Microsoft patched 44 unique security vulnerabilities in August 2021. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.
Microsoft Patches: Overview
This August, Microsoft patched 44 vulnerabilities discovered in 2021, including two previously disclosed bugs.
-
13 CVEs are classified as Remote Code Execution bugs
-
17 CVEs with Privilege Escalation capabilities
-
8 CVEs are linked to Information Disclosure
-
2 CVEs have Denial of Service capabilities
Zero Days
Microsoft had released patches for three zero-day vulnerabilities this month:
-
CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability
-
CVE-2021-36942 Windows LSA Spoofing Vulnerability
-
CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability
-
CVE-2021-36948 in Windows Update Medic Service with Elevation of Privilege is the only one that has been exploited in the wild, according to Microsoft’s research. It’s conceivable that CVE-2021-36948 is a version of CVE-2020-17070, which was reported in November 2020, due to its exploitation status.
RCE/PE
Microsoft has issued security fixes for two zero-day vulnerabilities found last month.
In July, PetitPotam was released—a tool that could possibly launch a NTLM relay attack. Windows New Technology LAN Manager (NTLM) is a Microsoft authentication protocol in which the attacker intercepts authentication traffic between a client and a server on a network.
Next is the most notable fixes in the new batch (CVE-2021-36958)—address the Windows Print Spooler Remote Code Execution vulnerability, which has been a hot subject since its discovery in June. Microsoft was also chastised by the security community for botching the distribution of fixes to fix the problem.
Severity Scores
Interestingly, seven vulnerabilities are rated critical which are classified as Remote Code Execution bugs.
Product Analysis
This month, Windows products received a fix for 28 vulnerabilities in which 10 accounted for Remote Code Execution, 12 for Privilege Escalation possibilities, 5 classified as Information disclosure bug and 1 as Spoofing.
Table: Microsoft August Patches 2021
CISA has issued an overall alert to address the vulnerabilities in Microsoft products. As always, we suggest patching systems as quickly as possible and monitoring your environment on a regular basis to detect systems that haven’t been patched.