The July 2021 Security Update Review



Informationsportal Cybersicherheit interne Portal Nachrichten

TSEC NEWS (572 Quellen): 11.08.22 Perofrmance fix. Download Android App Android App von Team IT Security


Informationsportal Cybersecurity Chronologie für Nachrichtenthemen


The July 2021 Security Update Review

thezdi.com

The second Tuesday of the month is here, and it brings with it the latest security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings.

Adobe Patches for July 2021

For July, Adobe released five patches addressing 29 CVEs in Adobe Dimension, Illustrator, Framemaker, Acrobat and Reader, and Adobe Bridge. A total of 15 of these bugs were reported through the ZDI program with several being discovered by ZDI researchers Mat Powell and Joshua Smith. The update for update Acrobat and Reader fixes 19 different bugs – several of which could lead to code execution if an attacker can convince a user to open a malicious PDF with an affected version. The update for Dimension also could allow code execution. For Illustrator, three bugs are being fixed. The two that allow for code execution occur in during the processing of PDF and JPEG2000 files. These issues result from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. Similar Out-Of-Bounds (OOB) Write bugs exist in the five fixes for Bridge. Again, code execution would occur at the level of the logged-on user. The single CVE fixed by the Framemaker patch corrects an OOB Write that exists within the parsing of TrueType fonts embedded in PDF files.

None of the bugs fixed this month by Adobe are listed as publicly known or under active attack at the time of release.

Microsoft Patches for July 2021

For July, Microsoft released patches for 117 CVEs in Microsoft Windows, Dynamics, Exchange Server, Microsoft Office, Windows Storage Spaces Controller, Bing, SharePoint Server, Internet Explorer (IE), Visual Studio, and OpenEnclave. A total of 17 of these bugs were reported through the ZDI program. Of these 117 bugs, 13 are rated Critical, 103 are rated Important, and one is rated as Moderate in severity. This volume of fixes is more than the last two months combined and on par with the monthly totals from 2020. Perhaps the lowered rate seen in the prior months was an aberration. According to Microsoft, six of these bugs are publicly known and four are listed as under active attack at the time of release.

Let’s take a closer look at some of the more interesting updates for this month, starting with a bug that’s already received a lot of (warranted) attention:

-       CVE-2021-34527 - Windows Print Spooler Remote Code Execution Vulnerability
Much has already been written about this currently exploited bug also known as PrintNightmare. Microsoft released an Out-of-Band (OOB) patch for this bug on July 1, and they have updated it multiple times since then. There have been reports the patch is ineffective, but Microsoft insists it works – provided certain registry keys have the correct values. Enterprises should verify these registry keys are configured as intended and get this patch rolled out. It’s also a fine time to disable the Print Spooler service wherever it isn’t needed and restrict the installation of printer drivers to just administrators.

-       CVE-2021-34448 - Scripting Engine Memory Corruption Vulnerability
This bug is also listed as under active exploit, but there’s no indication of how widespread the attack is. The vulnerability allows an attacker to execute their code on an affected system if a user browses to a specially crafted website. The code execution would occur at the logged-on user level. This is also a case where CVSS doesn’t quite offer a true glimpse of the threat. Microsoft lists the attack complexity as high, which knocks this from a high severity (>8) to a medium severity (6.8). However, if there are already active attacks, does complexity matter? Regardless, treat this as critical since it could allow code execution on every supported version of Windows.

-       CVE-2021-34494 - Windows DNS Server Remote Code Execution Vulnerability
This bug is currently not under active attack, but considering the severity, there are those who will work to change that status. This bug could allow remote code execution at a privileged service level on a listening network port without user interaction. You would be correct in thinking that equates to a wormable bug. This is restricted to DNS Servers only, but if there’s one system you don’t want wormed, it’s probably your DNS server. Definitely test and deploy this one quickly.

-       CVE-2021-34458 - Windows Kernel Remote Code Execution Vulnerability
It’s rare to see remote code execution in a kernel bug, but this is that rare exception. This bug impacts systems hosting virtual machines with single root input/output virtualization (SR-IOV) devices. It’s not clear how widespread this configuration is, but considering this bug rates as a CVSS 9.9, it’s not one to ignore. If you have virtual machines in your environment, test and patch quickly.

