Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ The August 2021 Security Update Review

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š The August 2021 Security Update Review


๐Ÿ’ก Newskategorie: Hacking
๐Ÿ”— Quelle: thezdi.com

Itโ€™s the second Tuesday of the month, and that means the latest security updates from Adobe and Microsoft have been released. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings.

Adobe Patches for August 2021

For August, Adobe released two patches addressing 29 CVEs in Adobe Connect and Magento. The update for Connect is rated Important and fixes a single security feature bypass and two cross-site scripting bugs. The Critical-rated patch for Magento fixes a wide range of bugs, the worst of which could allow remote code execution.

None of the bugs fixed this month by Adobe are listed as publicly known or under active attack at the time of release.

Microsoft Patches for August 2021

For August, Microsoft released patches today for 44 CVEs in Microsoft Windows and Windows components, Office, .NET Core and Visual Studio, Windows Defender, Windows Update and Update Assistant, Azure, and Microsoft Dynamics. This is in addition to seven CVEs patched in Microsoft Edge (Chromium-based) earlier this month. A total of eight of these bugs were submitted through the ZDI program. Of the 44 CVEs patched today, seven are rated Critical and 37 are rated Important in severity. This is the smallest release for Microsoft in 2021 and could be due to resource constraints since Microsoft spent so much time in July responding to events like PrintNightmare and PetitPotam. In fact, this is the smallest release since December 2019. It will be interesting to see if the September patch volume rebounds to triple digits or remains on the smaller side.

According to Microsoft, two of these bugs are publicly known and one is listed as under active attack at the time of release. Letโ€™s take a closer look at some of the more interesting updates for this month, starting with a bug thatโ€™s listed as under active attack:

-ย ย ย ย ย ย  CVE-2021-36948 - Windows Update Medic Service Elevation of Privilege Vulnerability
This bug could allow a local privilege escalation through the Windows Update Medic Service โ€“ a new feature introduced in Windows 10 designed to repair Windows Update components from damage so that the computer can continue to receive updates. An attacker would need to log on to an affected system and run a specially crafted program to escalate privileges. Microsoft does not say how widespread the attacks are, but they are most likely targeted at this point.

-ย ย ย ย ย ย  CVE-2021-36942 - Windows LSA Spoofing Vulnerability
Speaking of PetitPotam, Microsoft released this patch to further protect against NTLM relay attacks by issuing this update to block the LSARPC interface. This will impact some systems, notably Windows Server 2008 SP2, that use the EFS API OpenEncryptedFileRawA function. You should apply this to your Domain Controllers first and follow the additional guidance in ADV210003 and KB5005413. This has been an ongoing issue since 2009, and, likely, this isnโ€™t the last weโ€™ll hear of this persistent issue.

-ย ย ย ย ย ย  CVE-2021-36936 - Windows Print Spooler Remote Code Execution Vulnerability
Another month, another remote code execution bug in the print spooler. This bug is listed as publicly known, but itโ€™s not clear if this bug is a variant of PrintNightmare or a unique vulnerability all on its own. There are quite a few print spooler bugs to keep track of. Either way, attackers can use this to execute code on affected systems. Microsoft does state low privileges are required, so that should put this in the non-wormable category, but you should still prioritize testing and deployment of this Critical-rated bug.

-ย ย ย ย ย ย  CVE-2021-34535 - Remote Desktop Client Remote Code Execution Vulnerability
Before you start having flashbacks to BlueKeep, this bug affects the RDP client and not the RDP server. However, the CVSS 9.9 bug is nothing to ignore. An attacker can take over a system if they can convince an affected RDP client to connect to an RDP server they control. On Hyper-V servers, a malicious program running in a guest VM could trigger guest-to-host RCE by exploiting this vulnerability in the Hyper-V Viewer. This is the more likely scenario and the reason you should test and deploy this patch quickly.

