Microsoft fixes 117 vulnerabilities and four zero days on Patch Tuesday
Microsoft fixed 117 vulnerabilities in Windows during Patch Tuesday. Four of them were actively attacked, the company says. Thirteen bugs received a critical score, including remote code execution in the OS’s DNS server.
The July patch round will fix a total of 117 vulnerabilities, 13 of which will receive a Critical score and 103 an Important score. One bug gets a Moderate score. Four of the bugs are vulnerabilities that are exploited in practice, according to Microsoft, but as usual, the company does not provide details about the attacks themselves.
Two of the bugs allow local privilege escalation to be performed on all Windows kernels. Another zeroday is used for remote code executions . The vulnerabilities that are not actively exploited include CVE-2021-34494 , a remote code execution for dns server in Windows.
A major patch is for PrintNightmare, a bug discovered in the Print Spooler Service earlier this month . A patch had already been released for this , but it did not fix all the problems. In this way a local privilege escalation remained possible. The new patch also has to fix those last vulnerabilities.
The actively attacked vulnerabilities:
CVE-2021-34527 | Remote code execution in Windows Print Spooler |
CVE-2021-33771 | Windows kernel privilege escalation |
CVE-2021-34448 | Memory corruption in Windows Scripting Engine |
CVE-2021-31979 | Windows kernel privilege escalation |
In addition, five bugs are being patched, the details of which had already been made public, but were not actively attacked:
CVE-2021-34492 | Windows Certificate Spoofing Vulnerability |
CVE-2021-34523 | Privilege elevation in Microsoft Exchange Server |
CVE-2021-34473 | Remote code execution in Microsoft Exchange Server |
CVE-2021-33779 | ADFS Security Bypass |
CVE-2021-33781 | Active Directory Security Bypass |
In addition to the standard security update, there is also a Cumulative Update, KB5004237 for Windows 10 1904.1110, 19042.1110, and 19043.1110.