Here’s the full list of CVEs released by Microsoft for July 2021:

CVE Title Severity CVSS Public Exploited Type
CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability Critical 8.8 Yes Yes RCE
CVE-2021-34448 Scripting Engine Memory Corruption Vulnerability Critical 6.8 No Yes RCE
CVE-2021-31979 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No Yes EoP
CVE-2021-33771 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No Yes EoP
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 9.1 Yes No RCE
CVE-2021-33781 Active Directory Security Feature Bypass Vulnerability Important 8.1 Yes No SFB
CVE-2021-34523 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 9 Yes No EoP
CVE-2021-33779 Windows ADFS Security Feature Bypass Vulnerability Important 8.1 Yes No SFB
CVE-2021-34492 Windows Certificate Spoofing Vulnerability Important 8.1 Yes No Spoofing
CVE-2021-34474 Dynamics Business Central Remote Code Execution Vulnerability Critical 8 No No RCE
CVE-2021-34464 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 No No RCE
CVE-2021-34522 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 No No RCE
CVE-2021-34439 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Critical 7.8 No No RCE
CVE-2021-34503 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Critical 7.8 No No RCE
CVE-2021-34494 Windows DNS Server Remote Code Execution Vulnerability Critical 8.8 No No RCE
CVE-2021-34450 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.5 No No RCE
CVE-2021-34458 Windows Kernel Remote Code Execution Vulnerability Critical 9.9 No No RCE
CVE-2021-33740 Windows Media Remote Code Execution Vulnerability Critical 7.8 No No RCE
CVE-2021-34497 Windows MSHTML Platform Remote Code Execution Vulnerability Critical 6.8 No No RCE
CVE-2021-34476 Bowser.sys Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2021-34489 DirectWrite Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34440 GDI+ Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-31947 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33775 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33776 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33777 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33778 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33760 Media Foundation Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-33753 Microsoft Bing Search Spoofing Vulnerability Important 4.7 No No Spoofing
CVE-2021-34501 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34518 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33766 Microsoft Exchange Information Disclosure Vulnerability Important 7.3 No No Info
CVE-2021-33768 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 8 No No EoP
CVE-2021-34470 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 8 No No EoP
CVE-2021-31196 Microsoft Exchange Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2021-31206 Microsoft Exchange Server Remote Code Execution Vulnerability Important 7.6 No No RCE
CVE-2021-34451 Microsoft Office Online Server Spoofing Vulnerability Important 5.3 No No Spoofing
CVE-2021-34469 Microsoft Office Security Feature Bypass Vulnerability Important 8.2 No No SFB
CVE-2021-34467 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 7.1 No No RCE
CVE-2021-34468 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 7.1 No No RCE
CVE-2021-34520 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.1 No No RCE
CVE-2021-34517 Microsoft SharePoint Server Spoofing Vulnerability Important 5.3 No No Spoofing
CVE-2021-34479 Microsoft Visual Studio Spoofing Vulnerability Important 7.8 No No Spoofing
CVE-2021-34441 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34452 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33767 Open Enclave SDK Elevation of Privilege Vulnerability Important 8.2 No No EoP
CVE-2021-31984 Power BI Remote Code Execution Vulnerability Important 7.6 No No RCE
CVE-2021-34521 Raw Image Extension Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33751 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2021-34460 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34510 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34512 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34513 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34509 Storage Spaces Controller Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-34477 Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34528 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34529 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34449 Win32k Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2021-34516 Win32k Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34491 Win32k Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-34504 Windows Address Book Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33785 Windows AF_UNIX Socket Provider Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2021-34459 Windows AppContainer Elevation Of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34462 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2021-33782 Windows Authenticode Spoofing Vulnerability Important 5.5 No No Spoofing
CVE-2021-33784 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34488 Windows Console Driver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34461 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-33759 Windows Desktop Bridge Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-33745 Windows DNS Server Denial of Service Vulnerability Important 6.5 No No DoS
CVE-2021-34442 Windows DNS Server Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2021-34444 Windows DNS Server Denial of Service Vulnerability Important 6.5 No No DoS
CVE-2021-34499 Windows DNS Server Denial of Service Vulnerability Important 6.5 No No DoS
CVE-2021-33746 Windows DNS Server Remote Code Execution Vulnerability Important 8 No No RCE
CVE-2021-33754 Windows DNS Server Remote Code Execution Vulnerability Important 8 No No RCE
CVE-2021-33780 Windows DNS Server Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-34525 Windows DNS Server Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-33749 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-33750 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-33752 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-33756 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-33774 Windows Event Tracing Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2021-34455 Windows File History Service Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34438 Windows Font Driver Host Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34498 Windows GDI Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34496 Windows GDI Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-34466 Windows Hello Security Feature Bypass Vulnerability Important 5.7 No No SFB
CVE-2021-34446 Windows HTML Platform Security Feature Bypass Vulnerability Important 8 No No SFB
CVE-2021-33755 Windows Hyper-V Denial of Service Vulnerability Important 6.3 No No DoS
CVE-2021-33758 Windows Hyper-V Denial of Service Vulnerability Important 7.7 No No DoS
CVE-2021-34511 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-33765 Windows Installer Spoofing Vulnerability Important 6.2 No No Spoofing
CVE-2021-31961 Windows InstallService Elevation of Privilege Vulnerability Important 6.1 No No EoP
CVE-2021-34514 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34500 Windows Kernel Memory Information Disclosure Vulnerability Important 6.3 No No Info
CVE-2021-34508 Windows Kernel Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-33764 Windows Key Distribution Center Information Disclosure Vulnerability Important 5.9 No No Info
CVE-2021-33788 Windows LSA Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2021-33786 Windows LSA Security Feature Bypass Vulnerability Important 8.1 No No SFB
CVE-2021-34447 Windows MSHTML Platform Remote Code Execution Vulnerability Important 6.8 No No RCE
CVE-2021-34493 Windows Partition Management Driver Elevation of Privilege Vulnerability Important 6.7 No No EoP
CVE-2021-33743 Windows Projected File System Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-33761 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-33773 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34445 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34456 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-33763 ...

