As you are well aware by now, every second Tuesday of each month means that we are getting important updates from the Redmond company, as a part of the Patch Tuesday release.

  • As a part of the August 2021 Patch Tuesday event, Microsoft released a total of 44 security fixes.Thirteen of the patches involved a remote code execution vulnerability while another eight revolved around information disclosure. The most important patch addresses the Windows Print Spooler Remote Code Execution vulnerability.Besides Print Nightmare, Microsoft also tackled the issues that came with the Petit Potam attacks.

Microsoft provided 44 security fixes for August’s Patch Tuesday, with seven of the vulnerabilities being rated critical. There were also three zero-days included in the batch and the other 37 were rated as important. 

Also important is the fact that thirteen of the patches involved a remote code execution vulnerability while another eight revolved around information disclosure. 

Three zero days errors fixes via the August 2021 Patch Tuesday

The most important patch released in the latest batch addresses the Windows Print Spooler Remote Code Execution vulnerability, which has been a major topic of discussion since it was discovered back in June.

The tech company faced major backlash from the security community for totally messing up the release of patches meant to address the issue. 

The affected tools are .NET Core & Visual Studio, ASP.NET Core & Visual Studio, Azure, Windows Update, Windows Print Spooler Components, Windows Media, Windows Defender, Remote Desktop Client, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Office, Microsoft Office Word, Microsoft Office SharePoint and more.

And since we’ve mentioned that Microsoft also addressed three zero-days vulnerabilities through this update event, here is exactly what they had to deal with:

  • CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability
  • CVE-2021-36942 Windows LSA Spoofing Vulnerability
  • CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability

The Windows Update Medic Service Elevation of Privilege vulnerability is apparently the only one that has been exploited in the wild, according to Microsoft’s report.

One of the security experts, Allan Liska, said CVE-2021-36948 stood out to him because of its similarities to CVE-2020-17070, which was published in November 2020.

Liska later added that CVE-2021-26424 is a major vulnerability because it is a Windows TCP/IP Remote Code Execution vulnerability, that impacts Windows 7 through 10 and Windows Server 2008 through 2019.

Obviously, it is bad that it is being exploited in the wild, but we saw almost the exact same vulnerability in November of 2020 but I can’t find any evidence that that was exploited in the wild. So, I wonder if this is a new focus for threat actors.

Some PC issues are hard to tackle, especially when it comes to corrupted repositories or missing Windows files. If you are having troubles fixing an error, your system may be partially broken. We recommend installing Restoro, a tool that will scan your machine and identify what the fault is.Click here to download and start repairing.

Expert tip:

SPONSORED

Microsoft fixes PrintNightmare and PetitPotam attacks

The LSA spoofing vulnerability is related to an advisory Microsoft sent out late last month about how to protect Windows domain controllers and other Windows servers from the NTLM Relay Attack known as PetitPotam.

While this vulnerability is not listed as publicly disclosed or exploited in the wild, Microsoft did label this as ‘Exploitation More Likely’ meaning that exploitation is relatively trivial. Vulnerabilities in the TCP/IP stack can be tricky. There was a lot of concern earlier this year around CVE-2021-24074, a similar vulnerability, but that has not been exploited in the wild. On the other hand, last year’s CVE-2020-16898, another similar vulnerability, has been exploited in the wild.

The PetitPotam method, which was discovered in July by French researcher Gilles Lionel, takes on the NTLM Relay attack that can coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.

Adobe also released two patches addressing 29 CVEs in Adobe Connect and Magento. This is the smallest number of patches released by Microsoft since December 2019.

This decline is mainly due to resource constraints, considering Microsoft devoted extensive time in July responding to events like PrintNightmare and PetitPotam.

Patch Tuesday August 2021 security updates

This is the complete list of resolved vulnerabilities and released advisories in the August 2021 Patch Tuesday updates.

Recent security updates from other companies

Other companies that released updates are as follows:

  • Adobe released security updates for two products.
  • Android’s August security updates were released last week.
  • Cisco released security updates for numerous products this month.
  • SAP released its August 2021 security updates.
  • VMware released security updates for VMware Workspace ONE

What is your opinion on the recent plan of action that Microsoft turned to? Share your thoughts with us in the comments section below.

If the advices above haven’t solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

Still having issues? Fix them with this tool:

Email *

Commenting as . Not you?

Comment