Home Critical engine Microsoft Patch Tuesday August 2021 Edition released, here is what is fixed

Microsoft Patch Tuesday August 2021 Edition released, here is what is fixed


Microsoft has released the August 2021 edition of Patch Tuesday. The company releases security patches on the second Tuesday of every month, making it Patch Tuesday. In August 2021 Patch Tuesday, the company released fixes for 44 vulnerabilities. Of these, 7 are critical, 2 have already been disclosed and 1 is in operation according to Microsoft.
Thirteen of the fixes relate to a remote code execution vulnerability, while eight others relate to information disclosure.
Relevant tools include Azure, Windows Update, Windows Print Spooler Components, .Net 5.0, Windows Media, Windows Defender, Remote Desktop Client, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Word and more. One of the most important fixes released includes the Windows To print Spooler Remote Code Execution vulnerability, discovered in June.
“Today we are addressing this risk by changing the default Indicate and Printer driver installation and update behavior to require administrator privileges. Installing this update with the default settings will mitigate publicly documented vulnerabilities in the Windows Print Spooler service. This change will take effect with the installation of security updates released on August 10, 2021 for all supported versions of Windows, and is documented as CVE-2021-34481, ”the company said in an article from blog. The company said the change may impact Windows printing clients in scenarios where non-advanced users could previously add or update printers.
Other critical vulnerabilities would be browse and own, which means that an attacker would have to convince a user to navigate to a specially crafted website.
Other critical and important Zero Day bugs fixed include:
Critical: CVE-2021-34480 Script Engine Memory Corruption Vulnerability
Critical: CVE-2021-34534 MSHTML Windows platform remote code execution vulnerability
Critical: CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability
Critical: CVE-2021-26424 Windows TCP / IP Remote Code Execution Vulnerability
Important: CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability
Important: CVE-2021-36942 Windows LSA spoofing vulnerability
Important: CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability
Important: CVE-2021-34532 Information Disclosure Vulnerability in ASP.NET Core and Visual Studio
Important: CVE-2021-33762 Azure CycleCloud elevation of privilege vulnerability
Important: CVE-2021-30596Chrome: CVE-2021-30596 Incorrect security UI in navigation
Important: CVE-2021-36949 Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability

Source link


Please enter your comment!
Please enter your name here