Microsoft Returns With Another Whopping Patch Tuesday

Last updated September 23, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

The “Patch Tuesday” updates by Microsoft have stabilized in big sizes, as this is the third month in the row that we have over a hundred fixes. More specifically, there are 129 fixes this month, 11 of which being rated as critical. The majority of the fixes concern “important” bugs, so this patch was a broader lite-fixing work compared to previous ones. There are no identified flaws that have been under active exploitation in the wild, but you are still advised to update your Windows system as soon as possible.

The most notable fixes concern a couple of remote code execution (RCE) vulnerabilities in the Office suite, which could potentially lead to a complete system compromise. Exploiting these flaws would be as simple as convincing the target to open a malicious document. These flaws are the following:

For the Android bug, users are advised to apply the patch by updating the app through the Play Store. Of course, more fixes for Office tools have been introduced with this patch, including XSS flaws, exploits targeting the SharePoint server, and improper memory object handling (CVE-2020-1225, CVE-2020-1226), and also an Outlook integration bug (CVE-2020-1229).

Another critical vulnerability that was fixed on the latest patch is CVE-2020-1241, which concerns the Windows kernel in-built security system called “NULL Pointer Dereference.” By exploiting this flaw, someone could bypass the protection layer and create an “Elevation of Privilege” (EoP) condition. This was a common exploit method in the past, and also the reason why the NULL Pointer Dereference was introduced in the first place.

In general, Microsoft has identified and fixed 69 “Elevation of Privilege” vulnerabilities in this patch. 15 on the Windows kernel, six on Win32k, one on the OpenSSH, and one on the Windows Lockscreen. Privilege escalation is a particularly nasty type of exploitation which enables “regular” users to quickly pass through user levels and become an admin, root, and even tap into the most privileged kernel level.

As usual, the patches that were fixed with this patch haven’t been detailed from a technical perspective, as this would enable malicious actors to exploit them quickly. It doesn’t mean that you should delay updating, as pointers are now out there. If you are still using anything older than Windows 8.1, it is well beyond time to jump to Windows 10 or Linux.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: