About

MSHTML vulnerability – CVE-2021-40444 resolution in Microsoft Windows 10

The MSHTML vulnerability on the Windows stack on Windows 10 operating system allowed a critical remote code execution vulnerability on the affected system. Using dynamic ActiveX controls, an attacker could deploy code on your computer and remotely access user data. The CVE-2021-40444 vulnerability has a CVSS rating of 8.8. It specifically involved the use of carefully crafted Microsoft office documents to induce a user to open the attachment and cause malicious payloads to install on the system.

The security updates on Windows 10 systems have been divided into the platform specific operating systems as mentioned below:

  • KB5005569 – Windows 10 version 1507
  • KB5005573 – Windows 10 version 1607
  • KB5005565 – Windows 10 version 21H1, 2004, 20H2
  • KB5005566 – Windows 10 version 1909

The vulnerability has been resolved in the latest Tuesday patch released by Microsoft on 14th September. The resolution involves patching the Windows installation with the corresponding patch for mitigating the MSHTML code vulnerability. Below, we will look at the different software updates that have been released by Microsoft this Tuesday. Depending on your Windows install version or the Windows product i.e. Windows server or Windows desktop, you may download the latest security update to mitigate CVE-2021-40444 fully.

KB5005573 – CVE-2021-40444 or MSHTML critical vulnerability resolution on Windows 10 operating system

Affected operating systems – Windows 10 version 1607 and Windows 2016 server (AMD)

KB5005573 covers Windows 10 version 1607 (all editions) and all versions of Windows Server 2016 (all editions). You would need to install the service stack update KB5005698 before installing the security update that will resolve the vulnerabilities on the Windows 10 or Windows 2016 server. It is a recommended practice to install the SSU or service stack updates before the cumulative update.

SSUs get automatically updated through the Windows update. These cannot be uninstalled.

The installation of the security update would take the operating system build to OS Build 14393.4651.

Here is how you could download the security updates for Windows 10 version 1607 and Windows 2016 servers:

Windows 2016 Server (x64) AMD platformDownload the KB5005573 from this link
– The update file is 1.6 Gb in size.
– You can uninstall this update in the event of any issues.
Windows 10 version 1607 (x86) systemsDownload the KB5005573 security update from this link
– The update file is 893 Mb
– You can uninstall this update in the event of any issues
Windows 10 version 1607 (x64) AMD platformDownload the KB5005573 security update from this link
– The update file is 1.6 Gb in size
– You can uninstall this security update in the event of any issues.

KB5005569 – CVE-2021-40444 critical vulnerability resolution on Windows 10 (x64) and Windows 32 bit operating system

Affected operating systems – Windows 10 version 1507.

Windows version 1507 needs to be patched with KB5005569, that is available for downloads for the x86 and x64 based systems.

Windows 10 version 1507 for x86 based systems– Download the security update KB5005569 from this link
– The update can be uninstalled in the event of any issues
– The update size is 711 MB
Windows 10 version 1507 for x64 systemsDownload the security update KB5005569 from this link
– The update can be uninstalled in the event of any issues
– The update size is 1201 Mb or 1.2 Gb

KB5005566 – Security update for Windows 10 version 1909

Affected operating system – KB5005566 security update for Windows 10 is relevant for Windows 10 version 1909.

The KB5005566 security update was released on 14th September. It was meant for the following installs of Windows 10 version 1909:

  • Windows 10 version 1909 for x86 systems
  • Windows 10 version 1909 for 32 bit operating system
  • Windows 10 version 1909 for x86 ARM systems

Below, we will look at the various Windows 19 versions and the relevant KB5005566 files to download from the Microsoft update center:

Windows 10 version 1903 and later for x86 systemsDownload the security update from this link
– The update file is 346 Mb in size
– This update can be uninstalled in the event of any issues.
Windows 10 version 1903 and later for ARM64 systemDownload the security update from this link
– The update file is 647 Mb in size
– This update can be uninstalled in the event of any issues
Windows 10 version 1903 and later for AMD64 systemDownload the security update from this link
– The update file is 563 Mb in size
– This update can be uninstalled in the event of any issues

As with any other security update, the KB5005566 can be uninstalled in the event of any issues on your system.

KB5005565 security update for CVE-2021-40444 critical vulnerability resolution

For Windows 10 version 21H2 (Windows insider pre-release), 21H1, 20H2 and Windows 10 version 2004, the KB5005565cumulative security update provides mitigation for the MSHTML vulnerability on the Windows system. This security update will patch the following installations of Windows 10:

  • Windows 10 version 21H2 for x86, ARM64 and x64 platforms – this is also called as the Windows Insider Pre-release
  • Windows 10 Version 21H1 for 32-bit Systems
  • Windows 10 Version 21H1 for ARM64-based Systems
  • Windows 10 Version 21H1 for x64-based Systems
  • Windows 10 Version 20H2 for ARM64-based Systems
  • Windows 10 Version 20H2 for 32-bit Systems
  • Windows 10 Version 20H2 for x64-based Systems
  • Windows 10 Version 2004 for x64-based Systems
  • Windows 10 Version 2004 for ARM64-based Systems
  • Windows 10 Version 2004 for 32-bit Systems

You may download the KB5005565 security updates corresponding to the Windows 10 version from the under-mentioned Microsoft update center files:

Windows 10 Version 21H2 for x86 systemsDownload the security update for Windows Insider Pre-release
– This update can be uninstalled in the event of any issues
– The update file is 277 Mb
Windows 10 version 21H2 for AMD64Download the security update for Windows Insider Pre-release
– This update can be uninstalled in the event of any issues
– The update file is 602 Mb
Windows 10 version 21H2 for ARM64Download the security update for ARM64 for Windows Insider Pre-release
– This update can be uninstalled in the event of any issues
– The update file is 641 Mb
Windows 10 version 21H1 for x86Download the security update for x86
– This update can be uninstalled in the event of any issues
– The update file is 277 Mb
Windows 10 version 21H1 for x64 Download the security update
– This update can be uninstalled in the event of any issues
– The update file is 602 Mb
Windows 10 version 21H1 for ARM64Download the security update for ARM64
– This update can be uninstalled in the event of any issues
– The update file is 641 Mb
Windows 10 version 20H2 for x86Download the security update for x86
– This update can be uninstalled in the event of any issues
– The update file is 277 Mb
Windows 10 version 20H2 for x64 or AMD64 architectureDownload the security update for x64
– This update can be uninstalled in the event of any issues
– The update file is 602 Mb
Windows 10 version 20H2 for ARM64Download the security update for ARM64
– This update can be uninstalled in the event of any issues
– The update file is 641 Mb
Windows 10 version 2004 for x86 Download the security update for x86
– This update can be uninstalled in the event of any issues
– The update file is 277 Mb
Windows 10 version 2004 for x64 Download the security update for x64
– This update can be uninstalled in the event of any issues
– The update file is 602 Mb
Windows 10 version 2004 for ARM64 Download the security update for ARM64
– This update can be uninstalled in the event of any issues
– The update file is 641 Mb

Summary

Windows 10 system patches have come under different security updates from Microsoft. These updates will help you patch the critical vulnerability on the Windows eco-system. Always try to download the system patches directly from the Microsoft update center.

If you have enabled automatic updates through Windows update process, these updates should get automatically installed on your system. Security updates can be uninstalled in the event of any issues.