Article

Alert - Microsoft Security Updates - October 2021

Description

Microsoft has released October 2021 security updates to fix found vulnerabilities in their software products and features that include, but not limited to:

Windows OS: versions 10 and 11
Microsoft Office: versions 2013, 2016 and 2019
Windows Server: versions 2012, 2016, 2019 and 2022
Microsoft Exchange Server: versions 2013, 2016 and 2019
Azure

The released security updates fix more than 71 vulnerabilities that include four zero-day vulnerabilities:

Security Risks

If the identified vulnerabilities in Microsoft products are not patched, malicious actors can exploit them to gain control of vulnerable systems and run malicious code with elevated privileges.

For the full list of security patches released by Microsoft, please refer to Microsoft Security Update Guide.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends all users and system administrators to:

apply the latest security patches, as soon as possible, to prevent unauthorized or undetected control over unpatched systems.
- To apply the latest security updates for Windows OS, select the Start button, go to Settings → Update & Security → Windows Update → Check for Updates and click on Install Now;
upgrade immediately to the latest supported version of installed Microsoft software in order to continue receiving technical support and security patches. The following Microsoft software products reached their end-of-life and need to be upgraded immediately:
- Windows XP, 8, 7;
- Windows Server 2008, 2008 RE;
- and Microsoft Exchange Server 2010

3. Before any update task, please ensure you have backup for your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.

References

October 2021 Security Updates

Security Update Guide

13 October 2021

More updates

08 May 2025

NCSA participates in GISEC to strengthen partnerships and advance cyber resilience

This year’s GISEC Global emphasized the growing role of artificial intelligence in both enabling and combating cyber threats.

04 April 2025

Experts at Global AI summit call for flexible and harmonized data regulations

At the Global AI Summit on Africa, experts highlighted the need for a balanced approach between regulation and innovation.

28 January 2025

5 Ways to Keep Data Private on Data Privacy Day

There’s no better time than International Data Privacy Day to learn simple, effective ways to protect your personal data.

09 January 2025

2025 Data Privacy Week: Empowering organizations to safeguard personal data

The Data Protection Office (DPO) is set to observe National Data Privacy Week from January 27–31, 2025.

Description

Microsoft has released October 2021 security updates to fix found vulnerabilities in their software products and features that include, but not limited to:

Windows OS: versions 10 and 11

Microsoft Office: versions 2013, 2016 and 2019

Windows Server: versions 2012, 2016, 2019 and 2022

Microsoft Exchange Server: versions 2013, 2016 and 2019

Azure

The released security updates fix more than 71 vulnerabilities that include four zero-day vulnerabilities:

CVE-2021-40449

CVE-2021-40469

CVE-2021-41335

CVE-2021-41338

Security Risks

If the identified vulnerabilities in Microsoft products are not patched, malicious actors can exploit them to gain control of vulnerable systems and run malicious code with elevated privileges.

For the full list of security patches released by Microsoft, please refer to Microsoft Security Update Guide.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends all users and system administrators to:

apply the latest security patches, as soon as possible, to prevent unauthorized or undetected control over unpatched systems.

To apply the latest security updates for Windows OS, select the Start button, go to Settings → Update & Security → Windows Update → Check for Updates and click on Install Now;

upgrade immediately to the latest supported version of installed Microsoft software in order to continue receiving technical support and security patches. The following Microsoft software products reached their end-of-life and need to be upgraded immediately:

Windows XP, 8, 7;

Windows Server 2008, 2008 RE;

and Microsoft Exchange Server 2010

3. Before any update task, please ensure you have backup for your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.

References

October 2021 Security Updates

Security Update Guide

	info@ncsa.gov.rw
	9009 / 0781813310
	‎+250 791 445 224