Microsoft releases updates to patch vulnerabilities
Microsoft announces many security updates for issues in its products and services. One of the issues as per Microsoft has been exploited in the wild.
The update is the smallest release since December 2019, and it addresses a total of 44 bugs in Windows, .NET Core & Visual Studio, Azure, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows Codecs Library, Remote Desktop Client, and many more. This step marks another effort in August by Microsoft as earlier this month it patched 7 security flaws in the Microsoft Edge browser.
The most critical vulnerability that is patched is CVE-2021-36948 (CVSS score: 7.8), which affects the Windows Update Medic Service through privilege escalation, allowing a malicious user to exploit a bug to gain elevated access to resources. The criticality of the flaw can be gauged from the fact that the Windows Update Medic Service aids in the remediation and protection of Windows Update components.
Microsoft’s Threat Intelligence Center reported the flaws, where no light has been shed on the extent of the attacks.
Also, read VMware issues patches for vulnerabilities to avoid exploitation of credential information.
Two of the security vulnerabilities include –
- CVE-2021-36942 (CVSS score: 9.8) – Windows LSA Spoofing Vulnerability
- CVE-2021-36936 (CVSS score: 8.8) – Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-36942 has fixes to secure systems against NTLM relay attacks and CVE-2021-36936 looks into remote code execution (RCE) flaw in the Windows Print Spooler component.
CVE-2021-36936 is yet another flaw in the Print Spooler service Microsoft has fixed this month, along with two other vulnerabilities, CVE-2021-36947 and (CVSS score: 8.2) and CVE-2021-34483 (CVSS score: 7.8).
Moreover, Microsoft went a step forward by releasing security updates for CVE-2021-34481 (CVSS score: 8.8) depicting remote code execution in the Print Spooler service. This alters the default behavior of the Point and Print feature, restricting non-administrator users from installing or updating printer drivers through a remote computer or server without first elevating their rights to an administrator.
One more critical flaw in the list of Patches updated includes CVE-2021-26424 (CVSS score: 9.9), a remote code execution flaw in Windows TCP/IP. Microsoft points this vulnerability to be remotely triggerable where a malicious Hyper-V guest sends an ipv6 ping to the Hyper-V host. This allows the threat actor to send a TCP/IP packet to its host by utilizing the TCP/IP Protocol Stack for processing the packets.
The way forward for the users to combat the issues is installing security updates by heading to Start > Settings > Update & Security > Windows Update or by checking for Windows updates.