Microsoft has started distributing the next security patch as part of its Patch Tuesday program. This time, the developers fixed 117 vulnerabilities in various products, four of which are actively used by cybercriminals to carry out attacks.
The patch fixes issues in Windows, Exchange Server, Microsoft Office, Internet Explorer, Bing, and more. At the same time, 13 vulnerable places are critical, 103 have been classified as dangerous, and one more of them has low danger.
The July patch includes several important fixes. One of them is the fix for the vulnerability in the Windows print manager CVE-2021-34527 (PrintNightmare), which was made available separately at the beginning of the month. Exploitation of this vulnerability allows remote code execution with system privileges, which is a serious problem, especially given that cybercriminals are currently actively exploiting it.
The July patch also includes a fix for CVE-2021-1675, another Windows Print Manager vulnerability that was previously available separately.
Microsoft fixes 117 vulnerabilities in its products, including Windows
Microsoft has patched CVE-2021-34448, another critical vulnerability that was heavily exploited by cybercriminals. Its use leads to memory corruption of the Windows Script Host and allows remote code execution. While attacking this vulnerability is difficult, Microsoft notes that hackers are actively exploiting it.
Two privilege escalation vulnerabilities affecting the Windows kernel have also been fixed. We are talking about CVE-2021-31979 and CVE-2021-33771 used by hackers; the exploitation of which does not require interaction with the victim. In addition to the vulnerabilities exploited by cybercriminals, the patch fixes several well-known issues.
These include Microsoft Exchange Server Critical Remote Code Execution Vulnerability CVE-2021-34473, Active Directory Bypass Vulnerability CVE-2021-33781, Exchange Server Elevation of Privilege Vulnerability CVE-2021-34523, Active Directory Bypass Services (ADFS) CVE - 2021-33779 and Windows Certificate Substitution Vulnerability CVE-2021-34492.
Microsoft's July patch fixes a large number of vulnerabilities that could allow remote code execution. Some of them are actively used by hackers, while others have not yet been announced publicly. This means that users should not hesitate to install patches to protect their device from potential attackers.
Some of the most interesting vulnerabilities fixed in this update are:
- CVE-2021-31206: Microsoft Exchange server RCE found during Pwn2Own.
- CVE-2021-34448: A scripting engine memory corruption vulnerability that is actively exploited by requiring a victim to actively visit a malicious website or click on a malicious link.
- CVE-2021-34494: Windows DNS RCE server, although limited to DNS servers only.
- CVE-2021-34458: A Windows RCE kernel that allows a single root I/O virtualization (SR-IOV) device assigned to a guest to potentially interfere with PCIe associations.