Number: AV21-631
Date: 14 December 2021
On 14 December 2021 Microsoft published Security Updates to address vulnerabilities in multiple products. Included were critical updates for the following:
- Microsoft 4K Wireless Display Adapter
- Microsoft Defender for IoT
- Office app
- Visual Studio Code WSL Extension
- Windows 7, 8.1, RT 8.1, 10 and 11
- Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019 and 2022
- Windows Server Core 2012, 2012 R2, 2016, 2019, 2022, 20H2 and 2004
Exploitation of some of these vulnerabilities could allow an actor to execute code remotely.
Of note, Microsoft has indicated that exploitation has been detected for the following vulnerability : CVE-2021-43890.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
December 2021 Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec
Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance