CVE-2021-38637: Windows Storage Information Disclosure Vulnerability

CVE-2021-38637 [MEDIUM] Windows Storage Information Disclosure Vulnerability Windows Storage Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. Windows Storage: Windows Storage Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005568 Reference: https://support.microsoft.com/help/5005568 Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005566 Reference: https://catalog.update.micro

CVE-2021-38637 [MEDIUM] GHSA-9f85-ww57-g5rr: Windows Storage Information Disclosure Vulnerability Windows Storage Information Disclosure Vulnerability

CVE-2021-40444 [HIGH] Microsoft and Adobe Patch Tuesday (September 2021) – Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities ## Microsoft Patch Tuesday – September 2021 Microsoft patched 60 vulnerabilities in their September 2021 Patch Tuesday release, and an additional 26 CVEs since September 1st. Among the 60 released in the September Patch Tuesday, 3 of them are rated as critical severity, one as moderate, and 56 as important. ## Critical Microsoft Vulnerabilities Patched CVE-2021-40444 – Microsoft MSHTML Remote Code Execution Vulnerability This vulnerability has been publicly disclosed and is known to be exploited. The vulnerability allows for remote code execution via MSHTML, a component used by Internet Explorer and Office. Microsoft also released a workaround to show how users can disable ActiveX controls in IE. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching.