Microsoft released a new security update for August under Patch Tuesday and fixed 44 vulnerabilities including, 3 critical 0-Days that affected the various Microsoft products.
In this list of Vulnerabilities, 7 Vulnerabilities were marked as “Critical” and, rest of the 37 vulnerabilities were fixed as “Important”.
Following products are received a patch that affected by various vulnerabilities in this patch Tuesday update:-
- .NET Core & Visual Studio
- ASP .NET
- Azure Sphere
- Microsoft Azure Active Directory Connect
- Microsoft Dynamics
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Scripting Engine
- Microsoft Windows Codecs Library
- Remote Desktop Client
- Windows Bluetooth Service
- Windows Cryptographic Services
- Windows Defender
- Windows Event Tracing
- Windows Media
- Windows MSHTML Platform
- Windows NTLM
- Windows Print Spooler Components
- Windows Services for NFS ONCRPC XDR Driver
- Windows Storage Spaces Controller
- Windows TCP/IP
- Windows Update
- Windows Update Assistant
- Windows User Profile Service
Out of 44 Vulnerabilities, 13 are remote code execution vulnerabilities, 8 of them marked under information disclosure, 4 are spoofing vulnerabilities, and 2 vulnerabilities are Denial of service.
Zero-day Vulnerabilities are Fixed
August 2021 patch Tuesday was released with the fixes of 3 zero-day bugs, and one of them is actively exploited in Wide.
CVE-2021-36948 – Windows Update Medic Service Elevation of Privilege Vulnerability
CVE-2021-36936 – Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-36942 – Windows LSA Spoofing Vulnerability
CVE-2021-36948 is an actively exploited Medic Service Elevation of Privilege Vulnerability, and there is evidence found that how does this vulnerability were exploited by the attackers.
CVE-2021-36942 is associated with PetitPotam, a classic NTLM Relay attack that helps attackers to take over the Windows domain controller.
Along with this, Microsoft fixed the most waited zero-day vulnerabilities, one of them is PrintNightmare vulnerabilities that allow threat actors to gain SYSTEM level privileges simply by connecting to a remote print server under their control.
Another Critical vulnerability (CVE-2021-26424) is remotely triggerable by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCP/IP packet to its host utilizing the TCP/IP Protocol Stack (tcpip.sys) to process packets.”
Microsoft strongly recommended installing these security updates for all windows users to avoid the security risk and protect your Windows.
You can refer to the complete patch details for the full list of vulnerabilities resolved, advisories, in the August 2021 Patch here.