Microsoft Windows June 2021 Zero-day Vulnerabilities

On June 2021 Patch Tuesday, Microsoft addressed 50 vulnerabilities; and out of these, 5 were critical and 45 were important bugs. 3 vulnerabilities were previously known, and 6 are being actively exploited by attackers. The 6 exploited vulnerabilities are: CVE-2021-31955, CVE-2021-31956, CVE-2021-33739, CVE-2021-33742, CVE-2021-31199, & CVE-2021-31201.

CVE-2021-31955 and CVE-2021-31956 are Windows Kernel Information Disclosure vulnerability and Windows NTFS Elevation of Privilege vulnerability respectively, which have been discovered by Kaspersky Lab researchers. According to Bharat Jogi, Senior Manager, Vulnerability and Threat Research at Qualys, “these two vulnerabilities were being used in conjunction with Google Chrome and were at the root of a chain of exploits in highly targeted attacks against multiple companies.”

CVE-2021-33739 – is a Microsoft DWM Core Library Elevation of Privilege Vulnerability.

CVE-2021-33742  is a Windows MSHTML Platform Remote Code Execution Vulnerability – a component used by the Internet Explorer engine to read and display content from websites. As the library is used by other services and applications, emailing HTML files as part of a phishing campaign is also a viable method of delivery.

CVE-2021-31199 and CVE-2021-31201 are Microsoft Enhanced Cryptographic Provider Elevation of Privilege vulnerabilities. Both these CVEs can be collectively used as an initial infection point via targeted phishing attacks, targeting Adobe Reader users on Windows via PDF files.

In a report released today by Kaspersky, researchers have explained that the CVE-2021-31955 and CVE-2021-31956 zero-day vulnerabilities were used in attacks by a new threat actor group known as PuzzleMaker.

Affected products

Multiple products of Microsoft Windows.


The OS giant has released a security guidance for June 2021 Patch Tuesday CVEs.

Qualys Detection

Qualys customers can scan their network with QID 91722 to detect vulnerable assets.

Please continue to follow Qualys Threat Protection for more coverage on latest vulnerabilities.

References and Sources

Leave a Reply

Your email address will not be published. Required fields are marked *