Hereโ€™s the full list of CVEs released by Microsoft for August 2021:

CVE Title Severity CVSS Public Exploited Type
CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability Important 7.8 No Yes EoP
CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability Critical 8.8 Yes No RCE
CVE-2021-36942 Windows LSA Spoofing Vulnerability Important 9.8 Yes No Spoofing
CVE-2021-34535 Remote Desktop Client Remote Code Execution Vulnerability Critical 9.9 No No RCE
CVE-2021-34480 Scripting Engine Memory Corruption Vulnerability Critical 6.8 No No RCE
CVE-2021-34530 Windows Graphics Component Remote Code Execution Vulnerability Critical 7.8 No No RCE
CVE-2021-34534 Windows MSHTML Platform Remote Code Execution Vulnerability Critical 6.8 No No RCE
CVE-2021-26432 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability Critical 9.8 No No RCE
CVE-2021-26424 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.9 No No RCE
CVE-2021-26423 .NET Core and Visual Studio Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2021-34485 .NET Core and Visual Studio Information Disclosure Vulnerability Important 5 No No Info
CVE-2021-34532 ASP.NET Core and Visual Studio Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-33762 Azure CycleCloud Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2021-36943 Azure CycleCloud Elevation of Privilege Vulnerability Important 4 No No EoP
CVE-2021-26430 Azure Sphere Denial of Service Vulnerability Important 6 No No DoS
CVE-2021-26429 Azure Sphere Elevation of Privilege Vulnerability Important 7.7 No No EoP
CVE-2021-26428 Azure Sphere Information Disclosure Vulnerability Important 4.4 No No Info
CVE-2021-36949 Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability Important 7.1 No No SFB
CVE-2021-36950 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important 5.4 No No XSS
CVE-2021-34524 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Important 8.1 No No RCE
CVE-2021-36946 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important 5.4 No No XSS
CVE-2021-34478 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-36940 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No Spoofing
CVE-2021-34471 Microsoft Windows Defender Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-36941 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34536 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-36945 Windows 10 Update Assistant Elevation of Privilege Vulnerability Important 7.3 No No EoP
CVE-2021-34537 Windows Bluetooth Service Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-36938 Windows Cryptographic Primitives Library Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-36927 Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-26425 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34486 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-34487 Windows Event Tracing Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2021-34533 Windows Graphics Component Font Parsing Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-36937 Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-34483 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-36947 Windows Print Spooler Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-26431 Windows Recovery Environment Agent Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-26433 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No Info
CVE-2021-36926 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No Info
CVE-2021-36932 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No Info
CVE-2021-36933 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No Info
CVE-2021-26426 Windows User Account Profile Picture Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2021-34484 Windows User Profile Service Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-30590 Chromium: CVE-2021-30590 Heap buffer overflow in Bookmarks High N/A No No RCE
CVE-2021-30591 Chromium: CVE-2021-30591 Use after free in File System API High N/A No No RCE
CVE-2021-30592 Chromium: CVE-2021-30592 Out of bounds write in Tab Groups High N/A No No RCE
CVE-2021-30593 Chromium: CVE-2021-30593 Out of bounds read in Tab Strip High N/A No No Info
CVE-2021-30594 Chromium: CVE-2021-30594 Use after free in Page Info UI High N/A No No RCE
CVE-2021-30596 Chromium: CVE-2021-30596 Incorrect security UI in Navigation Medium N/A No No SFB
CVE-2021-30597 Chromium: CVE-2021-30597 Use after free in Browser UI Medium N/A No No RCE

Youโ€™ll notice this monthโ€™s table includes the Chromium updates for Edge. These vulnerabilities are listed with the severity as assigned by Google, which is different from the standard Microsoft nomenclature. Google does not assign a CVSS score, so none is listed in the table.

Looking at the remaining Critical-rated updates, most are of the browse-and-own variety, meaning an attacker would need to convince a user to browse to a specially crafted website with an affected system. One exception would be CVE-2021-26432, which is a patch for the Windows Services for NFS ONCRPC XDR Driver. Microsoft provides no information on how the CVSS 9.8 rated vulnerability could be exploited, but it does note ย it needs neither privileges or user interaction to be exploited. This may fall into the โ€œwormableโ€ category, at least between servers with NFS installed, especially since the open network computing remote procedure call (ONCRPC) consists of an External Data Representation (XDR) runtime built on the Winsock Kernel (WSK) interface. That certainly sounds like elevated code on a listening network service. Donโ€™t ignore this patch.

