On the second Tuesday of the month, Microsoft releases the new security patches for the versions of Windows 10 supported. The recurrence is called Patch Tuesday, and patches for the last three releases have been served this month, Windows 10 2004, 20H2 e 21H1, which share the same core code and therefore also the same fixes. Some of the previous versions have also been updated in the Enterprise, Education and Long Term channels.
As we have already written, Microsoft recently announced that it has begun training the machine learning algorithms used to upgrade systems from Windows 10 2004 to Windows 10 21H1, released in recent weeks. It is a procedure that Microsoft normally applies as the end of the installed release support approaches, but in this case Windows 10 2004 still has six months of mainstream support ahead of it. Furthermore, with Patch Tuesday in June, the News and Interests widget is enabled for all users, by default at the start of the operating system but which can be disabled.
Windows 10 2004, 20H2, 21H1, the news of Patch Tuesday in June
It is the first time that, on Windows 10, all supported versions receive the same cumulative updates. Windows 10 2004, 20H2 and 21H1 adopt the same base code and have few differences from each other, and therefore can install the same patch. The June package for all three releases is identified as KB5003637 and installs the builds 19041.1052, 19042.1052 e 19043.1052 on the 2004, 20H2 and 21H1 releases respectively. At the same time, Microsoft released the build 19043.1052 on Windows 10 in the Insider Beta and Release Preview channels. Here are the fixes in English, as per Microsoft official changelog:
- Updates to improve security when using input devices such as a mouse, keyboard, or pen.
- Updates to improve Windows OLE (compound documents) security.
- Updates for verifying usernames and passwords.
- Updates to improve security when Windows performs basic operations.
- Updates for storing and managing files.
- This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and installMicrosoft updates.
- Security updates to theMicrosoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Virtualization, Windows Kernel, Windows HTML Platform, and Windows Storage and Filesystems.
50 vulnerabilities fixed, including 6 0-days already exploited
In the update they were fixed 50 vulnerabilities, including 45 classified as important, 5 critical. Seven of these vulnerabilities are 0-day, while six have been actively exploited by malicious actors. Here are the references released by Microsoft:
The flaw known as CVE-2021-31968, also corrected on Patch Tuesday in June, was publicly disclosed but never detected in actual attacks.
Specifically, the 0-day leaks CVE-2021-31955 e CVE-2021-31956, the first of the Windows Kernel Information Disclosure Vulnerability type and the second of the Windows NTFS Elevation of Privilege Vulnerability type, were exploited by a new criminal group known as PuzzleMaker in targeted attacks. Using a 0-day exploit on Chrome to run code remotely on Windows, they then exploited the two vulnerabilities together to proceed with a privilege escalation on the compromised device. Finally, once the highest permissions were obtained, attackers could remotely install a shell to upload or download files from the system, and execute commands.
Long-term editions of Windows 10 1909 are also updated
On the occasion of the Patch Tuesday in June Microsoft has also released the KB5003635per package Windows 10 1909, no longer supported in the mainstream channel but still followed for Enterprise, Education and IoT Enterprise SKUs in the long-term channels. On these releases the build 18363.1621.