Microsoft Monthly Security Update (December 2021)

October 8, 2025

[Updated on 2025-10-08]

Updated Description, Source and Related Links.

CVE-2021-43226 is being exploited in the wild. Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.

 

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Remote Code Execution
Information Disclosure		CVE-2021-43226 is being exploited in the wild. Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
WindowsMedium Risk Medium RiskElevation of Privilege
Remote Code Execution
Information Disclosure
Denial of Service		CVE-2021-43226 is being exploited in the wild. Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
System CenterMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Information Disclosure		 
Developer ToolsMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Spoofing		 
Microsoft OfficeMedium Risk Medium RiskSpoofing
Remote Code Execution
Elevation of Privilege
Information Disclosure		 
DeviceMedium Risk Medium RiskRemote Code Execution 
AppsHigh Risk High RiskSpoofing
Remote Code Execution
BrowserExtremely High Risk Extremely High RiskRemote Code Execution
Security Restriction Bypass

 

Number of ‘Extremely High Risk’ product(s): 1

Number of ‘High Risk’ product(s): 1

Number of ‘Medium Risk’ product(s): 6

Number of ‘Low Risk’ product(s): 0

Evaluation of overall ‘Risk Level’: Extremely High Risk

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems – Windows OS

TYPE: Windows OS

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing

System / Technologies affected

  • Extended Security Updates (ESU)
  • Windows
  • System Center
  • Developer Tools
  • Microsoft Office
  • Device
  • Apps
  • Browser

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier

Source

Related Link

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

image

[QILIN] – Ransomware Victim: www[.]auto-bernhard[.]at

October 8, 2025
image

[CHAOS] – Ransomware Victim: AutohausMalin

October 8, 2025
image

[CHAOS] – Ransomware Victim: archway[.]com

October 8, 2025
image

[HANDALA] – Ransomware Victim: Handala RedWanted

October 8, 2025
image

[QILIN] – Ransomware Victim: BCR Recouvrement

October 8, 2025