Update Your Windows PCs to Patch 117 New Flaws, Including 9 Zero-Days

Nested Applications

Asset Publisher

null Update Your Windows PCs to Patch 117 New Flaws, Including 9 Zero-Days

Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems.

 

Of the 117 issues, 13 are rated Critical, 103 are rated Important, and one is rated as Moderate in severity, with six of these bugs publicly known at the time of release.

 

The updates span across several of Microsoft's products, including Windows, Bing, Dynamics, Exchange Server, Office, Scripting Engine, Windows DNS, and Visual Studio Code. July also marks a dramatic jump in the volume of vulnerabilities, surpassing the number Microsoft collectively addressed as part of its updates in May (55) and June (50).

 

Chief among the security flaws actively exploited are as follows —

CVE-2021-34527 (CVSS score: 8.8) - Windows Print Spooler Remote Code Execution Vulnerability (publicly disclosed as "PrintNightmare")
CVE-2021-31979 (CVSS score: 7.8) - Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-33771 (CVSS score: 7.8) - Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-34448 (CVSS score: 6.8) - Scripting Engine Memory Corruption Vulnerability
Microsoft also stressed the high attack complexity of CVE-2021-34448, specifically stating that the attacks hinge on the possibility of luring an unsuspecting user into clicking on a link that leads to a malicious website hosted by the adversary and contains a specially-crafted file that's engineered to trigger the vulnerability.

The other five publicly disclosed, but not exploited, zero-day vulnerabilities are listed below —

CVE-2021-34473 (CVSS score: 9.1) - Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-34523 (CVSS score: 9.0) - Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2021-33781 (CVSS score: 8.1) - Active Directory Security Feature Bypass Vulnerability
CVE-2021-33779 (CVSS score: 8.1) - Windows ADFS Security Feature Bypass Vulnerability
CVE-2021-34492 (CVSS score: 8.1) - Windows Certificate Spoofing Vulnerability
"This Patch Tuesday comes just days after out-of-band updates were released to address PrintNightmare — the critical flaw in the Windows Print Spooler service that was found in all versions of Windows" .

 

"While MSFT has released updates to fix the vulnerability, users must still ensure that necessary configurations are set up correctly. Systems with misconfigurations will continue to be at risk of exploitation, even after the latest patch has been applied. PrintNightmare was a highly serious issue that further underscores the importance of marrying detection and remediation" .

 

The PrintNightmare vulnerability has also prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to release an emergency directive, urging federal departments and agencies to apply the latest security updates immediately and disable the print spooler service on servers on Microsoft Active Directory Domain Controllers.

 

Additionally, Microsoft also rectified a security bypass vulnerability in Windows Hello biometrics-based authentication solution (CVE-2021-34466, CVSS score: 5.7) that could permit an adversary to spoof a target's face and get around the login screen.

 

Other critical flaws remediated by Microsoft include remote code execution vulnerabilities affecting Windows DNS Server (CVE-2021-34494, CVSS score 8.8) and Windows Kernel (CVE-2021-34458), the latter of which is rated 9.9 on the CVSS severity scale.

 

"This issue allows a single root input/output virtualization (SR-IOV) device which is assigned to a guest to potentially interfere with its Peripheral Component Interface Express (PCIe) siblings which are attached to other guests or to the root," Microsoft noted in its advisory for CVE-2021-34458, adding Windows instances hosting virtual machines are vulnerable to this flaw.

 

To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update or by selecting Check for Windows updates.

We are a member of First

We are a member of First

 

 

contactpic

 

 

Most Viewed Assets

Most Viewed News

Nested Applications

Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270

                            +251-993531965

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Asset Publisher

tools

Nested Applications

Asset Publisher

values

Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving