- I opened up a cheap 600W charger to test its build, and found 'goo' inside
- How to negotiate like a pro: 4 secrets to success
- One of the cheapest Android tablets I've ever tested replaced my iPad with no sweat
- I use this cheap Android tablet more than my iPad Pro - and don't regret it
- The LG soundbar made my home audio sound like a theater - even though it's not the newest model
Microsoft Releases High Priority Fixes in August Patch Tuesday
Microsoft fixed a total of 44 vulnerabilities during this month’s patch Tuesday, seven of which were rated as ‘Critical.’
While it was a much lighter Patch Tuesday than the past few months, the tech giant released several high-priority fixes.
These included new patches released to “more completely” address two publicly disclosed Print Spooler vulnerabilities, CVE-2021-34481 and CVE-2021-36936. Chris Goettl, senior director of product management at Ivanti, explained that these fixes should be an especially high priority in light of the public disclosure.
“In this case, right on the tails of multiple known exploited print spooler vulnerabilities, including PrintNightmare (CVE-2021-34527), the risk of these publicly disclosed vulnerabilities being exploited has increased,” he said.
“As a threat actor investigates code for vulnerabilities, they will potentially be looking for multiple ways to exploit a weak code area. White Hat researchers were able to uncover and report these additional exploits, so we should expect threat actors to be able to identify these additional vulnerabilities as well.”
Microsoft also published details of an elevation of privilege vulnerability, CVE-2021-36934, on July 20th. Adam Bunn, lead software engineer at Rapid7, said administrators should prioritize taking action on this vulnerability, which he warned requires significant workarounds. He explained, “With a public proof-of-concept having been available for some time, administrators should prioritize taking action on CVE-2021-36934. Remediation for this vulnerability requires volume shadow copies for system files to be deleted. This is due to the nature of the vulnerability, as the files with the vulnerable permissions could be restored from a backup and accessed even after the patch is installed. Microsoft indicates they took caution not to delete users’ backups, but the trade-off is that customers will need to do the chore themselves.”
Bunn believes another high priority for patching teams should be CVE-2021-36942, one of the vulnerabilities exploited in the PetitPotam attack. “After applying this update, there are additional configurations required in order to protect systems from other attack vectors using registry keys,” he added.
A resolution was also released for an elevation of Privilege vulnerability (CVE-2021-36948) in Windows Update Medic Service, which Microsoft rated as ‘Important.’ This affects Windows 10 1809 and Server 2019 and later OS versions and has been publicly disclosed, which Goettl noted puts it “at higher risk of being exploited.”
There was a fix for a zero day in Windows 10 1809 and Server 2019 and later OS versions, CVE-2021-36948. This elevation of privilege vulnerability in the Windows Update Medic Service was assigned as ‘Important’ by Microsoft.
Additionally, there were several updates released by Mozilla for Mozilla Firefox, Firefox ESR and Thunderbird this month. The Firefox updates are rated ‘High’, resolving 11 CVEs.
