Microsoft has been busy issuing software security patches over the last few weeks, including an emergency fix to resolve the PrintNightmare vulnerability and 117 fixes as part of its monthly security patch release.
The volume of fixes this month is more than the last two months combined, but is on par with the monthly totals from 2020, according to Zero Day Initiative (ZDI), which published a detailed blog on the vulnerabilities – especially the more critical ones.
The patches address bugs in Windows Dynamics, Exchange Server, Microsoft Office, Windows Storage Spaces Controller, SharePoint Server, Internet Explorer, Visual Studio and Open Enclave.
According to ZDI, 13 of the vulnerabilities are rated critical, 103 are important, and one is rated as moderate.
And, six of these vulnerabilities are publicly known, and four are being actively exploited, Microsoft says. That includes the Windows Print Spooler remote code execution vulnerability which has been dubbed PrintNightmare by the cybersecurity community. The company issued an emergency fix for this last week, and further addresses is in the monthly cumulative updates it released on Tuesday.
According to Microsoft, the vulnerability exists “when the Windows Print Spooler service improperly performs privileged file operations.” A successful attacker could run arbitrary code with system privileges and then install programs; view, change or delete data; or create new accounts with full user rights.
The vulnerability even caught the attention of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which has directed federal agencies to immediately apply the patch.
There have been reports that last week’s patch caused some issues for Windows users, so this more official fix should resolve those problems.
ZDI suggests disabling the Print Spooler service wherever it isn’t needed and restricting the installation of printer drivers to just administrators.
Other actively exploited vulnerabilities are a scripting engine memory corruption bug, and two Windows Kernel elevation of privileges flaws.
In addition to the Microsoft Threat Intelligence center and ZDI, researchers from Google Security, Checkmarx, and Fortinet’s Guard Lab contributed to the disclosures.
Now that these vulnerabilities have been disclosed to the world, you should waste no time in applying Microsoft’s July updates.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!