{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Windows Server 2012","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 2004 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1909 pour ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1809 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1909 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2019 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server, version 2004 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2019","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2012 R2","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1607 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1809 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 20H2 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 21H1 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 21H1 pour ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2016 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows RT 8.1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 21H1 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 7 pour syst\u00e8mes x64 Service Pack 1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1809 pour ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 2004 pour ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1909 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 20H2 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1607 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2012 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 2004 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 8.1 pour syst\u00e8mes x64","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2016","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 8.1 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server, version 20H2 (Server Core Installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 20H2 pour ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2012 R2 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 pour syst\u00e8mes 32 bits","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 7 pour syst\u00e8mes 32 bits Service Pack 1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"closed_at":"2021-10-19","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-31201","url":"https://www.cve.org/CVERecord?id=CVE-2021-31201"},{"name":"CVE-2021-31955","url":"https://www.cve.org/CVERecord?id=CVE-2021-31955"},{"name":"CVE-2021-33739","url":"https://www.cve.org/CVERecord?id=CVE-2021-33739"},{"name":"CVE-2021-31199","url":"https://www.cve.org/CVERecord?id=CVE-2021-31199"},{"name":"CVE-2021-31956","url":"https://www.cve.org/CVERecord?id=CVE-2021-31956"},{"name":"CVE-2021-33742","url":"https://www.cve.org/CVERecord?id=CVE-2021-33742"}],"links":[],"reference":"CERTFR-2021-ALE-012","revisions":[{"description":"Version initiale","revision_date":"2021-06-09T00:00:00.000000"},{"description":"Cl\u00f4ture de l'alerte. Cela ne signifie pas la fin d'une menace. Seule l'application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l'exploitation de la vuln\u00e9rabilit\u00e9 correspondante.","revision_date":"2021-10-19T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"A l'occasion de sa mise \u00e0 jour mensuelle de juin 2021, Microsoft a\npubli\u00e9 des correctifs, entre autres, pour six vuln\u00e9rabilit\u00e9s qui sont\nactivement exploit\u00e9es dans le cadre d'attaques cibl\u00e9es.\n\nQuatre de ces vuln\u00e9rabilit\u00e9s (CVE-2021-31199, CVE-2021-31201,\nCVE-2021-31956 et CVE-2021-33739) permettent une \u00e9l\u00e9vation de privil\u00e8ge,\nla vuln\u00e9rabilit\u00e9\u00a0CVE-2021-31955 concerne une fuite d'information, enfin\nla vuln\u00e9rabilit\u00e9\u00a0CVE-2021-33742 donne \u00e0 un attaquant la possibilit\u00e9\nd'ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nLorsque ces vuln\u00e9rabilit\u00e9s sont encha\u00een\u00e9es, elles permettent \u00e0 un\nattaquant de prendre compl\u00e8tement la main sur une machine si un\nutilisateur se rend sur un site malveillant.\n\nLe CERT-FR recommande donc l'application des correctifs dans les plus\nbrefs d\u00e9lais.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-33739 du 08 juin 2021","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33739"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-31955 du 08 juin 2021","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31955"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-31201 du 08 juin 2021","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31201"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-31956 du 08 juin 2021","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31956"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-33742 du 08 juin 2021","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33742"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-31199 du 08 juin 2021","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31199"},{"published_at":null,"title":"Avis de s\u00e9curit\u00e9 CERT-FR CERTFR-2021-AVI-448 du 09 juin 2021","url":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-448/"}]}