Windows 11 Security Update for December – KB5008215

The monthly security update for Microsoft Windows 11 was released on 14th December. The update for Windows 11 is managed under the KB5008215 security update. This update is a major update as it fixes 28 security vulnerabilities for Windows 11 based on the x64 systems. Of these 28 vulnerabilities, there are 2 vulnerabilities that have a critical impact on your computers based on the Windows 11 operating system. The remaining vulnerabilities have ‘important’ severity levels with pronounced effects on the Windows 11 based infrastructure.

Below we look at some of these vulnerabilities. We will also discuss the methods you could use to apply the security update KB5008215 to Windows 11 based computers.

Critical vulnerabilities resolved on Windows 11 under KB5008215

There are two security vulnerabilities that are of a critical impact on Windows 11 computers. Both vulnerabilities are critical because of the possibility of remote code execution. An attacker may be able to deploy or execute malicious code on Windows 11 computer remotely. These critical vulnerabilities are mentioned below:

  • CVE-2021-43217 – this is a remote code execution vulnerability with a CVSS score of 8.1. It requires immediate patching. An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. This vulnerability affects the Windows Encrypting File System (EFS).
  • CVE-2021-43233 – this is a remote code execution vulnerability that has a CVSS score of 7.5. It affects the Remote Desktop Client software. The vulnerability requires immediate patching.


Elevation of Privileges vulnerability on Windows 11- KB5008215

There are 11 vulnerabilities of the type – ‘Elevation of privileges’ on Windows 11 x64 based systems. All these have been fixed on Windows 11 through the security update KB5008215. The vulnerabilities that have been fixed are mentioned below:

  • CVE-2021-43247
  • CVE-2021-43240
  • CVE-2021-43239
  • CVE-2021-43238
  • CVE-2021-43237
  • CVE-2021-43231
  • CVE-2021-43230
  • CVE-2021-43229
  • CVE-2021-43226
  • CVE-2021-41333
  • CVE-2021-43207


Information Disclosure vulnerability on Windows 11 – KB5008215

The KB5008215 security update for Windows 11 x64 based computers resolves six vulnerabilities with a scope of ‘information disclosure’. The security vulnerabilities which have been resolved in the security update and that could potentially cause data theft on a Windows 11 computer are mentioned below:

  • CVE-2021-43236
  • CVE-2021-43235
  • CVE-2021-43227
  • CVE-2021-43224
  • CVE-2021-43222
  • CVE-2021-43216

Remote Code Execution vulnerabilities on Windows 11 – KB5008215

There have been two critical vulnerabilities of the scope of remote code execution. Aside from these, a couple of other remote code execution vulnerabilities with ‘important’ severity levels have been fixed in the Windows 11 security update KB5008215. The two remote code execution vulnerabilities that have been resolved in the KB5008215 are mentioned below:

  • CVE-2021-43232
  • CVE-2021-43234

Denial of Service vulnerability on Windows 11 – KB5008215

Denial of service attacks on Windows 11 computers are possible. There are three such security vulnerabilities that have been patched as part of the security update KB5008215. The four vulnerabilities that could have potentially caused a denial of service attack on Windows 11 computers are:

  • CVE-2021-43246
  • CVE-2021-43228
  • CVE-2021-43219

How can I get the KB5008215 security update for Windows 11?

Windows 11 security update KB5008215 is a part of the service stack update 22000.345. Service stack updates focus on ensuring continuity of the service stack of Windows 11 computers. SSU help in ensuring faster Windows updates, and offer a granular level of control over different security updates. SSU on Windows 11 is combined with a local cumulative update for Windows 11. The build 22000.345 can be made available through one of the following ways:

  • Windows Update on your Windows 11 will automatically download the update through the ‘Windows Update’ program on your computer.
  • Windows Update for Business – the patch downloads automatically.
  • Windows Server Update Service to patch the Windows 11 based computer automatically.
  • Windows Update catalog – you can download the patch manually for applying at a date of your choice.

If you wish to download the Windows 11 security update KB5008215 manually, you can download it through the Windows update catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=KB5008215. This security update is approximately 250 Mb in size. So, downloading and installing it over a fast connection will not take much time.


Quality improvements in KB5008215 for Windows 11

Microsoft has stated that the security update focuses on improving the security internals of the operating system. No quality improvements have been stated on a separate basis. And, no issues or problems have been disclosed or detected after the application of the KB5008215 security update.


You may also like to read the following content related to Microsoft Security Updates for December 2021: