18th September 2021

Microsoft Windows TCP/IP Remote Code Execution Vulnerability – CVE-2021-26424

A critical security vulnerability with a CVSS 3.1 Score of 9.8 has been released by Microsoft that will cause remote code execution in Windows TCP/IP. Although there is no exploit detection for the published vulnerabilities, it is thought that attackers can produce exploit codes by examining and working on this fix, since it has released a security vulnerability and a patch.

Microsoft Windows TCP/IP Remote Code Execution Vulnerability
Microsoft Windows TCP/IP Remote Code Execution Vulnerability

 

Affected Systems

The products mentioned in the solution suggestions section below are affected.

Solution and CVE/CWE

It is recommended to install the updates specified in the table below.

CVE/CWE: CVE-2021-26424

CVE-2021-26424
CVE-2021-26424

 

Product Article Security Patch
Windows Server 2012 R2 (Server Core installation) 5005076 Monthly Rollup
Windows Server 2012 R2 (Server Core installation) 5005106 Security Only
Windows Server 2012 R2 5005076 Monthly Rollup
Windows Server 2012 R2 5005106 Security Only
Windows Server 2012 (Server Core installation) 5005099 Monthly Rollup
Windows Server 2012 (Server Core installation) 5005094 Security Only
Windows Server 2012 5005099 Monthly Rollup
Windows Server 2012 5005094 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5005088 Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5005089 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5005088 Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5005089 Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5005090 Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5005095 Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 5005090 Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2 5005095 Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5005090 Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5005095 Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 5005090 Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2 5005095 Security Only
Windows RT 8.1 5005076 Monthly Rollup
Windows 8.1 for x64-based systems 5005076 Monthly Rollup
Windows 8.1 for x64-based systems 5005106 Security Only
Windows 8.1 for 32-bit systems 5005076 Monthly Rollup
Windows 8.1 for 32-bit systems 5005106 Security Only
Windows 7 for x64-based Systems Service Pack 1 5005088 Monthly Rollup
Windows 7 for x64-based Systems Service Pack 1 5005089 Security Only
Windows 7 for 32-bit Systems Service Pack 1 5005088 Monthly Rollup
Windows 7 for 32-bit Systems Service Pack 1 5005089 Security Only
Windows Server 2016 (Server Core installation) 5005043 Security Update
Windows Server 2016 5005043 Security Update
Windows 10 Version 1607 for x64-based Systems 5005043 Security Update
Windows 10 Version 1607 for 32-bit Systems 5005043 Security Update
Windows 10 for x64-based Systems 5005040 Security Update
Windows 10 for 32-bit Systems 5005040 Security Update
Windows Server, version 20H2 (Server Core Installation) 5005033 Security Update
Windows 10 Version 20H2 for ARM64-based Systems 5005033 Security Update
Windows 10 Version 20H2 for 32-bit Systems 5005033 Security Update
Windows 10 Version 20H2 for x64-based Systems 5005033 Security Update
Windows Server, version 2004 (Server Core installation) 5005033 Security Update
Windows 10 Version 2004 for x64-based Systems 5005033 Security Update
Windows 10 Version 2004 for ARM64-based Systems 5005033 Security Update
Windows 10 Version 2004 for 32-bit Systems 5005033 Security Update
Windows 10 Version 21H1 for 32-bit Systems 5005033 Security Update
Windows 10 Version 21H1 for ARM64-based Systems 5005033 Security Update
Windows 10 Version 21H1 for x64-based Systems 5005033 Security Update
Windows 10 Version 1909 for ARM64-based Systems 5005031 Security Update
Windows 10 Version 1909 for x64-based Systems 5005031 Security Update
Windows 10 Version 1909 for 32-bit Systems 5005031 Security Update
Windows Server 2019 (Server Core installation) 5005030 Security Update
Windows Server 2019 5005030 Security Update
Windows 10 Version 1809 for ARM64-based Systems 5005030 Security Update
Windows 10 Version 1809 for x64-based Systems 5005030 Security Update
Windows 10 Version 1809 for 32-bit Systems 5005030 Security Update
LEARN MORE  Is LTE Vulnerability Traceable?

Note: Those with a CVSS 3.1 score (out of 10) 7.0-8.9 are considered “high”, those with 9.0-10.0 are considered “critical” vulnerabilities.

Reference:

Leave a Reply

Your email address will not be published. Required fields are marked *