Overview
On December 15th, NSFOCUS CERT monitored that Microsoft released the December security update patch, which fixed 67 security issues, involving widely used products such as Windows, Microsoft Office, Microsoft Visual Studio, and Microsoft PowerShell, including privilege escalation, remote Types of high-risk vulnerabilities such as code execution.
Among the vulnerabilities fixed by Microsoft’s monthly update this month, there are 7 critical vulnerabilities and 60 important vulnerabilities, including 6 0day vulnerabilities:
- Windows AppX Installer Spoofing Vulnerability (CVE-2021-43890)
- NTFS Set Short Name Privilege Escalation Vulnerability (CVE-2021-43240)
- Windows Print Spooler Privilege Escalation Vulnerability (CVE-2021-41333)
- Windows Mobile Device Management Privilege Escalation Vulnerability (CVE-2021-43880)
- Windows Installer Privilege Escalation Vulnerability (CVE-2021-43883)
- Windows Encrypting File System (EFS) Privilege Escalation Vulnerability (CVE-2021-43893)
Relevant users are requested to update the patch as soon as possible for protection. For a complete list of vulnerabilities, please refer to the appendix.
NSFOCUS Remote Security Assessment System (RSAS) has the ability to detect most of the vulnerabilities in Microsoft’s patch update (including CVE-2021-41333, CVE-2021-43880, CVE-2021-43883, CVE-2021-43233, CVE -2021-43893 and other high-risk vulnerabilities), please update the NSFOCUS remote security assessment system plug-in upgrade package to V6.0R02F01.2510 in time, the official website link: http://update.nsfocus.com/update/listRsasDetail/v/vulsys
Reference Link:
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Dec
Description of Major Vulnerabilities
According to the popularity of the product and the importance of the vulnerabilities, we have screened out the most impactful vulnerabilities in this update. Please pay attention to the relevant users:
Windows AppX Installer spoofing vulnerability (CVE-2021-43890):
Attackers can create malicious data packets. After successfully inducing users to open malicious files on the affected system, attackers with low permissions can achieve permission escalation, resulting in arbitrary code execution on the target system with user permissions. At present, the vulnerability has been detected in the wild, and it is being weaponized to spread malware such as Emotet, Trickbot, and Bazaloader.
Official announcement link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43890
Windows Installer privilege escalation vulnerability (CVE-2021-43883):
This vulnerability is bypassed by the patch for the Windows Installer privilege escalation vulnerability (CVE-2021-41379). Local attackers with ordinary user rights can use this vulnerability to elevate to SYSTEM rights. NSFOCUS CERT has issued a security notice on CVE-2021-41379 on November 24.
Official announcement link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43883
iSNS Server memory corruption vulnerability (CVE-2021-43215):
The Internet Storage Name Service (iSNS) protocol is used for the interaction between iSNS server and iSNS client. Unauthenticated attackers use this vulnerability to send specially crafted malicious requests to iSNS Server, which eventually leads to the execution of arbitrary code on the target server, with a CVSS score of 9.8.
Official announcement link:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43215
Microsoft Office app remote code execution vulnerability (CVE-2021-43905):
Attackers can create malicious data packets. After successfully inducing users to open malicious files on the affected system, they can cause arbitrary code to be executed on the target system with user rights, with a CVSS score of 9.6.
Official announcement link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43905
Remote Desktop Client remote code execution vulnerability (CVE-2021-43233):
Attackers can use social engineering, DNS poisoning, or MITM technology to induce victims to connect to a server that has been controlled; in addition, attackers can also compromise legitimate servers, host malicious code on the servers, and then wait for users to connect. Successful exploitation of this vulnerability can cause an attacker to execute arbitrary code on the target system, with a CVSS score of 7.0.
Official announcement link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43233
Windows Print Spooler Privilege Escalation Vulnerability (CVE-2021-41333):
An authenticated local attacker used this vulnerability to execute arbitrary code with SYSTEM privileges on the target system, with a CVSS score of 7.8.
Official announcement link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41333
Visual Studio Code WSL Extension remote code execution vulnerability (CVE-2021-43907):
Visual Studio Code WSL extension components are affected by this vulnerability. Unauthenticated attackers can use this vulnerability to execute arbitrary code on the target system with user rights without user interaction, with a CVSS score of 9.8.
Official announcement link:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43907
Microsoft 4K Wireless Display Adapter remote code execution vulnerability (CVE-2021-43899):
Unauthenticated attackers use this vulnerability to send specially crafted data packets to the target system, which will eventually cause arbitrary code to be executed on the target system with user rights without user interaction, with a CVSS score of 9.8.
