{"id":22073,"date":"2021-11-10T18:13:06","date_gmt":"2021-11-10T17:13:06","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=22073"},"modified":"2021-11-10T18:16:45","modified_gmt":"2021-11-10T17:16:45","slug":"microsoft-security-update-summary-9-november-2021","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/11\/10\/microsoft-security-update-summary-9-november-2021\/","title":{"rendered":"Microsoft Security Update Summary (9. November 2021)"},"content":{"rendered":"<p><img decoding=\"async\" title=\"Update\" style=\"margin: 0px 10px 0px 0px\" border=\"0\" alt=\"Update\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Update-01.jpg\" align=\"left\">[<a href=\"https:\/\/www.borncity.com\/blog\/2021\/11\/10\/microsoft-security-update-summary-9-november-2021\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]On November 9, Microsoft released security updates for Windows clients and servers, for Office, Exchange, etc. &#8211; as well as for other products &#8211; were released. Microsoft warns that vulnerabilities in Exchange and Excel are being exploited. Below is a compact overview of these updates released on Patchday.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg08.met.vgwort.de\/na\/7e79c87861ff405d9365c5c39e6bf37c\" width=\"1\" height=\"1\">A list of the updates can be found on <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\" target=\"_blank\" rel=\"noopener\">this Microsoft page<\/a>. Details about the update packages for Windows, Office, etc. are available in separate blog posts. <\/p>\n<h2>Notes on the updates<\/h2>\n<p>Windows 10 Version 2004, 20H2&nbsp; und 21H1 share a common core and have an identical set of system files. Therefore, the same security update will be delivered for these Windows 10 versions. Information on how to enable the features of Windows 10 version 1909 as well as 20H2, which is done through an Enablement Package update, can be found in <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/Windows-IT-Pro-Blog\/Windows-10-version-1909-delivery-options\/ba-p\/1002660\" target=\"_blank\" rel=\"noopener\">this tech community post<\/a>.&nbsp; <\/p>\n<p>All Windows 10 updates are cumulative. The monthly Patchday update includes all security fixes for Windows 10 and all non-security fixes through Patchday. In addition to vulnerability security patches, the updates include security enhancement measures. Microsoft is integrating the Servicing Stack Updates (SSUs) into the Latest Cumulative Updates (LCUs) for newer versions of Windows 10.&nbsp; <\/p>\n<p>Windows 7 SP1 is no longer supported as of January 2020. Only customers with a 2nd year ESU license (or bypass measures) will still receive updates. With the current ESU bypass lets install the update. Updates can also be downloaded from the <a href=\"https:\/\/www.catalog.update.microsoft.com\/Home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>. Updates for Windows RT 8.1 and Microsoft Office RT are only available through Windows Update.&nbsp;&nbsp; <\/p>\n<h2>Fixed vulnerabilities<\/h2>\n<p>The November 2021 security updates address vulnerabilities (55 CVEs, 6 of which are critical, 49 of which are important) in Microsoft products. A list of all CVEs covered can be found on <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2021-Nov\" target=\"_blank\" rel=\"noopener\">this Microsoft page<\/a>. Tenable has listed all the fixed vulnerabilities in <a href=\"https:\/\/de.tenable.com\/blog\/microsoft-s-november-2021-patch-tuesday-addresses-55-cves-cve-2021-42321?tns_redirect=true\" target=\"_blank\" rel=\"noopener\">this blog post<\/a>. To be mentioned are RCE vulnerability <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2021-42321\" target=\"_blank\" rel=\"noopener\">CVE-2021-42321<\/a> in Microsoft Exchange (see <a href=\"https:\/\/borncity.com\/win\/2021\/11\/10\/exchange-server-november-2021-sicherheitsupdates-schlieen-rce-schwachstelle-cve-2021-423\/\">Exchange Server November 2021 Security Updates Close RCE Vulnerability CVE-2021-423<\/a>). And further the <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2021-42292\" target=\"_blank\" rel=\"noopener\">CVE-2021-42292<\/a> vulnerability in Microsoft Excel. Tenable still lists RCE vulnerability&nbsp; <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2021-38666\" target=\"_blank\" rel=\"noopener\">CVE-2021-38666<\/a> in Remote Desktop Client and RCE vulnerabilities <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2021-43208\" target=\"_blank\" rel=\"noopener\">CVE-2021-43208<\/a> and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2021-43209\" target=\"_blank\" rel=\"noopener\">CVE-2021-43209<\/a> in Windows 10 3D Viewer.  <\/p>\n<h3>Critical Security Updates<\/h3>\n<p>Windows 10 for 32-bit Systems<br \/>Windows 10 for x64-based Systems<br \/>Windows 10 Version 1607 for 32-bit Systems<br \/>Windows 10 Version 1607 for x64-based Systems<br \/>Windows 10 Version 1809 for 32-bit Systems<br \/>Windows 10 Version 1809 for ARM64-based Systems<br \/>Windows 10 Version 1809 for x64-based Systems<br \/>Windows 10 Version 1909 for 32-bit Systems<br \/>Windows 10 Version 1909 for ARM64-based Systems<br \/>Windows 10 Version 1909 for x64-based Systems<br \/>Windows 10 Version 2004 for 32-bit Systems<br \/>Windows 10 Version 2004 for ARM64-based Systems<br \/>Windows 10 Version 2004 for x64-based Systems<br \/>Windows 10 Version 20H2 for 32-bit Systems<br \/>Windows 10 Version 20H2 for ARM64-based Systems<br \/>Windows 10 Version 20H2 for x64-based Systems<br \/>Windows 10 Version 21H1 for 32-bit Systems<br \/>Windows 10 Version 21H1 for ARM64-based Systems<br \/>Windows 10 Version 21H1 for x64-based Systems<br \/>Windows 11 for ARM64-based Systems<br \/>Windows 11 for x64-based Systems<br \/>Windows 8.1 for 32-bit systems<br \/>Windows 8.1 for x64-based systems<br \/>Windows RT 8.1<br \/>Windows Server 2012<br \/>Windows Server 2012 (Server Core installation)<br \/>Windows Server 2012 R2<br \/>Windows Server 2012 R2 (Server Core installation)<br \/>Windows Server 2016<br \/>Windows Server 2016 (Server Core installation)<br \/>Windows Server 2019<br \/>Windows Server 2019 (Server Core installation)<br \/>Windows Server 2022<br \/>Windows Server 2022 (Server Core installation)<br \/>Windows Server, version 1909 (Server Core installation)<br \/>Windows Server, version 2004 (Server Core installation)<br \/>Windows Server, version 20H2 (Server Core Installation)<br \/>Microsoft Visual Studio 2015 Update 3<br \/>Microsoft Visual Studio 2017 version 15.9 (includes 15.0 &#8211; 15.8)<br \/>Microsoft Visual Studio 2019 version 16.11 (includes 16.0 &#8211; 16.10)<br \/>Microsoft Visual Studio 2019 version 16.7 (includes 16.0 &#8211; 16.6)<br \/>Microsoft Visual Studio 2019 version 16.9 (includes 16.0 &#8211; 16.8)<br \/>Visual Studio Code<br \/>Microsoft Malware Protection Engine<br \/>Remote Desktop client for Windows Desktop<br \/>Microsoft Dynamics 365 (on-premises) version 9.0<br \/>Microsoft Dynamics 365 (on-premises) version 9.1<\/p>\n<h3>Important Security Updates<\/h3>\n<p>Microsoft 365 Apps for Enterprise for 32-bit Systems<br \/>Microsoft 365 Apps for Enterprise for 64-bit Systems<br \/>Microsoft Excel 2013 RT Service Pack 1<br \/>Microsoft Excel 2013 Service Pack 1 (32-bit editions)<br \/>Microsoft Excel 2013 Service Pack 1 (64-bit editions)<br \/>Microsoft Excel 2016 (32-bit edition)<br \/>Microsoft Excel 2016 (64-bit edition)<br \/>Microsoft Office 2013 RT Service Pack 1<br \/>Microsoft Office 2013 Service Pack 1 (32-bit editions)<br \/>Microsoft Office 2013 Service Pack 1 (64-bit editions)<br \/>Microsoft Office 2016 (32-bit edition)<br \/>Microsoft Office 2016 (64-bit edition)<br \/>Microsoft Office 2019 for 32-bit editions<br \/>Microsoft Office 2019 for 64-bit editions<br \/>Microsoft Office 2019 for Mac<br \/>Microsoft Office LTSC 2021 for 32-bit editions<br \/>Microsoft Office LTSC 2021 for 64-bit editions<br \/>Microsoft Office LTSC for Mac 2021<br \/>Microsoft Office Online Server<br \/>Microsoft Office Web Apps Server 2013 Service Pack 1<br \/>Microsoft SharePoint Enterprise Server 2013 Service Pack 1<br \/>Microsoft SharePoint Enterprise Server 2016<br \/>Microsoft SharePoint Foundation 2013 Service Pack 1<br \/>Microsoft SharePoint Server 2019<br \/>Microsoft SharePoint Server Subscription Edition<br \/>Microsoft Exchange Server 2013 Cumulative Update 23<br \/>Microsoft Exchange Server 2016 Cumulative Update 21<br \/>Microsoft Exchange Server 2016 Cumulative Update 22<br \/>Microsoft Exchange Server 2019 Cumulative Update 10<br \/>Microsoft Exchange Server 2019 Cumulative Update 11<br \/>Microsoft Edge (Chromium-based) in IE Mode<br \/>3D Viewer<br \/>Azure RTOS<br \/>Azure Sphere<br \/>FSLogix<br \/>Power BI Report Server<\/p>\n<p><strong>Similar articles<br \/><\/strong><a href=\"https:\/\/borncity.com\/win\/2021\/11\/10\/microsoft-security-update-summary-9-november-2021\/\">Microsoft Oktober 2021 Patchday (November 9, 2021)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/11\/10\/patchday-windows-10-updates-9-november-2021\/\">Patchday: Windows 10-Updates (November 9, 2021)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/11\/10\/patchday-windows-8-1-server-2012-updates-9-november-2021\/\">Patchday: Windows 8.1\/Server 2012 Updates (November 9, 2021)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/11\/10\/patchday-updates-fr-windows-7-server-2008-r2-9-november-2021\/\">Patchday: Updates for Windows 7\/Server 2008 R2 (November 9, 2021)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]On November 9, Microsoft released security updates for Windows clients and servers, for Office, Exchange, etc. &#8211; as well as for other products &#8211; were released. Microsoft warns that vulnerabilities in Exchange and Excel are being exploited. Below is a &hellip; <a href=\"https:\/\/borncity.com\/win\/2021\/11\/10\/microsoft-security-update-summary-9-november-2021\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,580,1547,22,2],"tags":[125,2687,69,195,194],"class_list":["post-22073","post","type-post","status-publish","format-standard","hentry","category-office","category-security","category-software","category-update","category-windows","tag-office","tag-patchday-11-2021","tag-security","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/22073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=22073"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/22073\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=22073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=22073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=22073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}