I. Overview

Microsoft recently released its monthly set of security updates. 50 vulnerabilities are disclosed, among which 5 are rated important. Attackers can exploit these vulnerabilities to perform remote code execution, escalate privileges, and leak sensitive information. The following software is affected: Microsoft Windows, Windows Server, Edge, and SharePoint. If you are a Microsoft user, check your system and implement timely security hardening.

For details, visit the Microsoft official website:

https://msrc.microsoft.com/update-guide/releaseNote/2021-Jun

The following 0-day vulnerabilities have been exploited by attackers. Install patches in a timely manner to prevent attacks.

CVE-2021-31955: Windows Kernel Information Disclosure Vulnerability

CVE-2021-31956: Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-33739: Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2021-33742: Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2021-31199: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

CVE-2021-31201: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Microsoft Windows, Windows Server, Edge, SharePoint, etc.

IV. Vulnerability Details

(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)

V. Security Recommendations

1. Use Windows Update or download patches from the following address to fix the vulnerabilities:

https://msrc.microsoft.com/update-guide

2. Back up data remotely to protect your data.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.