[German]Microsoft released last night an an email about various revisions to its security advisories. It is about a Windows DCOM server vulnerability and Defender for IoT vulnerabilities. However, everything is only of an informal nature, Microsoft has only adjusted the descriptions. I'll just post the relevant information here on the blog without comment.
Advertising
**********************************************************
Title: Microsoft Security Update Revisions
Issued: January 27, 2022
**********************************************************
Summary
=======
The following CVEs have undergone revision increments.
==========================================================
* CVE-2021-26414
* CVE-2021-42311
* CVE-2021-42313
– CVE-2021-26414 | Windows DCOM Server Security Feature Bypass
– Version: 1.2
– Reason for Revision: Updated FAQs as follows: Revised planned dates for phases Two
and Three; Added recommendation to install September 2021 security updates to
enable DCOM event logs that were added with those updates. These are informational
changes only.
– Originally posted: June 8, 2021
– Updated: January 26, 2022
– Aggregate CVE Severity Rating: Important
Advertising
– CVE-2021-42311 | Microsoft Defender for IoT Remote Code Execution Vulnerability
– Version: 1.1
– Reason for Revision: Added an FAQ and updated the CVSS score. This is an
informational change only.
– Originally posted: December 14, 2021
– Updated: January 26, 2022
– Aggregate CVE Severity Rating: Important
– CVE-2021-42313 | Microsoft Defender for IoT Remote Code Execution Vulnerability
– Version: 1.1
– Reason for Revision: Added an FAQ and updated the CVSS score. This is an
informational change only.
– December 14, 2021
– Updated: January 26, 2022
– Aggregate CVE Severity Rating: Important