Another interesting Critical-rated bug affects the TCP/IP stack. Despite its CVSS rating of 9.9, this may prove to be a trivial bug, but itโ€™s still fascinating. An attacker on a guest Hyper-V OS could execute code on the host Hyper-V server by sending a specially crafted IPv6 ping. This keeps it out of the wormable category. Still, a successful attack would allow the guest OS to completely take over the Hyper-V host. While not wormable, itโ€™s still cool to see new bugs in new scenarios being found in protocols that have been around for years.

The remaining patches for RCE bugs primarily address open-and-own types of bugs in Microsoft Dynamics (on-prem), Office, Word, and Windows media components. For example, the vulnerability in Word would require someone to open a specially crafted Word doc with an affected version, resulting in code execution at the logged-on user lever. Thereโ€™s also an Important-rated RCE bug in the print spooler, however, itโ€™s not clear why this one is rated Important while the other is rated Critical. Both have the exact same CVSS rating. One is publicly known, but that shouldnโ€™t affect severity. Best to treat both print spooler bugs as Critical, just to be on the safe side.ย 

There are a total of 16 Elevation of Privilege (EoP) patches in this monthโ€™s release. Most of these exist in Windows components and require an attacker to log on to an affected system and execute their specially crafted program. Six of these bugs were reported through the ZDI program by Abdelhamid Naceri (halov) and deal with improper link resolution before file access (Link Following) vulnerabilities. For example, by creating a directory junction, an attacker can abuse the Windows Update Assistant to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the Administrator. Altogether, there are EoP fixes for Windows Defender, Azure Sphere and CycleCloud, Storage Spaces, the Update Assistant, the Bluetooth service, Windows Event Tracing, and the aforementioned Print Spooler.

Looking at the eight information disclosure bugs in this monthโ€™s release, more simply result in leaks consisting of unspecified memory contents. A notable exception is the patch for .NET Core and Visual Studio that could disclose data inside the targeted website like IDs, tokens, nonces, and other sensitive information. Microsoft does not specify what information is disclosed by the bug in the Windows Cryptographic Primitives Library, but judging by the title alone, itโ€™s possible (though unlikely) that an attacker could recover plaintext data from encrypted content. Letโ€™s hope we receive more information on this bug in the future.

Only two patches this month result in Denial-of-Service (DoS) conditions, but you likely only need to act on one. The update for Azure Sphere should have been automatically delivered to your device provided it is connected to the Internet. The other patch fixes a DoS bug in .NET Core and Visual Studio and needs to be installed as per usual.

There are also just two security feature bypasses getting fixes this month. The first is for Azure Active Directory Connect, but youโ€™ll need to do more than just patch to prevent a Man-in-The-Middle (MiTM) attack between your Azure AD Connect server and a domain controller. You will also need to disable NTLM as laid out in this document. The other spoofing bug occurs in SharePoint Server and likely manifests as a cross-site scripting (XSS) issue. Speaking of XSS bugs, this monthโ€™s release is rounded out by two patches for XSS vulnerabilities in Microsoft Dynamics.

As expected, the servicing stack advisory (ADV990001) was revised for multiple versions of Windows this month. No new advisories were released this month.

Looking Ahead

The next Patch Tuesday falls on September 14, and weโ€™ll return with details and patch analysis then. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!

...



