F76A7FC81413BD8C1A5F6