- Feb 4, 2016
Today is Microsoft's November 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 55 flaws. The actively exploited vulnerabilities are for Microsoft Exchange and Excel, with the Exchange zero-day used as part of the Tianfu hacking contest.
Microsoft has fixed 55 vulnerabilities with today's update, with six classified as Critical and 49 as Important. The number of each type of vulnerability is listed below:
For information about the non-security Windows updates, you can read about today's Windows 10 KB5007186 & KB5007189 cumulative updates and the Windows 11 KB5007215 cumulative update.
- 20 Elevation of Privilege vulnerabilities
- 2 Security Feature Bypass vulnerabilities
- 15 Remote Code Execution vulnerabilities
- 10 Information Disclosure vulnerabilities
- 3 Denial of Service vulnerabilities
- 4 Spoofing vulnerabilities
Six zero-days fixed, with two actively exploitedNovember's Patch Tuesday includes fixes for six zero-day vulnerabilities, two actively exploited against Microsoft Exchange and Microsoft Excel.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The actively exploited vulnerabilities fixed this month are: