Microsoft December Security Updates for Multiple High-Risk Product Vulnerabilities

Microsoft December Security Updates for Multiple High-Risk Product Vulnerabilities

December 16, 2021 | Jie Ji

Overview

On December 15th, NSFOCUS CERT monitored that Microsoft released the December security update patch, which fixed 67 security issues, involving widely used products such as Windows, Microsoft Office, Microsoft Visual Studio, and Microsoft PowerShell, including privilege escalation, remote Types of high-risk vulnerabilities such as code execution.

Among the vulnerabilities fixed by Microsoft’s monthly update this month, there are 7 critical vulnerabilities and 60 important vulnerabilities, including 6 0day vulnerabilities:

  • Windows AppX Installer Spoofing Vulnerability (CVE-2021-43890)
  • NTFS Set Short Name Privilege Escalation Vulnerability (CVE-2021-43240)
  • Windows Print Spooler Privilege Escalation Vulnerability (CVE-2021-41333)
  • Windows Mobile Device Management Privilege Escalation Vulnerability (CVE-2021-43880)
  • Windows Installer Privilege Escalation Vulnerability (CVE-2021-43883)
  • Windows Encrypting File System (EFS) Privilege Escalation Vulnerability (CVE-2021-43893)

Relevant users are requested to update the patch as soon as possible for protection. For a complete list of vulnerabilities, please refer to the appendix.

NSFOCUS Remote Security Assessment System (RSAS) has the ability to detect most of the vulnerabilities in Microsoft’s patch update (including CVE-2021-41333, CVE-2021-43880, CVE-2021-43883, CVE-2021-43233, CVE -2021-43893 and other high-risk vulnerabilities), please update the NSFOCUS remote security assessment system plug-in upgrade package to V6.0R02F01.2510 in time, the official website link: http://update.nsfocus.com/update/listRsasDetail/v/vulsys

Reference Link:

https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Dec

Description of Major Vulnerabilities

According to the popularity of the product and the importance of the vulnerabilities, we have screened out the most impactful vulnerabilities in this update. Please pay attention to the relevant users:

Windows AppX Installer spoofing vulnerability (CVE-2021-43890):

Attackers can create malicious data packets. After successfully inducing users to open malicious files on the affected system, attackers with low permissions can achieve permission escalation, resulting in arbitrary code execution on the target system with user permissions. At present, the vulnerability has been detected in the wild, and it is being weaponized to spread malware such as Emotet, Trickbot, and Bazaloader.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43890

Windows Installer privilege escalation vulnerability (CVE-2021-43883):

This vulnerability is bypassed by the patch for the Windows Installer privilege escalation vulnerability (CVE-2021-41379). Local attackers with ordinary user rights can use this vulnerability to elevate to SYSTEM rights. NSFOCUS CERT has issued a security notice on CVE-2021-41379 on November 24.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43883

iSNS Server memory corruption vulnerability (CVE-2021-43215):

The Internet Storage Name Service (iSNS) protocol is used for the interaction between iSNS server and iSNS client. Unauthenticated attackers use this vulnerability to send specially crafted malicious requests to iSNS Server, which eventually leads to the execution of arbitrary code on the target server, with a CVSS score of 9.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43215

Microsoft Office app remote code execution vulnerability (CVE-2021-43905):

Attackers can create malicious data packets. After successfully inducing users to open malicious files on the affected system, they can cause arbitrary code to be executed on the target system with user rights, with a CVSS score of 9.6.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43905

Remote Desktop Client remote code execution vulnerability (CVE-2021-43233):

Attackers can use social engineering, DNS poisoning, or MITM technology to induce victims to connect to a server that has been controlled; in addition, attackers can also compromise legitimate servers, host malicious code on the servers, and then wait for users to connect. Successful exploitation of this vulnerability can cause an attacker to execute arbitrary code on the target system, with a CVSS score of 7.0.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43233

Windows Print Spooler Privilege Escalation Vulnerability (CVE-2021-41333):

An authenticated local attacker used this vulnerability to execute arbitrary code with SYSTEM privileges on the target system, with a CVSS score of 7.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41333

Visual Studio Code WSL Extension remote code execution vulnerability (CVE-2021-43907):

Visual Studio Code WSL extension components are affected by this vulnerability. Unauthenticated attackers can use this vulnerability to execute arbitrary code on the target system with user rights without user interaction, with a CVSS score of 9.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43907

Microsoft 4K Wireless Display Adapter remote code execution vulnerability (CVE-2021-43899):

Unauthenticated attackers use this vulnerability to send specially crafted data packets to the target system, which will eventually cause arbitrary code to be executed on the target system with user rights without user interaction, with a CVSS score of 9.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43899

Microsoft Defender for IoT remote code execution vulnerability (CVE-2021-42310):

In the password reset request, due to the flaw in the linking process between the intermediate certificate and the built-in root CA certificate of the device, the attacker can use this flaw to reset the password of others, which will eventually cause arbitrary code to be executed on the target system with user authority, CVSS score 8.1.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42310

Windows Encrypting File System (EFS) remote code execution vulnerability (CVE-2021-43217):

Encrypted File System (EFS) is an encryption method based on digital authentication, which allows users to encrypt only a single file or a single folder to protect the confidentiality of data. Attackers can use this vulnerability to cause a buffer overflow, leading to the execution of arbitrary code, with a CVSS score of 8.1.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43217

Windows Mobile Device Management Privilege Escalation Vulnerability (CVE-2021-43880):

Local attackers with ordinary user rights can use this vulnerability to elevate to SYSTEM. NSFOCUS CERT has issued a security notice on this vulnerability on November 24.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43880

Scope of Impact

The following is the product version that focuses on the vulnerabilities. For other vulnerabilities, please refer to the official announcement link.

CVE IDAffected products and versions
CVE-2021-43890App Installer
CVE-2021-43883
CVE-2021-41333  
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows RT 8.1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2021-43215Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1 Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2021-43905Office app
CVE-2021-43233Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2021-43907Visual Studio Code WSL Extension
CVE-2021-43899Microsoft 4K Wireless Display Adapter
CVE-2021-42310Microsoft Defender for IoT
CVE-2021-43217Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2021-43880Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems

Mitigation

Patch update

At present, Microsoft has officially released security patches to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install patches as soon as possible for protection. The official download link is:

https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Dec

Note: Due to network problems, computer environment problems, etc., the patch update of Windows Update may fail. After installing the patch, the user should check whether the patch has been successfully updated in time.

Right-click the Windows icon, select “Settings (N)”, select “Update and Security”-“Windows Update” to view the prompt information on this page, or click “View Update History” to view the historical update status.

For the unsuccessful installation of the update, you can click the update name to jump to the official Microsoft download page. It is recommended that users click on the link on this page and go to the “Microsoft Update Catalog” website to download the independent program package and install it.

Appendix: List of Vulnerabilities

Affected productCVE IDVulnerability titleSeverity
System CenterCVE-2021-42310Microsoft Defender for IoT Remote code execution vulnerabilityCritical
WindowsCVE-2021-43215iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code ExecutionCritical
WindowsCVE-2021-43217Windows Encrypting File System (EFS) Remote code execution vulnerabilityCritical
WindowsCVE-2021-43233Remote Desktop Client Remote code execution vulnerabilityCritical
DeviceCVE-2021-43899Microsoft 4K Wireless Display Adapter Remote code execution vulnerabilityCritical
AppsCVE-2021-43905Microsoft Office app Remote code execution vulnerabilityCritical
Visual Studio Code WSL ExtensionCVE-2021-43907Visual Studio Code WSL Extension Remote code execution vulnerabilityCritical
WindowsCVE-2021-40441Windows Media Center Privilege escalation vulnerabilityImportant
WindowsCVE-2021-40452HEVC Video Extensions Remote code execution vulnerabilityImportant
WindowsCVE-2021-40453HEVC Video Extensions Remote code execution vulnerabilityImportant
WindowsCVE-2021-41333Windows Print Spooler Privilege escalation vulnerabilityImportant
WindowsCVE-2021-41360HEVC Video Extensions Remote code execution vulnerabilityImportant
System CenterCVE-2021-41365Microsoft Defender for IoT Remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2021-42293Microsoft Jet Red Database Engine and Access Connectivity Engine Privilege escalation vulnerabilityImportant
Microsoft OfficeCVE-2021-42294Microsoft SharePoint Server Remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2021-42295Visual Basic for Applications Information disclosure vulnerabilitiyImportant
Microsoft OfficeCVE-2021-42309Microsoft SharePoint Server Remote code execution vulnerabilityImportant
System CenterCVE-2021-42311Microsoft Defender for IoT Remote code execution vulnerabilityImportant
System CenterCVE-2021-42312Microsoft Defender for IOT Privilege escalation vulnerabilityImportant
System CenterCVE-2021-42313Microsoft Defender for IoT Remote code execution vulnerabilityImportant
System CenterCVE-2021-42314Microsoft Defender for IoT Remote code execution vulnerabilityImportant
System CenterCVE-2021-42315Microsoft Defender for IoT Remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2021-42320Microsoft SharePoint Server Spoofing vulnerabilityImportant
WindowsCVE-2021-43207Windows Common Log File System Driver Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43214Web Media Extensions Remote code execution vulnerabilityImportant
WindowsCVE-2021-43216Microsoft Local Security Authority Server (lsasrv) Information disclosure vulnerabilitiyImportant
WindowsCVE-2021-43219DirectX Graphics Kernel File Denial of Service VulnerabilityImportant
WindowsCVE-2021-43222Microsoft Message Queuing Information disclosure vulnerabilitiyImportant
WindowsCVE-2021-43223Windows Remote Access Connection Manager Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43224Windows Common Log File System Driver Information disclosure vulnerabilitiyImportant
Bot Framework SDK for .NET FrameworkCVE-2021-43225Bot Framework SDK Remote code execution vulnerabilityImportant
WindowsCVE-2021-43226Windows Common Log File System Driver Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43227Storage Spaces Controller Information disclosure vulnerabilitiyImportant
WindowsCVE-2021-43228SymCrypt Denial of Service VulnerabilityImportant
WindowsCVE-2021-43229Windows NTFS Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43230Windows NTFS Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43231Windows NTFS Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43232Windows Event Tracing Remote code execution vulnerabilityImportant
WindowsCVE-2021-43234Windows Fax Service Remote code execution vulnerabilityImportant
WindowsCVE-2021-43235Storage Spaces Controller Information disclosure vulnerabilitiyImportant
WindowsCVE-2021-43236Microsoft Message Queuing Information disclosure vulnerabilitiyImportant
WindowsCVE-2021-43237Windows Setup Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43238Windows Remote Access Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43239Windows Recovery Environment Agent Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43240NTFS Set Short Name Privilege escalation vulnerabilityImportant
Microsoft OfficeCVE-2021-43242Microsoft SharePoint Server Spoofing vulnerabilityImportant
WindowsCVE-2021-43243VP9 Video Extensions Information disclosure vulnerabilitiyImportant
WindowsCVE-2021-43244Windows Kernel Information disclosure vulnerabilitiyImportant
WindowsCVE-2021-43245Windows Digital TV Tuner Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43246Windows Hyper-V Denial of Service VulnerabilityImportant
WindowsCVE-2021-43247Windows TCP/IP Driver Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43248Windows Digital Media Receiver Privilege escalation vulnerabilityImportant
Microsoft OfficeCVE-2021-43255Microsoft Office Trust Center Spoofing vulnerabilityImportant
Microsoft OfficeCVE-2021-43256Microsoft Excel Remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2021-43875Microsoft Office Graphics Remote code execution vulnerabilityImportant
ASP.NET Core,Microsoft Visual StudioCVE-2021-43877ASP.NET Core and Visual Studio Privilege escalation vulnerabilityImportant
WindowsCVE-2021-43880Windows Mobile Device Management Privilege escalation vulnerabilityImportant
System CenterCVE-2021-43882Microsoft Defender for IoT Remote code execution vulnerabilityImportant
WindowsCVE-2021-43883Windows Installer Privilege escalation vulnerabilityImportant
System CenterCVE-2021-43888Microsoft Defender for IoT Information disclosure vulnerabilitiyImportant
System CenterCVE-2021-43889Microsoft Defender for IoT Remote code execution vulnerabilityImportant
AppsCVE-2021-43890Windows AppX Installer Spoofing vulnerabilityImportant
Visual Studio CodeCVE-2021-43891Visual Studio Code Remote code execution vulnerabilityImportant
Microsoft BizTalk ESB ToolkitCVE-2021-43892Microsoft BizTalk ESB Toolkit Spoofing vulnerabilityImportant
WindowsCVE-2021-43893Windows Encrypting File System (EFS) Privilege escalation vulnerabilityImportant
PowerShellCVE-2021-43896Microsoft PowerShell Spoofing vulnerabilityImportant
Visual Studio CodeCVE-2021-43908Visual Studio Code Spoofing vulnerabilityImportant

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.

NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).

A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.