๐Ÿ“Œ The August 2021 Security Update Review


๐Ÿ“ˆ 22.2 Punkte

๐Ÿ“Œ August View review: August smart doorbell has an easy-breezy install


๐Ÿ“ˆ 22.04 Punkte

๐Ÿ“Œ The August 2019 Security Update Review


๐Ÿ“ˆ 18.66 Punkte

๐Ÿ“Œ The August 2020 Security Update Review


๐Ÿ“ˆ 18.66 Punkte

๐Ÿ“Œ The August 2022 Security Update Review


๐Ÿ“ˆ 18.66 Punkte

๐Ÿ“Œ The August 2023 Security Update Review


๐Ÿ“ˆ 18.66 Punkte

๐Ÿ“Œ Qubes OS-3mdeb mini-summit 2021 - 3rd &10th August 2021


๐Ÿ“ˆ 14.89 Punkte

๐Ÿ“Œ The January 2021 Security Update Review


๐Ÿ“ˆ 14.38 Punkte

๐Ÿ“Œ The February 2021 Security Update Review


๐Ÿ“ˆ 14.38 Punkte

๐Ÿ“Œ The March 2021 Security Update Review


๐Ÿ“ˆ 14.38 Punkte

๐Ÿ“Œ The April 2021 Security Update Review


๐Ÿ“ˆ 14.38 Punkte

๐Ÿ“Œ The May 2021 Security Update Review


๐Ÿ“ˆ 14.38 Punkte

๐Ÿ“Œ The June 2021 Security Update Review


๐Ÿ“ˆ 14.38 Punkte

๐Ÿ“Œ The July 2021 Security Update Review


๐Ÿ“ˆ 14.38 Punkte

๐Ÿ“Œ Apple's August 2022 in review: iPhone 14 event looms, roaming AirTags, and more


๐Ÿ“ˆ 14.23 Punkte

๐Ÿ“Œ Apple's August 2023 in review - Vision Pro grows nearer, Apple TV+ gets Messi, iPhone end call button drama


๐Ÿ“ˆ 14.23 Punkte

๐Ÿ“Œ Android Security Update for August 2019 Now Rolling Out with 26 Security Fixes


๐Ÿ“ˆ 14.16 Punkte

๐Ÿ“Œ The Surface Duo August 2021 system update is here


๐Ÿ“ˆ 13.87 Punkte

๐Ÿ“Œ Windows 10: Update-Probleme nach August-Update


๐Ÿ“ˆ 12.84 Punkte

๐Ÿ“Œ Windows 10: Update-Probleme nach August-Update


๐Ÿ“ˆ 12.84 Punkte

๐Ÿ“Œ Windows 10: August-Update sorgt fรผr Update-Probleme


๐Ÿ“ˆ 12.84 Punkte

๐Ÿ“Œ Paginated Reports August 2019 Feature Update โ€“ Report Builder Update, SaaS embedding support and whatโ€™s coming soon


๐Ÿ“ˆ 12.84 Punkte

๐Ÿ“Œ Android: Erstes Update fรผr Pixel 6-Smartphones rollt aus โ€“ Google System Updates & August-Update verzรถgert


๐Ÿ“ˆ 12.84 Punkte

๐Ÿ“Œ Ubuntu Budgie 18.04 Review - Linux Distro Review


๐Ÿ“ˆ 12.82 Punkte

๐Ÿ“Œ Review that! Fake TripAdvisor review peddler sent to jail


๐Ÿ“ˆ 12.82 Punkte

๐Ÿ“Œ Filmora9 Review: A Hands-on Honest Review


๐Ÿ“ˆ 12.82 Punkte

๐Ÿ“Œ Kyocera DuraForce Ultra 5G UW review review: Verizon rugged smartphone built to get work done everywhere


๐Ÿ“ˆ 12.82 Punkte

๐Ÿ“Œ HPR3099: Linux Inlaws S01E08 The review of the review


๐Ÿ“ˆ 12.82 Punkte

๐Ÿ“Œ LifeLock Review (2023): Privacy Wizards Publish Review of Norton LifeLock Identity Theft Protection Services


๐Ÿ“ˆ 12.82 Punkte

๐Ÿ“Œ Steam Year in Review 2023: How to view your stats and get around 'this account's Year in Review is not shared' error


๐Ÿ“ˆ 12.82 Punkte

๐Ÿ“Œ Multiple Security Updates Affecting TCP/IP:โ€ฏ CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


๐Ÿ“ˆ 12.53 Punkte

๐Ÿ“Œ Multiple Security Updates Affecting TCP/IP:โ€ฏ CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


๐Ÿ“ˆ 12.53 Punkte











matomo