Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

CVE-2021-40460 : What You Need to Know

Learn about CVE-2021-40460, a Security Feature Bypass vulnerability in Windows Remote Procedure Call Runtime impacting Microsoft products. Find out the affected systems and mitigation steps.

This CVE article provides details about the Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability affecting various Microsoft products.

Understanding CVE-2021-40460

This section delves into the specifics of CVE-2021-40460, including its impact, affected systems, and mitigation strategies.

What is CVE-2021-40460?

The CVE-2021-40460 pertains to a Security Feature Bypass vulnerability within the Windows Remote Procedure Call Runtime.

The Impact of CVE-2021-40460

The vulnerability is rated as MEDIUM in severity with a base score of 6.5. It can allow an attacker to bypass security features on affected systems.

Technical Details of CVE-2021-40460

In this section, the technical aspects of the CVE are explored, including its description, affected systems, and exploitation mechanism.

Vulnerability Description

The vulnerability allows for a security feature bypass in the Windows Remote Procedure Call Runtime.

Affected Systems and Versions

        Windows 10 Version 1809 (10.0.17763.2237)
        Windows Server 2019 (10.0.17763.2237)
        Windows 10 Version 1909 (10.0.18363.1854)
        Windows 10 Version 21H1 (10.0.19043.1288)
        Windows Server 2022 (10.0.20348.288)
        Windows 10 Version 2004 (10.0.19041.1288)
        Windows Server version 2004 (10.0.19041.1288)
        Windows 10 Version 20H2 (10.0.19042.1288)
        Windows Server version 20H2 (10.0.19042.1288)
        Windows 11 version 21H2 (10.0.22000.258)
        Windows 10 Version 1507 (10.0.10240.19086)
        Windows 10 Version 1607 (10.0.14393.4704)
        Windows Server 2016 (10.0.14393.4704)
        Windows Server 2016 (Server Core installation) (10.0.14393.4704)
        Windows 7 (6.1.7601.25740)
        Windows 7 Service Pack 1 (6.1.7601.25740)
        Windows 8.1 (6.3.9600.20144)
        Windows Server 2008 R2 Service Pack 1 (6.1.7601.25740)
        Windows Server 2008 R2 Service Pack 1 (Server Core installation) (6.1.7601.25740)
        Windows Server 2012 (6.2.9200.23490)
        Windows Server 2012 (Server Core installation) (6.2.9200.23490)
        Windows Server 2012 R2 (6.3.9600.20144)
        Windows Server 2012 R2 (Server Core installation) (6.3.9600.20144)

Exploitation Mechanism

The vulnerability can be exploited by attackers to bypass security mechanisms and compromise the affected systems.

Mitigation and Prevention

In this section, you will find recommendations for mitigating the CVE-2021-40460 vulnerability.

Immediate Steps to Take

        Apply the necessary security updates provided by Microsoft.
        Monitor for any suspicious activities on the network.

Long-Term Security Practices

        Keep systems up to date with the latest software patches.
        Conduct regular security audits to identify and address vulnerabilities.

Patching and Updates

        Microsoft has released patches to address the vulnerability. Ensure all relevant systems are updated with the latest security fixes.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now