Microsoft security advisory – December 2021 monthly rollup

Number: AV21-631
Date: 14 December 2021

On 14 December 2021 Microsoft published Security Updates to address vulnerabilities in multiple products. Included were critical updates for the following:

  • Microsoft 4K Wireless Display Adapter
  • Microsoft Defender for IoT
  • Office app
  • Visual Studio Code WSL Extension
  • Windows 7, 8.1, RT 8.1, 10 and 11
  • Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019 and 2022  
  • Windows Server Core 2012, 2012 R2, 2016, 2019, 2022, 20H2 and 2004

Exploitation of some of these vulnerabilities could allow an actor to execute code remotely.

Of note, Microsoft has indicated that exploitation has been detected for the following vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. : CVE-2021-43890.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

December 2021 Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec

Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance

Date modified: