[ad_1]
Microsoft today released software updates to fix at least 44 security vulnerabilities in its the Windows operating systems and related products. The software giant warned that attackers were already heading for one of the flaws, which, ironically enough, implies an easily exploitable bug in the software component responsible for patching. Windows 10 PC and Windows Server 2019 Machines.
Microsoft has said that attackers have seized CVE-2021-36948, which is a weakness in the Windows Update Medic service. Update Medic is a new service that allows users to repair damaged Windows Update components so that the device can continue to receive updates.
Redmond says that while CVE-2021-36948 is actively exploited, it is unaware of any publicly available exploit code. The flaw is an “elevation of privilege” vulnerability that affects Windows 10 and Windows Server 2019, which means that it can be used in combination with another vulnerability to allow attackers to run code of their choice as an administrator on a vulnerable system.
“CVE-2021-36948 is a privilege escalation vulnerability – the cornerstone of modern intrusions because they allow attackers the level of access to do things like hide their tracks and create user accounts,” said Kevin Breen immersive laboratories. “In the case of ransomware attacks, they were also used to ensure maximum damage. “
Critical vulnerabilities, according to Microsoft, are those that can be exploited remotely by malware or malcontents to take full control of a vulnerable Windows computer – and with little or no help from users. At the top again this month: Microsoft also tried again to correct a wide range of weaknesses in its printing software.
Last month, the company released an emergency update to fix “PrintNightmare”, a critical hole in its Windows Print Spooler software that was under attack in the wild. Since then, a number of researchers have discovered holes in this patch, allowing them to bypass its protections.
Today’s Patch Tuesday fixes another critical print spooler flaw (CVE-2021-36936), but it’s unclear whether this bug is a variant of PrintNightmare or a single vulnerability on its own, has declared Dustin Childs To Trend Micro’s Zero Day Initiative.
“Microsoft says low privilege is required, so this should put it in the non-deworming category, but you should still prioritize testing and deploying this classified bug,” Childs said.
Microsoft has said that the Print Spooler patch it is offering today is expected to resolve all publicly documented security issues with the service.
“Today we are addressing that risk by changing the default Point and Print driver installation and update behavior to require administrator privileges,” Microsoft said in a blog post. “This change may impact Windows print clients in scenarios where non-advanced users could previously add or update printers. However, we strongly believe that the security risk justifies the change. This change will take effect with the installation of the security updates released on August 10, 2021 for all versions of Windows, and is documented as CVE-2021-34481.“
August brings another critical fix (CVE-2021-34535) for the Windows Remote Desktop service, and this time the flaw is in the Remote Desktop client instead of the server.
CVE-2021-26424 – a creepy critical bug in the Windows TCP / IP component – achieved a CVSS score of 9.9 (10 is the worst) and is present in Windows 7 by Windows 10, and Windows Server 2008 through 2019 (Windows 7 is no longer supported with security updates).
Microsoft said it was not yet aware that anyone was exploiting this bug, although the company has given it the label “more likely to be exploited,” which means it may not be difficult. for attackers to figure it out. CVE-2021-26424 could be exploited by sending a single malicious data packet to a vulnerable system.
For a full rundown of all the fixes released today that are indexed by severity, check out the ever-useful Patch Tuesday summary of the SANS Internet Storm Center. And it’s not a bad idea to put the update on hold for a few days until Microsoft fixes any issues in the updates: AskWoody.com usually has the list of fixes that cause problems for Windows users. .
On that note, before updating please make sure you have backed up your system and / or important files. It is not uncommon for a Windows update package to damage its system or prevent it from starting correctly, and some updates are known to erase or corrupt files.
So do yourself a favor and back up before installing patches. Windows 10 even has built-in tools to help you do this, either by file / folder or by creating a full, bootable copy of your hard drive in one go.
And if you want to make sure that Windows has been configured to pause updating so that you can back up your files and / or your system before the operating system decides to restart and install the fixes on its own schedule. , see this guide.
If you have any issues or issues installing any of these fixes this month, consider leaving a comment about it below; there is a good chance that other readers have been through the same thing and can give helpful advice.
[ad_2]
Source link