Microsoft has released the August 2021 Security updates that includes patches for 49 vulnerabilities, 7 of those rated Critical. The updates also include fixes for 3 zero-day bugs exploited in the wild.
A remote attacker could exploit some of these vulnerabilities to take control of unpatched systems.
In all, the Microsoft security updates address vulnerabilities in the following products:
- .NET Core & Visual Studio
- ASP .NET
- Azure Sphere
- Microsoft Azure Active Directory Connect
- Microsoft Dynamics
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Scripting Engine
- Microsoft Windows Codecs Library
- Remote Desktop Client
- Windows Bluetooth Service
- Windows Cryptographic Services
- Windows Defender
- Windows Event Tracing
- Windows Media
- Windows MSHTML Platform
- Windows NTLM
- Windows Print Spooler Components
- Windows Services for NFS ONCRPC XDR Driver
- Windows Storage Spaces Controller
- Windows TCP/IP
- Windows Update
- Windows Update Assistant
- Windows User Profile Service.
The following zero-day vulnerabilities that have known public exploits were fixed in this month’s patches (along with base CVSS score):
- CVE-2021-36936: Windows Print Spooler Remote Code Execution Vulnerability (8.8).
- CVE-2021-36942: Windows LSA Spoofing Vulnerability (7.5).
- CVE-2021-36948: Windows Update Medic Service Elevation of Privilege Vulnerability (7.8).
Microsoft confirmed that “exploitation was detected” on the Windows Update Medic Service vulnerability CVE-2021-36948. The service is a Windows 10 feature designed to repair Windows Update components.
The tech giant also warned the other 2 Important vulnerabilities are “more likely” of being exploited.
Critical RCE vulnerabilities
In addition, Microsoft addressed 7 Critical remote code execution (RCE) vulnerabilities, to include the previously mentioned zero-day CVE-2021-36936, on Windows 10, Windows Server and older Windows desktop versions.
The 7 patched Critical RCE vulnerabilities include:
- CVE-2021-26424: Windows TCP/IP Remote Code Execution Vulnerability.
- CVE-2021-26432: Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability.
- CVE-2021-34480: Scripting Engine Memory Corruption Vulnerability.
- CVE-2021-34530: Windows Graphics Component Remote Code Execution Vulnerability.
- CVE-2021-34534: Windows MSHTML Platform Remote Code Execution Vulnerability.
- CVE-2021-34535: Remote Desktop Client Remote Code Execution Vulnerability.
- CVE-2021-36936: Windows Print Spooler Remote Code Execution Vulnerability.
Most of these RCEs have a higher likelihood of being exploited.
Other security updates
In addition to the Critical RCEs, Microsoft also patched over 42 Important rated vulnerabilities across multiple products to include: Denial of Service, Elevation of Privilege, Information Disclosure, and Spoofing.
Readers can review the August 2021 Security Updates Release Notes and also download more vulnerability and patch details via Microsoft’s Security Update Guide. On related note, also check out the latest Adobe security updates for multiple other Adobe products.
- Adobe releases security updates for Adobe Connect and Magento
- Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks
- Microsoft issues workaround for zero-day ‘SeriousSAM’ vulnerability
- Microsoft July 2021 Security Updates includes fixes for 13 Critical RCEs, 3 zero-day vulnerabilities
- Zloader trojan bypasses Microsoft Office malware-protection defenses
- Microsoft patches PrintNightmare vulnerability
- Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’