Official announcement link:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43899
Microsoft Defender for IoT remote code execution vulnerability (CVE-2021-42310):
In the password reset request, due to the flaw in the linking process between the intermediate certificate and the built-in root CA certificate of the device, the attacker can use this flaw to reset the password of others, which will eventually cause arbitrary code to be executed on the target system with user authority, CVSS score 8.1.
Official announcement link:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42310
Windows Encrypting File System (EFS) remote code execution vulnerability (CVE-2021-43217):
Encrypted File System (EFS) is an encryption method based on digital authentication, which allows users to encrypt only a single file or a single folder to protect the confidentiality of data. Attackers can use this vulnerability to cause a buffer overflow, leading to the execution of arbitrary code, with a CVSS score of 8.1.
Official announcement link:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43217
Windows Mobile Device Management Privilege Escalation Vulnerability (CVE-2021-43880):
Local attackers with ordinary user rights can use this vulnerability to elevate to SYSTEM. NSFOCUS CERT has issued a security notice on this vulnerability on November 24.
Official announcement link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43880
Scope of Impact
The following is the product version that focuses on the vulnerabilities. For other vulnerabilities, please refer to the official announcement link.
| CVE ID | Affected products and versions |
| CVE-2021-43890 | App Installer |
| CVE-2021-43883 CVE-2021-41333 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows RT 8.1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2021-43215 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2021-43905 | Office app |
| CVE-2021-43233 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2021-43907 | Visual Studio Code WSL Extension |
| CVE-2021-43899 | Microsoft 4K Wireless Display Adapter |
| CVE-2021-42310 | Microsoft Defender for IoT |
| CVE-2021-43217 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2021-43880 | Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems |
Mitigation
Patch update
At present, Microsoft has officially released security patches to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install patches as soon as possible for protection. The official download link is:
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Dec
Note: Due to network problems, computer environment problems, etc., the patch update of Windows Update may fail. After installing the patch, the user should check whether the patch has been successfully updated in time.
Right-click the Windows icon, select “Settings (N)”, select “Update and Security”-“Windows Update” to view the prompt information on this page, or click “View Update History” to view the historical update status.
For the unsuccessful installation of the update, you can click the update name to jump to the official Microsoft download page. It is recommended that users click on the link on this page and go to the “Microsoft Update Catalog” website to download the independent program package and install it.
Appendix: List of Vulnerabilities
| Affected product | CVE ID | Vulnerability title | Severity |
| System Center | CVE-2021-42310 | Microsoft Defender for IoT Remote code execution vulnerability | Critical |
| Windows | CVE-2021-43215 | iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | Critical |
| Windows | CVE-2021-43217 | Windows Encrypting File System (EFS) Remote code execution vulnerability | Critical |
| Windows | CVE-2021-43233 | Remote Desktop Client Remote code execution vulnerability | Critical |
| Device | CVE-2021-43899 | Microsoft 4K Wireless Display Adapter Remote code execution vulnerability | Critical |
| Apps | CVE-2021-43905 | Microsoft Office app Remote code execution vulnerability | Critical |
| Visual Studio Code WSL Extension | CVE-2021-43907 | Visual Studio Code WSL Extension Remote code execution vulnerability | Critical |
| Windows | CVE-2021-40441 | Windows Media Center Privilege escalation vulnerability | Important |
| Windows | CVE-2021-40452 | HEVC Video Extensions Remote code execution vulnerability | Important |
| Windows | CVE-2021-40453 | HEVC Video Extensions Remote code execution vulnerability | Important |
| Windows | CVE-2021-41333 | Windows Print Spooler Privilege escalation vulnerability | Important |
| Windows | CVE-2021-41360 | HEVC Video Extensions Remote code execution vulnerability | Important |
| System Center | CVE-2021-41365 | Microsoft Defender for IoT Remote code execution vulnerability | Important |
| Microsoft Office | CVE-2021-42293 | Microsoft Jet Red Database Engine and Access Connectivity Engine Privilege escalation vulnerability | Important |
| Microsoft Office | CVE-2021-42294 | Microsoft SharePoint Server Remote code execution vulnerability | Important |
| Microsoft Office | CVE-2021-42295 | Visual Basic for Applications Information disclosure vulnerabilitiy | Important |
| Microsoft Office | CVE-2021-42309 | Microsoft SharePoint Server Remote code execution vulnerability | Important |
