Microsoft has released Windows 10 21H1 Patch for June 2021. Microsoft released the list of Vulnerabilities in the June 2020 patch Tuesday, and there are announced for many Microsoft applications Intune Management Extension, Outlook, Excel, 3D Paint, Defender, Remote Desktop, and more.
Microsoft released the latest version of Windows 10 21H1. I have also explained the easiest option to upgrade to the latest version. The Windows 10 KB5003637 June patch is available for Windows 10 users already running.
Microsoft published release notes for June 2021 cumulative update patch. As you might have already noted, the 21H1 was released with very few new features like Windows Hello and Defender. Most of us are waiting for Next Generation Windows Announcement is on 24th June 2021.
Outlook | Excel | 3D Paint | Defender | Remote Desktop – Windows 10 21H1 Patch
As you can see below, vulnerabilities are associated with applications like Outlook, Excel, 3D Paint, Defender, Remote Desktop, and many others. I highlight some of the details about the vulnerabilities in the section below.
One example is the Microsoft Edge (Chrome-based) Security Feature Bypass Vulnerability and the Microsoft Edge (Chrome-based) Elevation of Privilege Vulnerability, which are explained in CVE-2021-33741 and CVE-2021-31982.
CVE-2021-31985 explains the Microsoft Defender Remote Code Execution Vulnerability. The defender also has another vulnerability, Microsoft Defender Denial of Service Vulnerability, explained in CVE-2021-31978.
Microsoft has already fixed all these vulnerabilities. To resolve some of these issues, you must ensure that Windows 10 cumulative update KB5003637 is installed on your device. However, some are fixed independently/automatically by the application fixes/cloud service.
- Windows 10 21H1 KB5005101 Cumulative Update Released
- Create SCCM Windows 10 21H1 Device Collection Using WQL Query ConfigMgr | Endpoint Manager
Intune Management Extension Issue – Windows 10 21H1 Patch
Microsoft Intune Management Extension Remote Code Execution Vulnerability is announced as part of June 2021 as part of CVE-2021-31980. The issue gets fixed automatically when the client connects to Intune service.
CVE-2021-31980 | Microsoft Intune Management Extension Remote Code Execution Vulnerability |
CVE Details – Windows 10 21H1 Patch
You can get more details from the below table:
CVE Numbers | CVE Title |
---|---|
CVE-2021-33742 | Windows MSHTML Platform Remote Code Execution Vulnerability |
CVE-2021-33741 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
CVE-2021-33739 | Microsoft DWM Core Library Elevation of Privilege Vulnerability |
CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability |
CVE-2021-31983 | Paint 3D Remote Code Execution Vulnerability |
CVE-2021-31982 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
CVE-2021-31980 | Microsoft Intune Management Extension Remote Code Execution Vulnerability |
CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability |
CVE-2021-31977 | Windows Hyper-V Denial of Service Vulnerability |
CVE-2021-31976 | Server for NFS Information Disclosure Vulnerability |
CVE-2021-31975 | Server for NFS Information Disclosure Vulnerability |
CVE-2021-31974 | Server for NFS Denial of Service Vulnerability |
CVE-2021-31973 | Windows GPSVC Elevation of Privilege Vulnerability |
CVE-2021-31972 | Event Tracing for Windows Information Disclosure Vulnerability |
CVE-2021-31971 | Windows HTML Platform Security Feature Bypass Vulnerability |
CVE-2021-31970 | Windows TCP/IP Driver Security Feature Bypass Vulnerability |
CVE-2021-31969 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
CVE-2021-31968 | Windows Remote Desktop Services Denial of Service Vulnerability |
CVE-2021-31967 | VP9 Video Extensions Remote Code Execution Vulnerability |
CVE-2021-31966 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2021-31965 | Microsoft SharePoint Server Information Disclosure Vulnerability |
CVE-2021-31964 | Microsoft SharePoint Server Spoofing Vulnerability |
CVE-2021-31963 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2021-31962 | Kerberos AppContainer Security Feature Bypass Vulnerability |
CVE-2021-31960 | Windows Bind Filter Driver Information Disclosure Vulnerability |
CVE-2021-31959 | Scripting Engine Memory Corruption Vulnerability |
CVE-2021-31958 | Windows NTLM Elevation of Privilege Vulnerability |
CVE-2021-31957 | ASP.NET Denial of Service Vulnerability |
CVE-2021-31956 | Windows NTFS Elevation of Privilege Vulnerability |
CVE-2021-31955 | Windows Kernel Information Disclosure Vulnerability |
CVE-2021-31954 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
CVE-2021-31953 | Windows Filter Manager Elevation of Privilege Vulnerability |
CVE-2021-31952 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
CVE-2021-31951 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2021-31950 | Microsoft SharePoint Server Spoofing Vulnerability |
CVE-2021-31949 | Microsoft Outlook Remote Code Execution Vulnerability |
CVE-2021-31948 | Microsoft SharePoint Server Spoofing Vulnerability |
CVE-2021-31946 | Paint 3D Remote Code Execution Vulnerability |
CVE-2021-31945 | Paint 3D Remote Code Execution Vulnerability |
CVE-2021-31944 | 3D Viewer Information Disclosure Vulnerability |
CVE-2021-31943 | 3D Viewer Remote Code Execution Vulnerability |
CVE-2021-31942 | 3D Viewer Remote Code Execution Vulnerability |
CVE-2021-31941 | Microsoft Office Graphics Remote Code Execution Vulnerability |
CVE-2021-31940 | Microsoft Office Graphics Remote Code Execution Vulnerability |
CVE-2021-31939 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2021-31938 | Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability |
Resources
- Security Update Guide – https://msrc.microsoft.com/update-guide/vulnerability
- Next Generation Windows Announcement is on 24th June 2021
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.