Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. Microsoft has fixed 50 vulnerabilities, with five classified as Critical and forty-five as Important.

As part of June 2021 Patch Tuesday, Microsoft has also fixed seven zero-day vulnerabilities, with six of them known to be exploited in the past.

The six actively exploited zero-day vulnerabilities are:

CVE-2021-31955 - Windows Kernel Information Disclosure Vulnerability

CVE-2021-31956 - Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-33739 - Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2021-33742 - Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2021-31199 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

In addition, the 'CVE-2021-31968 - Windows Remote Desktop Services Denial of Service Vulnerability' was publicly disclosed but not seen in attacks.

More information on vulnerabilities and updates is available in the Microsoft’s June 2021 Security Updates page – microsoft.com.

Source: bleepingcomputer.com