Tripwire Patch Priority Index for August 2021 | The State of Security

Tripwire’s August 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft.

First on the patch priority list this month are patches for Microsoft Exchange Server (CVE-2021-34523, CVE-2021-34473, CVE-2021-31207). These vulnerabilities have seen active exploitation. Also, exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible.

Following Exchange, there is a patch available for a Windows LSA spoofing vulnerability. This vulnerability has been publicly disclosed with various research available explaining how to exploit this vulnerability. More details can be found at https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429

Next is a patch for Microsoft Scripting Engine, which resolves a memory corruption vulnerability.

Up next are patches for Microsoft Edge that resolves user after free, heap buffer overflow, and out-of-bounds write vulnerabilities.

Next are patches that affect components of the Windows operating systems. These patches resolve over 25 vulnerabilities, including elevation of privilege, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, print spooler, bluetooth, MPEG-4 video decoder, event tracing, NFS, remote desktop client, TCP/IP, graphics and others.

Lastly, administrators should focus on server-side patches for Microsoft SharePoint and Dynamics. These patches resolve several issues including cross-site scripting, spoofing, and remote code execution vulnerabilities.