Microsoft Windows WLAN AutoConfig Service Remote Code Execution Vulnerability
A critical* Microsoft WLAN (Wireless Local Area Network) AutoConfig Service Remote Code Execution Vulnerability with a CVSS 3.1 score of 9.8 was released.
Even though no exploit regarding this vulnerability has been discovered, due to its severity/criticality, it is highly recommended that the following patches are downloaded to ensure the safety of systems/assets.
Affected Systems
It is stated in the recommended solutions section.
IoC’s
-
Recommended Solution(s)
Organizations using the following products are recommended to download the patches in the table below.
| Product | Article | Patch |
|---|---|---|
| Windows Server 2012 R2 (Server Core installation) | 5005613 | Monthly Rollup |
| Windows Server 2012 R2 (Server Core installation) | 5005627 | Security Only |
| Windows Server 2012 R2 | 5005613 | Monthly Rollup |
| Windows Server 2012 R2 | 5005627 | Security Only |
| Windows Server 2012 (Server Core installation) | 5005623 | Monthly Rollup |
| Windows Server 2012 (Server Core installation) | 5005607 | Security Only |
| Windows Server 2012 | 5005623 | Monthly Rollup |
| Windows Server 2012 | 5005607 | Security Only |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5005633 | Monthly Rollup |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5005615 | Security Only |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5005633 | Monthly Rollup |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5005615 | Security Only |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5005606 | Monthly Rollup |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5005618 | Security Only |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5005606 | Monthly Rollup |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5005618 | Security Only |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5005606 | Monthly Rollup |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5005618 | Security Only |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5005606 | Monthly Rollup |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5005618 | Security Only |
| Windows RT 8.1 | 5005613 |
Monthly Rollup |
| Windows 8.1 for x64-based systems | 5005613 | Monthly Rollup |
| Windows 8.1 for x64-based systems | 5005627 | Security Only |
| Windows 8.1 for 32-bit systems | 5005613 | Monthly Rollup |
| Windows 8.1 for 32-bit systems | 5005627 | Security Only |
| Windows 7 for x64-based Systems Service Pack 1 | 5005633 | Monthly Rollup |
| Windows 7 for x64-based Systems Service Pack 1 | 5005615 | Security Only |
| Windows 7 for 32-bit Systems Service Pack 1 | 5005633 | Monthly Rollup |
| Windows 7 for 32-bit Systems Service Pack 1 | 5005615 | Security Only |
| Windows Server 2016 (Server Core installation) | 5005573 | Security Update |
| Windows Server 2016 | 5005573 | Security Update |
| Windows 10 Version 1607 for x64-based Systems | 5005573 | Security Update |
| Windows 10 Version 1607 for 32-bit Systems | 5005573 | Security Update |
| Windows 10 for x64-based Systems | 5005569 | Security Update |
| Windows 10 for 32-bit Systems | 5005569 | Security Update |
| Windows Server, version 20H2 (Server Core Installation) | 5005565 | Security Update |
| Windows 10 Version 20H2 for ARM64-based Systems | 5005565 | Security Update |
| Windows 10 Version 20H2 for 32-bit Systems | 5005565 | Security Update |
| Windows 10 Version 20H2 for x64-based Systems | 5005565 | Security Update |
| Windows Server, version 2004 (Server Core installation) | 5005565 | Security Update |
| Windows 10 Version 2004 for x64-based Systems | 5005565 | Security Update |
| Windows 10 Version 2004 for ARM64-based Systems | 5005565 | Security Update |
| Windows 10 Version 2004 for 32-bit Systems | 5005565 | Security Update |
| Windows Server 2022 (Server Core installation) | 5005575 | Security Update |
| Windows Server 2022 | 5005575 | Security Update |
| Windows 10 Version 21H1 for 32-bit Systems | 5005565 | Security Update |
| Windows 10 Version 21H1 for ARM64-based Systems | 5005565 | Security Update |
| Windows 10 Version 21H1 for x64-based Systems | 5005565 | Security Update |
| Windows 10 Version 1909 for ARM64-based Systems | 5005566 | Security Update |
| Windows 10 Version 1909 for x64-based Systems | 5005566 | Security Update |
| Windows 10 Version 1909 for 32-bit Systems | 5005566 | Security Update |
| Windows Server 2019 (Server Core installation) | 5005568 | Security Update |
| Windows Server 2019 | 5005568 | Security Update |
| Windows 10 Version 1809 for ARM64-based Systems | 5005568 | Security Update |
| Windows 10 Version 1809 for x64-based Systems | 5005568 | Security Update |
| Windows 10 Version 1809 for 32-bit Systems | 5005568 | Security Update |
CVE / CWE
CVE-2021-36965
Related Website(s)
- https://nvd.nist.gov/vuln/detail/CVE-2021-36965
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36965
* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.
Current Security Vulnerability Reports
İSTANBUL
+90 216 504 53 32
Aydınevler Mahallesi,İsmet İnönü Cadddesi,Küçükyalı Ofis Park A Blok,No:20/1 Maltepe İstanbul
ANKARA
+90 312 235 44 51
VULNERABILITY NEWSLETTER
You can register to our newsletter on the home page to be instantly informed about security vulnerabilities.
© 2021 Barikat Cyber Security All rights reserved.