A vulnerability exploited by the threat actor 'Pazzle Maker' has been fixed by Windows Update.
In June 2021, a total of seven zero-day vulnerabilities were fixed, including six that have already been exploited by 'threat actors'.
The Windows Update, which takes place on the second Tuesday of every month, includes a variety of updates, from urgent bugs to security fixes.
PuzzleMaker attacks with Chrome zero-day exploit chain | Securelist
Microsoft June 2021 Patch Tuesday fixes 6 exploited zero-days, 50 flaws
Microsoft Patches Six Zero-Day Security Holes – Krebs on Security
The following six zero-day vulnerabilities have been exploited.
-CVE-2021-31955 : Information leakage vulnerability in Windows kernel
-CVE-2021-31956 : Windows NTFS privilege escalation vulnerability
CVE-2021-33739 : Microsoft DWM Core Library Privilege Elevation Vulnerabilities
CVE-2021-33742 : Remote code execution vulnerability in Windows MS HTML Platform
CVE-2021-31199 : Microsoft Enhanced Cryptographic Provider privilege elevation vulnerability
CVE-2021-31201 : Microsoft Enhanced Cryptographic Provider privilege elevation vulnerability
According to computer security company Kaspersky, CVE-2021-31955 and CVE-2021-31956 were used in the attack by new threat actor PazzleMaker. PazzleMaker used Chrome's remote code execution vulnerability to access the target system and exploited the information disclosure vulnerability in the Windows kernel and the privilege escalation vulnerability in Windows NTFS. The Chrome vulnerability, CVE-2021-21224, has been fixed on April 20, 2021.
In addition, CVE-2021-31199 and CVE-2021-31201 contained vulnerabilities related to the patch CVE-2021-28550 for Adobe Acrobat and Reader. Attackers used these vulnerabilities to create PDF files with malicious code, said Christopher Hass of cybersecurity research organization Automox.