TR-21-0462 (Microsoft Güvenlik Zafiyeti)

Genel Bilgi

Microsoft Edge (Chromium-tabanlı), SharePoint Server, VsCode Kubernetes, Excel, Office Graphics ve Defender ürünlerinde Uzaktan Kod Çalıştırma, Bilgi İfşası ve DoS zafiyeti tespit edilmiştir.

Etki

Mevcut zafiyetler nedeniyle hedef sistemler siber saldırganlar tarafından kontrol altına alınabilir.

CVE-2021-33741, CVE-2021-26420, CVE-2021-31963, CVE-2021-31966, CVE-2021-31199, CVE-2021-31201, CVE-2021-31938, CVE-2021-31939, CVE-2021-31940, CVE-2021-31941, CVE-2021-31948, CVE-2021-31950, CVE-2021-31964, CVE-2021-31949, CVE-2021-31965, CVE-2021-31978, CVE-2021-31980, CVE-2021-31985 ve CVE-2021-33739

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM) kullanıcı ve sistem yöneticilerine yayınlanan güncellemelerini incelemelerini ve gerekli güncellemeleri yapmalarını tavsiye etmektedir.

Kaynaklar

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26420

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31199

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31201

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31938

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31939

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31940

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31941

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31948

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31949

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31950

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33741

2021-06-09