Microsoft Monthly Security Update (December 2021)

Last Update Date: 8 Oct 2025 Release Date: 15 Dec 2021 8340 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

[Updated on 2025-10-08]

Updated Description, Source and Related Links.

CVE-2021-43226 is being exploited in the wild. Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.

 

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Remote Code Execution
Information Disclosure		CVE-2021-43226 is being exploited in the wild. Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
WindowsMedium Risk Medium RiskElevation of Privilege
Remote Code Execution
Information Disclosure
Denial of Service		CVE-2021-43226 is being exploited in the wild. Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
System CenterMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Information Disclosure		 
Developer ToolsMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Spoofing		 
Microsoft OfficeMedium Risk Medium RiskSpoofing
Remote Code Execution
Elevation of Privilege
Information Disclosure		 
DeviceMedium Risk Medium RiskRemote Code Execution 
AppsHigh Risk High RiskSpoofing
Remote Code Execution
BrowserExtremely High Risk Extremely High RiskRemote Code Execution
Security Restriction Bypass

 

Number of 'Extremely High Risk' product(s): 1

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 6

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Extremely High Risk

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing

System / Technologies affected

  • Extended Security Updates (ESU)
  • Windows
  • System Center
  • Developer Tools
  • Microsoft Office
  • Device
  • Apps
  • Browser

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier

Source

Related Link

Related Tags

MicrosoftDenial of ServiceRemote Code ExecutionElevation of PrivilegeSecurity Restriction BypassInformation DisclosureSpoofingExploit In The Wild

Share with

Previous

Linux Kernel Multiple Vulnerabilities

5 Aug 2021 8157 Views

Next

Samsung Products Multiple Vulnerabilities

8 Oct 2025 5825 Views

More Articles

RISK: Extremely High Risk

Extremely High Risk

Google Chrome Multiple Vulnerabilities

Security Bulletin

ChromeSecurity Restriction BypassRemote Code ExecutionExploit In The Wild

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY