CVE-2021-40469
published 2021-10-13CVE-2021-40469: Windows DNS Server Remote Code Execution Vulnerability
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
Windows DNS Server Remote Code Execution Vulnerability
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.0.0 < 6.1.7601.25740 | 6.1.7601.25740 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.0 < 6.1.7601.25740 | 6.1.7601.25740 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.0 < 6.0.6003.21251 | 6.0.6003.21251 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.0 < 6.2.9200.23490 | 6.2.9200.23490 |
| microsoft | windows_server_2012_r2 | >= 6.3.0 < 6.3.9600.20144 | 6.3.9600.20144 |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | >= 10.0.0 < 10.0.14393.4704 | 10.0.14393.4704 |
| microsoft | windows_server_2019 | >= 10.0.0 < 10.0.17763.2237 | 10.0.17763.2237 |
| microsoft | windows_server_2022 | >= 10.0.0 < 10.0.20348.288 | 10.0.20348.288 |
| microsoft | windows_server_version_2004 | >= 10.0.0 < 10.0.19041.1288 | 10.0.19041.1288 |
| microsoft | windows_server_version_20h2 | >= 10.0.0 < 10.0.19042.1288 | 10.0.19042.1288 |
| msrc | windows_server_2008_for_32-bit_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_for_x64-based_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_r2_for_x64-based_systems_service_pack_1 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
| msrc | windows_server_2019 | — | — |
| msrc | windows_server_2022 | — | — |
| msrc | windows_server_version_2004 | — | — |
| msrc | windows_server_version_20h2 | — | — |
Microsoft
Windows DNS Server Remote Code Execution Vulnerability
vendor_msrc·2021-10-12·CVSS 7.2
CVE-2021-40469 [HIGH] Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
FAQ: If my server is not configured to be a DNS server, it is vulnerable?
No, this vulnerability is only exploitable if the server is configured to be a DNS server.
Role: DNS Server: Role: DNS Server
Microsoft: Microsoft
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672
Reference: https://support.microsoft.com/help/5006672
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006699
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006670
Reference: https://support.micros
GHSA
GHSA-g6f2-f38r-23wj: Windows DNS Server Remote Code Execution Vulnerability
ghsa_unreviewed·2022-05-24
CVE-2021-40469 [HIGH] GHSA-g6f2-f38r-23wj: Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
No detection rules found.
No public exploits indexed.
Qualys
Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities
blogs_qualys·2021-10-13·CVSS 9.0
CVE-2021-40449 [CRITICAL] Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities
## Microsoft Patch Tuesday – October 2021
Microsoft patched 74 vulnerabilities in their October 2021 Patch Tuesday release, of which three are rated as critical severity and four were previously reported as zero-days.
## Critical Microsoft Vulnerabilities Patched
CVE-2021-40449 – Win32k Elevation of Privilege Vulnerability
This was a zero-day, and one of the four addressed by Microsoft this month. This vulnerability impacts the Win32K kernel driver. This is being actively exploited by IronHusky and Chinese APT groups. Microsoft has assigned a CVSSv3 base score of 7.8 to this vulnerability and it should be prioritized for patching.
CVE-2021- 40486 – Microsoft Word Remote Code Execution Vulnerability
This vulnerability is due to improper input validation in Microsoft Word. Adversaries
Qualys
Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities | Qualys
blogs_qualys·2021-10-13·CVSS 9.0
CVE-2021-40449 [CRITICAL] Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities | Qualys
### Microsoft Patch Tuesday – October 2021
Microsoft patched 74 vulnerabilities in their October 2021 Patch Tuesday release, of which three are rated as critical severity and four were previously reported as zero-days.
### Critical Microsoft Vulnerabilities Patched
CVE-2021-40449 – Win32k Elevation of Privilege Vulnerability
This was a zero-day, and one of the four addressed by Microsoft this month. This vulnerability impacts the Win32K kernel driver. This is being actively exploited by IronHusky and Chinese APT groups. Microsoft has assigned a CVSSv3 base score of 7.8 to this vulnerability and it should be prioritized for patching.
CVE-2021- 40486 – Microsoft Word Remote Code Execution Vulnerability
This vulnerability is due to improper input validation in Microsoft Word. Adversarie
Trendmicro
October Patch Tuesday: 3 Critical Bulletins Among 71
blogs_trendmicro·2021-10-13·CVSS 8.0
[HIGH] October Patch Tuesday: 3 Critical Bulletins Among 71
Exploits & Vulnerabilities
# October Patch Tuesday: 3 Critical Bulletins Among 71
The October Patch Tuesday maintains the relatively peaceful streak from previous months with only 3 bulletins rated as Critical among 71 new vulnerabilities.
By: Trend Micro
2021/10/13
Read time: ( words)
Save to Folio
The October 2021 Patch Tuesday continues the quiet streak observed for the months of August and September. Out of 71 bulletins, only three were rated Critical this month. The list also included a fix for four publicly known vulnerabilities. Of the fixed vulnerabilities, 11 were disclosed via the Zero Day Initiative.
Three Critical patches and other notable vulnerabilities
Only three patches were rated Critical this month. Two of them were remote code execution (RCE) vulnerabilities (CVE
Tenable
Microsoft’s October 2021 Patch Tuesday Addresses 74 CVEs (CVE-2021-40449)
blogs_tenable·2021-10-12·CVSS 7.8
[HIGH] Microsoft’s October 2021 Patch Tuesday Addresses 74 CVEs (CVE-2021-40449)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Crowdstrike
October 2021 Patch Tuesday: Updates and Analysis
blogs_crowdstrike·CVSS 7.5
CVE-2026-20929 [HIGH] October 2021 Patch Tuesday: Updates and Analysis
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019
Helping Non-Security Stakeholders Understand AT
2021-10-13
Published