Tripwire’s December 2021 Patch Priority Index (PPI) gathers important vulnerabilities for Apache, Ubuntu Linux Kernel and Microsoft.
The first on the list of high priority fixes this month are the fixes for Apache Log4j2 vulnerabilities, the highest for the Log4j2 “LogShell” remote code execution vulnerability. There are many attack vectors through various software applications due to the widespread use of Log4j2 in various products. See https://logging.apache.org/log4j/2.x/security.html for details.
Next are the fixes for Microsoft MSHTML (CVE-2021-40444) and the Linux kernel in Ubuntu (CVE-2021-3493). Exploits for these vulnerabilities were recently added to the Metasploit Exploit Framework. These systems should be corrected as soon as possible.
Next are the patches for Microsoft Edge that address over 20 vulnerabilities such as user post free, type confusion, buffer overflow, and data validation vulnerabilities.
Next are fixes for Microsoft Office Access, Excel, Office Developer Platform, and Visual Basic for Applications. These fixes resolve 4 issues including remote code execution, information disclosure, and elevation of privilege.
This is followed by fixes that affect components of Windows operating systems. These fixes resolve over 30 vulnerabilities, including elevation of privilege, information disclosure, bypassing security features, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect Windows Kernel, Kernel, NTFS, TCP / IP Driver, Common Log File System Driver, Media Center, lsasrv, Fax Service, Message Queuing, and others.
Finally, administrators should focus on server side fixes for SharePoint, Hyper-V, Internet Storage Name Service, and BizTalk ESB Toolkit. These fixes resolve many issues, including impersonation, remote code execution, and denial of service vulnerabilities.
|Remote code execution vulnerability in Apache Log4j2 LogShell||CVE-2021-44228, CVE-2021-45046|
|Operating framework – Metasploit||CVE-2021-40444, CVE-2021-3493|
|Microsoft Edge||CVE-2021-4053, CVE-2021-4052, CVE-2021-4064, CVE-2021-4065, CVE-2021-4057, CVE-2021-4056, CVE-2021-4055, CVE-2021-4054, CVE- 2021-4059, CVE-2021-4058, CVE-2021-4068, CVE-2021-4061, CVE-2021-4067, CVE-2021-4066, CVE-2021-4062, CVE-2021-4063, CVE-2021- 4101, CVE-2021-4100, CVE-2021-4102, CVE-2021-4099, CVE-2021-4098|
|Microsoft Office Excel||CVE-2021-43256|
|Visual Basic for Applications||CVE-2021-42295|
|Microsoft Office Access||CVE-2021-42293|
|Desktop development platform||CVE-2021-43255|
|Microsoft Windows||CVE-2021-40441, CVE-2021-43216, CVE-2021-43883, CVE-2021-43207, CVE-2021-43226, CVE-2021-43224, CVE-2021-43227, CVE-2021-43219, CVE- 2021-43248, CVE-2021-43228, CVE-2021-43232, CVE-2021-43244, CVE-2021-43223, CVE-2021-43238, CVE-2021-43893, CVE-2021-43217, CVE-2021- 43245, CVE-2021-43247, CVE-2021-43239, CVE-2021-43237, CVE-2021-43236, CVE-2021-43222, CVE-2021-41333, CVE-2021-43235, CVE-2021-43233, CVE-2021-43234, CVE-2021-43240, CVE-2021-43231, CVE-2021-43230, CVE-2021-43229|
|Microsoft Office SharePoint||CVE-2021-42309, CVE-2021-42294, CVE-2021-42320, CVE-2021-43242|
|Role: Windows Hyper-V||CVE-2021-43246|
|Internet Storage Name Service||CVE-2021-43215|
|Microsoft BizTalk ESB Toolkit||CVE-2021-43892|