{"id":17881,"date":"2021-10-15T15:16:25","date_gmt":"2021-10-15T13:16:25","guid":{"rendered":"https:\/\/www.kaspersky.fr\/blog\/?p=17881"},"modified":"2021-10-15T15:16:25","modified_gmt":"2021-10-15T13:16:25","slug":"october-patch-tuesday-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.kaspersky.fr\/blog\/october-patch-tuesday-vulnerabilities\/17881\/","title":{"rendered":"71 raisons de mettre Windows \u00e0 jour d\u00e8s que possible"},"content":{"rendered":"<p>Lors du dernier Patch Tuesday, Microsoft a corrig\u00e9 71 vuln\u00e9rabilit\u00e9s. La plus dangereuse est CVE-2021-40449, une faille de type <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/use-after-free\/\" target=\"_blank\" rel=\"noopener\">Use-After-Free<\/a> qui se trouve dans le pilote Win32k et que les <a href=\"https:\/\/www.kaspersky.fr\/blog\/mysterysnail-cve-2021-40449\/17877\/\" target=\"_blank\" rel=\"noopener\">cybercriminels exploitent d\u00e9j\u00e0 activement<\/a>.<\/p>\n<p>De plus, Microsoft a mis un terme \u00e0 trois vuln\u00e9rabilit\u00e9s critiques d\u00e9j\u00e0 connues publiquement. Pour le moment, les experts de Microsoft consid\u00e8rent que la probabilit\u00e9 qu\u2019elles soient exploit\u00e9es est \u00ab\u00a0moins importante\u00a0\u00bb. Les experts en s\u00e9curit\u00e9 discutent activement de ces vuln\u00e9rabilit\u00e9s et des <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/poc-proof-of-concept\/\" target=\"_blank\" rel=\"noopener\">preuves de concept<\/a> sont disponibles sur Internet, ce qui veut dire qu\u2019un cybercriminel pourrait essayer de les exploiter.<\/p>\n<h2>Vuln\u00e9rabilit\u00e9 du noyau de Microsoft Windows<\/h2>\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-41335\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-41335<\/a>, la vuln\u00e9rabilit\u00e9 la plus dangereuse des trois, a obtenu un score CVSS de 7,8. Elle se trouve dans le noyau de Microsoft Windows et permet d\u2019\u00e9lever les privil\u00e8ges lors d\u2019un \u00e9ventuel processus malveillant.<\/p>\n<h2>Contournement de Windows AppContainer<\/h2>\n<p>La seconde vuln\u00e9rabilit\u00e9, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-41338\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-41338<\/a>, implique le contournement des restrictions de l\u2019environnement de Windows AppContainer qui prot\u00e8ge les applications et les processus. Si certaines conditions sont remplies, une personne non autoris\u00e9e peut l\u2019exploiter gr\u00e2ce aux r\u00e8gles par d\u00e9faut de la plateforme de filtrage Windows (WFP). Cela pourrait notamment permettre une \u00e9l\u00e9vation de privil\u00e8ges.<\/p>\n<p>Les membres de Project Zero de Google <a href=\"https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=2207\" target=\"_blank\" rel=\"noopener nofollow\">ont d\u00e9couvert cette vuln\u00e9rabilit\u00e9 en juillet<\/a> et l\u2019ont signal\u00e9e \u00e0 Windows, laissant ainsi \u00e0 l\u2019entreprise 90 jours pour la corriger et finalement publier la preuve de concept sur le domaine public. Cette vuln\u00e9rabilit\u00e9 a un score CVSS de 5,5.<\/p>\n<h2>Vuln\u00e9rabilit\u00e9 dans le serveur DNS Windows<\/h2>\n<p>La vuln\u00e9rabilit\u00e9 <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-40469\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-40469<\/a> ne concerne que les dispositifs Microsoft Windows qui fonctionnent comme serveurs DNS. En revanche, toutes les versions actuelles du serveur du syst\u00e8me d\u2019exploitation, de Server 2008 jusqu\u2019au tout nouveau Server 2022, sont vuln\u00e9rables. CVE-2021-40469 permet <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/remote-code-execution-rce\/\" target=\"_blank\" rel=\"noopener\">l\u2019ex\u00e9cution d\u2019un code \u00e0 distance<\/a> dans le serveur et a obtenu un score CVSS de 7,2.