The patch KB5003637 for Windows 10 May 2021 Update update the system to build 19043.1052, and solves a multitude of vulnerabilities. This month, we have specifically 49 vulnerabilities, plus seven zero-day vulnerabilities. Of these, Microsoft has been able to confirm that at least six of them are currently being used actively by hackers, hence it is essential that we update our computers now.
Zero-day crash list in June 2021 on Windows
The list of discovered vulnerabilities is as follows:
- CVE-2021-31955 – Windows Kernel Information Disclosure Vulnerability
- CVE-2021-31956 – Windows NTFS Elevation of Privilege Vulnerability
- CVE-2021-33739 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
- CVE-2021-33742 – Windows MSHTML Platform Remote Code Execution Vulnerability
- CVE-2021-31199 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- CVE-2021-31201 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- CVE-2021-31968 – Windows Remote Desktop Services Denial of Service Vulnerability
The first six are the zero-day ones that were being exploited, while the seventh has not been seen in attacks.
Two of the zero-day vulnerabilities, discovered by Kaspersky, were used jointly with Google Chrome, and they were the beginning of a chain of exploits to finally execute remote code in Windows 10. The bug was twofold, and it directly affected the Windows 10 kernel.
Taking advantage of the flaws of Chrome and Windows 10 at the same time
With it, it was possible to attack the functionality of SuperFetch Windows 10, first introduced in Vista to reduce program loading times by loading commonly used applications into memory. The attack would have been carried out by the group PuzzleMaker.
Kasperksy has specifically detected in attacks aimed at a multitude of companies last April using this vulnerability, although it has not specified which ones or if it is related to the multitude of ransomware attacks that we have seen in recent months against companies such as Colonial Pipeline or the Brazilian meat company JBS SA
In short, we recommend that you update your Windows 10 operating system as soon as possible to avoid network vulnerabilities. The update will be installed automatically on your system, but it may take a few days to apply if you do not restart. For this reason, it is advisable to manually go to Windows Update and click Check for updates to install it. Once done, we restart, and we will be protected.