Microsoft’s August security patches include fixes for 44 vulnerabilities, including three zero days and one that is being actively exploited.
The most important patches fix issues related to the Windows Print Spooler remote code execution vulnerability and the Windows LSA spoofing vulnerability and an actively exploited vulnerability in Windows Update Medic Service.
Because of the severity of these vulnerabilities, it’s critical that IT admins apply these patches immediately.
It’s not clear if the Print Spooler fixes address the vulnerability known as PrintNightmare or a separate flaw. However, the LSA Spoofing patch further protects against the PetitPotam vulnerability by blocking the LSARPC interface, according to Zero Day Initiative (ZDI).
The actively exploited flaw in Windows Update Medic Service and is an elevation of privilege vulnerability which could be exploited to give attackers elevated permissions to run malicious code. Windows Update Medic Service fixes damages to Windows Update components so users can continue to receive updates without interruption.
Microsoft refrained from releasing any additional details about the vulnerability.
Of all the vulnerabilities addressed in Tuesday’s release, seven are classified as critical and 37 are classified as important. Thirteen are dangerous remote code execution vulnerabilities (which allows a hacker to run malicious code remotely), eight are information disclosure flaws, two are denial of service issues and four are spoofing related.
Other affected tools and services include .NET Core & Visual Studio, ASP .NET, Azure, Azure Sphere, Microsoft Azure Active Directory Connect, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Scripting Engine, Microsoft Windows Codecs Library, Remote Desktop Client, Windows Bluetooth Service, Windows Cryptographic Services, Windows Defender, Windows Event Tracing, Windows Media, Windows MSHTML Platform, Windows Services for NFS ONCRPC XDR Driver, Windows Storage Spaces Controller, Windows TCP/IP, Windows Update, Windows Update Assistant and Windows User Profile Service.
According to (ZDI), the August release is Microsoft’s smallest of 2021 and could be due to resource constraints since the company spent considerable time on the PrintNightmare and PetitPotam vulnerabilities.
Another notable fix addresses a remote code execution vulnerability in Remote Desktop Client that could allow an attacker to take over a system if they can convince an affected RDP client to connect to an RDP server they control, according to ZDI.
Microsoft also issued seven patches for Microsoft Edge, including out-of-bounds read and write vulnerabilities.
For the complete list, visit Microsoft’s Security Response Center page on the patches.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply