TRY NOW
Patch Tuesday

Microsoft Patch Tuesday – June 2021

5 min. read
08/06/2021
By Esben Dochy
Microsoft-Patch-Tuesday-June-2021

It’s the second tuesday of the month: time for the Microsoft Patch Tuesday, June 2021 edition. This month, it contains 52 fixes for several security flaws for Windows and other products. We have discussed the most critical ones and made a list of all the other vulnerabilities.

⚡ TL;DR | Go Straight to the June 2021 Patch Tuesday Audit Report.

CVE-2021-31963 – Microsoft SharePoint Server Remote Code Execution Vulnerability

An RCE vulnerability is detected within the SharePoint Server of Microsoft containing a very high CVSS 3.0 score of 7.1. It’s less likely that this vulnerability will be exploited but we advise you to run our report and update all the installations within your network.

CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability

Microsoft Defender contains a Remote Code Execution (RCE) vulnerability for which exploitation by an attacker is more likely to happen. It has a very high CVSS 3.0 of 7.8 rating which suggests that you update your Defender installations right now.

Want to run this Audit Report?

Start your Free Lansweeper Trial to run the Audit Report.

Try for Free

CVE-2021-31959 – Critical Remote Code Execution Flaws

There has been a scripting engine memory corruption vulnerability within Windows RT, Windows 7, Windows 8, Windows 10, Windows Server 2008 R2, Windows Server 2012 (R2) and Windows Server 2016. In order for an attacker to exploit the vulnerability, the user must open a specially crafted file.

Six Exploited Zero-Day Vulnerabilities

We have detected a total of six zero-day vulnerabilities which have been patched in this months Patch Tuesday:

CVE NumberCVE Title
CVE-2021-31955Windows Kernel Information Disclosure Vulnerability
CVE-2021-31956Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-33739Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-33742Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-31199Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-31201Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

Run the Patch Tuesday (June 2021) Audit Report

Our experts created a Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. It’s color-coded to give you an easy and quick overview of which assets are already on the latest Windows update, and which ones still need to be patched. As always, all admins are advised to install these security updates as soon as possible to protect Windows from security risks.

Patch Tuesday June 2021 CVE Codes & Titles

CVE CodeCVE Descriptions
CVE-2021-33742Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-33739Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-31985Microsoft Defender Remote Code Execution Vulnerability
CVE-2021-31983Paint 3D Remote Code Execution Vulnerability
CVE-2021-31980Microsoft Intune Management Extension Remote Code Execution Vulnerability
CVE-2021-31978Microsoft Defender Denial of Service Vulnerability
CVE-2021-31977Windows Hyper-V Denial of Service Vulnerability
CVE-2021-31976Server for NFS Information Disclosure Vulnerability
CVE-2021-31975Server for NFS Information Disclosure Vulnerability
CVE-2021-31974Server for NFS Denial of Service Vulnerability
CVE-2021-31973Windows GPSVC Elevation of Privilege Vulnerability
CVE-2021-31972Event Tracing for Windows Information Disclosure Vulnerability
CVE-2021-31971Windows HTML Platform Security Feature Bypass Vulnerability
CVE-2021-31970Windows TCP/IP Driver Security Feature Bypass Vulnerability
CVE-2021-31969Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2021-31968Windows Remote Desktop Services Denial of Service Vulnerability
CVE-2021-31967VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2021-31966Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-31965Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31964Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-31963Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-31962Kerberos AppContainer Security Feature Bypass Vulnerability
CVE-2021-31960Windows Bind Filter Driver Information Disclosure Vulnerability
CVE-2021-31959Scripting Engine Memory Corruption Vulnerability
CVE-2021-31958Windows NTLM Elevation of Privilege Vulnerability
CVE-2021-31957.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-31956Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-31955Windows Kernel Information Disclosure Vulnerability
CVE-2021-31954Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-31953Windows Filter Manager Elevation of Privilege Vulnerability
CVE-2021-31952Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2021-31951Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-31950Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-31949Microsoft Outlook Remote Code Execution Vulnerability
CVE-2021-31948Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-31946Paint 3D Remote Code Execution Vulnerability
CVE-2021-31945Paint 3D Remote Code Execution Vulnerability
CVE-2021-319443D Viewer Information Disclosure Vulnerability
CVE-2021-319433D Viewer Remote Code Execution Vulnerability
CVE-2021-319423D Viewer Remote Code Execution Vulnerability
CVE-2021-31941Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31940Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31939Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-31938Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability
CVE-2021-31201Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-31199Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-28455Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2021-26420Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-26414Windows DCOM Server Security Feature Bypass
CVE-2021-1675Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-0835Windows Defender Antimalware Platform Hard Link Elevation of Privilege Vulnerability
ADV990001Latest Servicing Stack Updates

If you haven’t already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.

Receive the Latest Patch Tuesday Report for FREE Every Month

"*" indicates required fields

Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
Hidden
This field is for validation purposes and should be left unchanged.
NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.