<\/p>\n<h2>Comment prot\u00e9ger votre entreprise<\/h2>\n<p>Les <a href=\"https:\/\/www.kaspersky.fr\/blog\/most-common-initial-attack-vectors\/17864\/\" target=\"_blank\" rel=\"noopener\">r\u00e9sultats<\/a> de notre rapport <em>Incident Response Analyst 2021<\/em>, r\u00e9dig\u00e9 par nos coll\u00e8gues de <a href=\"https:\/\/www.kaspersky.fr\/enterprise-security\/incident-response?icid=fr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">Kaspersky Incident Response<\/a>, montrent que les vuln\u00e9rabilit\u00e9s restent des vecteurs d\u2019attaque initiaux privil\u00e9gi\u00e9s. De plus, ces failles ne sont pas n\u00e9cessairement les plus r\u00e9centes. Les vuln\u00e9rabilit\u00e9s zero-day ne sont pas la principale menace\u00a0; il s\u2019agit plut\u00f4t des utilisateurs qui remettent l\u2019installation des mises \u00e0 jour \u00e0 plus tard. Ainsi, nous vous conseillons toujours d\u2019installer les mises \u00e0 jour d\u00e8s que possible sur tous les dispositifs connect\u00e9s. Les mises \u00e0 jour sont particuli\u00e8rement importantes pour les applications critiques comme le syst\u00e8me d\u2019exploitation, les navigateurs et les solutions de s\u00e9curit\u00e9.<\/p>\n<p>Pour prot\u00e9ger votre entreprise contre les attaques qui exploitent les vuln\u00e9rabilit\u00e9s zero-day, installez des <a href=\"https:\/\/www.kaspersky.fr\/small-to-medium-business-security?icid=fr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">solutions de s\u00e9curit\u00e9 \u00e9quip\u00e9es de technologies de protection proactive<\/a>\u00a0capables de d\u00e9tecter ces exploits.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb\">\n","protected":false},"excerpt":{"rendered":"<p>Lors du Patch Tuesday d\u2019octobre, Microsoft a corrig\u00e9 71 vuln\u00e9rabilit\u00e9s dont plusieurs particuli\u00e8rement critiques.<\/p>\n","protected":false},"author":2581,"featured_media":17882,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2112,3150,3151],"tags":[322,23],"class_list":{"0":"post-17881","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-smb","10":"tag-vulnerabilites","11":"tag-windows"},"hreflang":[{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/october-patch-tuesday-vulnerabilities\/17881\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/october-patch-tuesday-vulnerabilities\/23494\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/18971\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/25571\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/october-patch-tuesday-vulnerabilities\/23643\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/23096\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/october-patch-tuesday-vulnerabilities\/26225\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/october-patch-tuesday-vulnerabilities\/25779\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/october-patch-tuesday-vulnerabilities\/31715\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/october-patch-tuesday-vulnerabilities\/10168\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/42462\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/october-patch-tuesday-vulnerabilities\/18284\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/october-patch-tuesday-vulnerabilities\/15415\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/october-patch-tuesday-vulnerabilities\/27560\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/october-patch-tuesday-vulnerabilities\/31817\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/october-patch-tuesday-vulnerabilities\/27724\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/october-patch-tuesday-vulnerabilities\/24485\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/october-patch-tuesday-vulnerabilities\/29846\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/october-patch-tuesday-vulnerabilities\/29644\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.fr\/blog\/tag\/vulnerabilites\/","name":"Vuln\u00e9rabilit\u00e9s"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/17881","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/comments?post=17881"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/17881\/revisions"}],"predecessor-version":[{"id":17885,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/17881\/revisions\/17885"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media\/17882"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media?parent=17881"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/categories?post=17881"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/tags?post=17881"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}