by A critical security vulnerability with a CVSS 3.1 Score of 9.8 has been released by Microsoft that will cause remote code execution in Windows TCP/IP. Although there is no exploit detection for the published vulnerabilities, it is thought that attackers can produce exploit codes by examining and working on this fix, since it has released a security vulnerability and a patch.
Affected Systems
The products mentioned in the solution suggestions section below are affected.
Solution and CVE/CWE
It is recommended to install the updates specified in the table below.
CVE/CWE: CVE-2021-26424
| Product | Article | Security Patch |
|---|---|---|
| Windows Server 2012 R2 (Server Core installation) | 5005076 | Monthly Rollup |
| Windows Server 2012 R2 (Server Core installation) | 5005106 | Security Only |
| Windows Server 2012 R2 | 5005076 | Monthly Rollup |
| Windows Server 2012 R2 | 5005106 | Security Only |
| Windows Server 2012 (Server Core installation) | 5005099 | Monthly Rollup |
| Windows Server 2012 (Server Core installation) | 5005094 | Security Only |
| Windows Server 2012 | 5005099 | Monthly Rollup |
| Windows Server 2012 | 5005094 | Security Only |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5005088 | Monthly Rollup |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5005089 | Security Only |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5005088 | Monthly Rollup |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5005089 | Security Only |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5005090 | Monthly Rollup |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5005095 | Security Only |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5005090 | Monthly Rollup |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5005095 | Security Only |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5005090 | Monthly Rollup |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5005095 | Security Only |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5005090 | Monthly Rollup |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5005095 | Security Only |
| Windows RT 8.1 | 5005076 | Monthly Rollup |
| Windows 8.1 for x64-based systems | 5005076 | Monthly Rollup |
| Windows 8.1 for x64-based systems | 5005106 | Security Only |
| Windows 8.1 for 32-bit systems | 5005076 | Monthly Rollup |
| Windows 8.1 for 32-bit systems | 5005106 | Security Only |
| Windows 7 for x64-based Systems Service Pack 1 | 5005088 | Monthly Rollup |
| Windows 7 for x64-based Systems Service Pack 1 | 5005089 | Security Only |
| Windows 7 for 32-bit Systems Service Pack 1 | 5005088 | Monthly Rollup |
| Windows 7 for 32-bit Systems Service Pack 1 | 5005089 | Security Only |
| Windows Server 2016 (Server Core installation) | 5005043 | Security Update |
| Windows Server 2016 | 5005043 | Security Update |
| Windows 10 Version 1607 for x64-based Systems | 5005043 | Security Update |
| Windows 10 Version 1607 for 32-bit Systems | 5005043 | Security Update |
| Windows 10 for x64-based Systems | 5005040 | Security Update |
| Windows 10 for 32-bit Systems | 5005040 | Security Update |
| Windows Server, version 20H2 (Server Core Installation) | 5005033 | Security Update |
| Windows 10 Version 20H2 for ARM64-based Systems | 5005033 | Security Update |
| Windows 10 Version 20H2 for 32-bit Systems | 5005033 | Security Update |
| Windows 10 Version 20H2 for x64-based Systems | 5005033 | Security Update |
| Windows Server, version 2004 (Server Core installation) | 5005033 | Security Update |
| Windows 10 Version 2004 for x64-based Systems | 5005033 | Security Update |
| Windows 10 Version 2004 for ARM64-based Systems | 5005033 | Security Update |
| Windows 10 Version 2004 for 32-bit Systems | 5005033 | Security Update |
| Windows 10 Version 21H1 for 32-bit Systems | 5005033 | Security Update |
| Windows 10 Version 21H1 for ARM64-based Systems | 5005033 | Security Update |
| Windows 10 Version 21H1 for x64-based Systems | 5005033 | Security Update |
| Windows 10 Version 1909 for ARM64-based Systems | 5005031 | Security Update |
| Windows 10 Version 1909 for x64-based Systems | 5005031 | Security Update |
| Windows 10 Version 1909 for 32-bit Systems | 5005031 | Security Update |
| Windows Server 2019 (Server Core installation) | 5005030 | Security Update |
| Windows Server 2019 | 5005030 | Security Update |
| Windows 10 Version 1809 for ARM64-based Systems | 5005030 | Security Update |
| Windows 10 Version 1809 for x64-based Systems | 5005030 | Security Update |
| Windows 10 Version 1809 for 32-bit Systems | 5005030 | Security Update |
Note: Those with a CVSS 3.1 score (out of 10) 7.0-8.9 are considered “high”, those with 9.0-10.0 are considered “critical” vulnerabilities.
Reference:
