Skip to content ↓ | Skip to navigation ↓

Tripwire’s December 2021 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Ubuntu Linux Kernel, and Microsoft.

First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 “LogShell” remote code execution vulnerability. There are many attack vectors via various software applications due to Log4j2’s widespread usage in various products. Refer to https://logging.apache.org/log4j/2.x/security.html for more details.

Next on the list are patches for Microsoft MSHTML (CVE-2021-40444) and the Linux Kernel in Ubuntu (CVE-2021-3493). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible.

Up next are patches for Microsoft Edge that resolve over 20 vulnerabilities such as user after free, type confusion, heap buffer overflow, and data validation vulnerabilities.

Next are patches for Microsoft Office Access, Excel, Office Developer Platform, and Visual Basic for Applications. These patches resolve 4 issues, including remote code execution, information disclosure, and elevation of privilege vulnerabilities.

Next are patches that affect components of the Windows operating systems. These patches resolve over 30 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, kernel, NTFS, TCP/IP driver, common log file system driver, media center, lsasrv, fax service, message queuing, and others.

Lastly, administrators should focus on server-side patches for SharePoint, Hyper-V, Internet Storage Name Service, and BizTalk ESB Toolkit. These patches resolve numerous issues including spoofing, remote code execution, and denial of service vulnerabilities.

BULLETINCVE
Apache Log4j2 LogShell Remote Code Execution VulnerabilityCVE-2021-44228, CVE-2021-45046
Exploit Framework – MetasploitCVE-2021-40444, CVE-2021-3493
Microsoft EdgeCVE-2021-4053, CVE-2021-4052, CVE-2021-4064, CVE-2021-4065, CVE-2021-4057, CVE-2021-4056, CVE-2021-4055, CVE-2021-4054, CVE-2021-4059, CVE-2021-4058, CVE-2021-4068, CVE-2021-4061, CVE-2021-4067, CVE-2021-4066, CVE-2021-4062, CVE-2021-4063, CVE-2021-4101, CVE-2021-4100, CVE-2021-4102, CVE-2021-4099, CVE-2021-4098
Microsoft Office ExcelCVE-2021-43256
Visual Basic for ApplicationsCVE-2021-42295
Microsoft Office AccessCVE-2021-42293
Office Developer PlatformCVE-2021-43255
Microsoft WindowsCVE-2021-40441, CVE-2021-43216, CVE-2021-43883, CVE-2021-43207, CVE-2021-43226, CVE-2021-43224, CVE-2021-43227, CVE-2021-43219, CVE-2021-43248, CVE-2021-43228, CVE-2021-43232, CVE-2021-43244, CVE-2021-43223, CVE-2021-43238, CVE-2021-43893, CVE-2021-43217, CVE-2021-43245, CVE-2021-43247, CVE-2021-43239, CVE-2021-43237, CVE-2021-43236, CVE-2021-43222, CVE-2021-41333, CVE-2021-43235, CVE-2021-43233, CVE-2021-43234, CVE-2021-43240, CVE-2021-43231, CVE-2021-43230, CVE-2021-43229
Microsoft Office SharePointCVE-2021-42309, CVE-2021-42294, CVE-2021-42320, CVE-2021-43242
Role: Windows Hyper-VCVE-2021-43246
Internet Storage Name ServiceCVE-2021-43215
Microsoft BizTalk ESB ToolkitCVE-2021-43892