Microsoft released a Patch update Tuesday for July with fixes for a total of 117 security vulnerabilities, including nine zero -day deficiencies, four of which are said to be under active attack in the wild, potentially allowing enemies to take control of affected systems.
Of the 117 issues, 13 were rated Critical, 103 were rated Important, and one was rated as moderate, with six of these bugs being publicly known at the time of release.
The update covers several Microsoft products, including Windows, Bing, Dynamics, Exchange Server, Office, Scripting Engine, Windows DNS, and Visual Studio Code. July also marked a dramatic jump in the number of vulnerabilities, exceeding the number addressed collectively by Microsoft as part of updates in May (55) and June (50).
Among the security vulnerabilities that are actively exploited are as follows –
- CVE-2021-34527 (CVSS Score: 8.8) – Windows Print Spooler Remote Code Implementation Vulnerability (publicly disclosed as “PrintNightmare”)
- CVE-2021-31979 (CVSS Score: 7.8) – Enhanced Windows Kernel Privilege Vulnerability
- CVE-2021-33771 (CVSS Score: 7.8) – Enhanced Windows Kernel Privilege Vulnerability
- CVE-2021-34448 (CVSS Score: 6.8) – Script Machine Memory Vulnerability
Microsoft also emphasized the high complexity of attacks on CVE-2021-34448, specifically stating that attacks rely on the possibility of enticing unsuspecting users to click links that lead to malicious websites hosted by the enemy and containing specially created files engineered to trigger vulnerability.
Five other vulnerabilities that are openly disclosed, but not exploited, are listed below –
- CVE-2021-34473 (CVSS Score: 9.1) – Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-34523 (CVSS Score: 9.0) – Enhanced Microsoft Exchange Server Privilege Investment
- CVE-2021-33781 (CVSS Score: 8.1) – Vulnerabilities Active Directory Security Features Ignore Vulnerabilities
- CVE-2021-33779 (CVSS Score: 8.1) – Windows ADFS Security Bypass Feature Vulnerability
- CVE-2021-34492 (CVSS Score: 8.1) – Windows Certificate Fraud Vulnerability
“This Tuesday’s patch comes just days after an off -line update was released to address PrintNightmare – a critical vulnerability in the Windows Print Spooler service found in all versions of Windows,” Bharat Jogi, senior manager of vulnerability and threat research at Qualys, told The Hacker News .
“Although MSFT has released updates to fix the vulnerability, users should still ensure the required configurations are set up correctly. Systems with incorrect configurations will continue to be at risk of exploitation, even after the latest patches are applied. PrintNightmare is a very serious issue that further underscores the importance of detection and recovery marriage, “added Jogi.
The PrintNightmare vulnerability also prompted the U.S. Cyber Security and Infrastructure Agency (CISA) to issue emergency directives, urging federal departments and agencies to immediately apply the latest security updates and disable print spooler services on servers on the Microsoft Active Directory Domain Controller.
In addition, Microsoft also fixed a security bypass vulnerability in its Windows Hello biometric-based authentication solution (CVE-2021-34466, CVSS score: 5.7) that allows enemies to fool the target face and surround the login screen.
Other critical shortcomings fixed by Microsoft include remote code execution vulnerabilities affecting Windows DNS Server (CVE-2021-34494, CVSS score 8.8) and Windows Kernel (CVE-2021-34458), the latter rated 9.9 on the CVSS severity scale.
“This problem allows a single root virtualization input / output (SR-IOV) device assigned to a guest to potentially interfere with its Express Interface Component (PCIe) software siblings attached to another guest or to root,” Microsoft said. in his advice for CVE-2021-34458, added an example of Windows hosting virtual machines vulnerable to this shortcoming.
To install the latest security updates, Windows users can go to Start> Settings> Updates & Security> Windows Updates or by selecting Check for Windows updates.
Software Patches From Other Vendors
In addition to Microsoft, patches have also been released by a number of other vendors to address a number of vulnerabilities, including –