| System Center | CVE-2021-42311 | Microsoft Defender for IoT Remote code execution vulnerability | Important |
| System Center | CVE-2021-42312 | Microsoft Defender for IOT Privilege escalation vulnerability | Important |
| System Center | CVE-2021-42313 | Microsoft Defender for IoT Remote code execution vulnerability | Important |
| System Center | CVE-2021-42314 | Microsoft Defender for IoT Remote code execution vulnerability | Important |
| System Center | CVE-2021-42315 | Microsoft Defender for IoT Remote code execution vulnerability | Important |
| Microsoft Office | CVE-2021-42320 | Microsoft SharePoint Server Spoofing vulnerability | Important |
| Windows | CVE-2021-43207 | Windows Common Log File System Driver Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43214 | Web Media Extensions Remote code execution vulnerability | Important |
| Windows | CVE-2021-43216 | Microsoft Local Security Authority Server (lsasrv) Information disclosure vulnerabilitiy | Important |
| Windows | CVE-2021-43219 | DirectX Graphics Kernel File Denial of Service Vulnerability | Important |
| Windows | CVE-2021-43222 | Microsoft Message Queuing Information disclosure vulnerabilitiy | Important |
| Windows | CVE-2021-43223 | Windows Remote Access Connection Manager Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43224 | Windows Common Log File System Driver Information disclosure vulnerabilitiy | Important |
| Bot Framework SDK for .NET Framework | CVE-2021-43225 | Bot Framework SDK Remote code execution vulnerability | Important |
| Windows | CVE-2021-43226 | Windows Common Log File System Driver Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43227 | Storage Spaces Controller Information disclosure vulnerabilitiy | Important |
| Windows | CVE-2021-43228 | SymCrypt Denial of Service Vulnerability | Important |
| Windows | CVE-2021-43229 | Windows NTFS Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43230 | Windows NTFS Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43231 | Windows NTFS Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43232 | Windows Event Tracing Remote code execution vulnerability | Important |
| Windows | CVE-2021-43234 | Windows Fax Service Remote code execution vulnerability | Important |
| Windows | CVE-2021-43235 | Storage Spaces Controller Information disclosure vulnerabilitiy | Important |
| Windows | CVE-2021-43236 | Microsoft Message Queuing Information disclosure vulnerabilitiy | Important |
| Windows | CVE-2021-43237 | Windows Setup Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43238 | Windows Remote Access Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43239 | Windows Recovery Environment Agent Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43240 | NTFS Set Short Name Privilege escalation vulnerability | Important |
| Microsoft Office | CVE-2021-43242 | Microsoft SharePoint Server Spoofing vulnerability | Important |
| Windows | CVE-2021-43243 | VP9 Video Extensions Information disclosure vulnerabilitiy | Important |
| Windows | CVE-2021-43244 | Windows Kernel Information disclosure vulnerabilitiy | Important |
| Windows | CVE-2021-43245 | Windows Digital TV Tuner Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43246 | Windows Hyper-V Denial of Service Vulnerability | Important |
| Windows | CVE-2021-43247 | Windows TCP/IP Driver Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43248 | Windows Digital Media Receiver Privilege escalation vulnerability | Important |
| Microsoft Office | CVE-2021-43255 | Microsoft Office Trust Center Spoofing vulnerability | Important |
| Microsoft Office | CVE-2021-43256 | Microsoft Excel Remote code execution vulnerability | Important |
| Microsoft Office | CVE-2021-43875 | Microsoft Office Graphics Remote code execution vulnerability | Important |
| ASP.NET Core,Microsoft Visual Studio | CVE-2021-43877 | ASP.NET Core and Visual Studio Privilege escalation vulnerability | Important |
| Windows | CVE-2021-43880 | Windows Mobile Device Management Privilege escalation vulnerability | Important |
| System Center | CVE-2021-43882 | Microsoft Defender for IoT Remote code execution vulnerability | Important |
| Windows | CVE-2021-43883 | Windows Installer Privilege escalation vulnerability | Important |
| System Center | CVE-2021-43888 | Microsoft Defender for IoT Information disclosure vulnerabilitiy | Important |
| System Center | CVE-2021-43889 | Microsoft Defender for IoT Remote code execution vulnerability | Important |
| Apps | CVE-2021-43890 | Windows AppX Installer Spoofing vulnerability | Important |
| Visual Studio Code | CVE-2021-43891 | Visual Studio Code Remote code execution vulnerability | Important |
| Microsoft BizTalk ESB Toolkit | CVE-2021-43892 | Microsoft BizTalk ESB Toolkit Spoofing vulnerability | Important |
| Windows | CVE-2021-43893 | Windows Encrypting File System (EFS) Privilege escalation vulnerability | Important |
| PowerShell | CVE-2021-43896 | Microsoft PowerShell Spoofing vulnerability | Important |
| Visual Studio Code | CVE-2021-43908 | Visual Studio Code Spoofing vulnerability | Important |
Statement
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.
About NSFOCUS
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.
NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).
A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.