Komplette Nachricht lesen

Zur Startseite


➤ Ähnliche Beiträge für 'The July 2021 Security Update Review'

CentOS Blog: CentOS Community Newsletter, August 2019 (#1908)

vom 653.14 Punkte
Dear CentOS enthusiast, It's been another busy month, but better a few days late than never! If you'd like to help out with the process of putting together the newsletter, please see the Contributing section at the end. We're always looking for help! R

The July 2021 Security Update Review

vom 609.75 Punkte
The second Tuesday of the month is here, and it brings with it the latest security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch

The April 2021 Security Update Review

vom 507.63 Punkte
It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microsoft are released. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch

The January 2021 Security Update Review

vom 464.69 Punkte
Welcome to the new year, and welcome to the first Patch Tuesday of 2021. Take a break from your regularly scheduled activities and join us as we review the details for the latest security offerings from Microsoft and Adobe. Adobe Patches for January 2021This month,

AA22-117A: 2021 Top Routinely Exploited Vulnerabilities

vom 462.98 Punkte
Original release date: April 27, 2022 | Last revised: April 28, 2022SummaryThis joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecuri

The March 2021 Security Update Review

vom 454.96 Punkte
It’s the third second Tuesday of the year, which means we get the latest security updates from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch

The August 2021 Security Update Review

vom 334.51 Punkte
It’s the second Tuesday of the month, and that means the latest security updates from Adobe and Microsoft have been released. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings.

The February 2021 Security Update Review

vom 316.97 Punkte
It’s the second Tuesday of the month, and that means the latest security updates from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings. Adobe Patches for

The May 2021 Security Update Review

vom 305.35 Punkte
It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microsoft are released. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch

The June 2021 Security Update Review

vom 297.56 Punkte
It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microsoft are here. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch

The April 2022 Security Update Review

vom 213.34 Punkte
Another Patch Tuesday is upon, and Adobe and Microsoft have released a bevy of new security updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.Adobe Patches for April 2022For April, Ad

The August 2022 Security Update Review

vom 200.47 Punkte
It’s the second Tuesday of the month, and the last second Tuesday before Black Hat and DEFCON, which means Microsoft and Adobe have released their latest security fixes. Take a break from packing (if you’re headed to hacker summer camp) or your nor

Team Security Diskussion über The July 2021 Security Update Review