Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed | ZDNet
Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed
Over 100 CVEs, many of which lead to RCE, have been tackled this month.
Charlie Osborne
By Charlie Osborne for Zero Day | July 13, 2021 -- 18:16 GMT (19:16 BST) | Topic: Security
Microsoft has released 117 security fixes for software including a remote code execution (RCE) vulnerability in Exchange Server found by participants of the Pwn2Own competition.
SECURITY
Kaseya ransomware attack: What you need to know
Surfshark VPN review: It's cheap, but is it good?
The best browsers for privacy
Cyber security 101: Protect your privacy
The best antivirus software and apps
The best VPNs for business and home use
The best security keys for 2FA
How victims who pay the ransom encourage more attacks (ZDNet YouTube)
The Redmond giant's latest round of patches, usually released on the second Tuesday of each month in what is known as Patch Tuesday, includes fixes for 117 flaws tackling RCEs, privilege escalation, spoofing, memory corruption, and information disclosure. Thirteen are considered critical and nine are zero-days -- with four under active exploit.
Products impacted by Microsoft's latest security update, issued on July 13, include Microsoft Office, SharePoint, Excel, Microsoft Exchange Server, Windows Defender, Windows Kernel, and Windows SMB.
Read on:
Microsoft acquires cybersecurity company RiskIQ
The best parts of Windows 11 are already in Windows 10. You just have to enable them
Some of the most interesting vulnerabilities resolved in this update are:
CVE-2021-31206: A Microsoft Exchange Server RCE found during Pwn2Own.
CVE-2021-34448: An actively exploited scripting engine memory corruption vulnerability, requiring a victim to actively visit a malicious website or to click a malicious link.
CVE-2021-34494: A Windows DNS Server RCE, albeit restricted to DNS servers only.
CVE-2021-34458: A Windows Kernel RCE which permits a single root input/output virtualization (SR-IOV) device, assigned to a guest, to potentially tamper with PCIe associates.
The latest round of patches comes just a week after an emergency fix was issued by Microsoft to rectify a security flaw nicknamed "PrintNightmare." Tracked under CVE-2021-1675 and CVE-2021-34527, the combination of RCE and a local privilege escalation flaw is already impacting some printers, and exploit code has been released.
In total, four of the vulnerabilities -- CVE-2021-34527 (PrintNightmare), CVE-2021-34448, CVE-2021-31979, and CVE-2021-33771 -- are listed as exploited in the wild.
Microsoft thanked researchers from Google Security, Checkmarx, the Trend Micro Zero Day Initiative, and Fortinet's FortiGuard Lab, among other organizations, for reporting the now-patched security flaws, A number of vulnerabilities were also reported by Microsoft Threat Intelligence Center (MSTIC).
According to the Zero Day Initiative (ZDI), which reported 17 of the bugs, this month's volume of fixes "is more than the last two months combined and on par with the monthly totals from 2020."
Last month, Microsoft resolved 50 vulnerabilities in the June batch of security fixes. These included seven zero-day bugs, six of which were reported by the Redmond giant as being actively exploited.
A month prior, the tech giant tackled 55 security flaws during May Patch Tuesday. Four of which were deemed critical, and three were zero-days.
Alongside Microsoft's Patch Tuesday round, other vendors, too, have published security updates which can be accessed below.
Over 100 CVEs, many of which lead to RCE, have been tackled this month.
Charlie Osborne
By Charlie Osborne for Zero Day | July 13, 2021 -- 18:16 GMT (19:16 BST) | Topic: Security
Microsoft has released 117 security fixes for software including a remote code execution (RCE) vulnerability in Exchange Server found by participants of the Pwn2Own competition.
SECURITY
Kaseya ransomware attack: What you need to know
Surfshark VPN review: It's cheap, but is it good?
The best browsers for privacy
Cyber security 101: Protect your privacy
The best antivirus software and apps
The best VPNs for business and home use
The best security keys for 2FA
How victims who pay the ransom encourage more attacks (ZDNet YouTube)
The Redmond giant's latest round of patches, usually released on the second Tuesday of each month in what is known as Patch Tuesday, includes fixes for 117 flaws tackling RCEs, privilege escalation, spoofing, memory corruption, and information disclosure. Thirteen are considered critical and nine are zero-days -- with four under active exploit.
Products impacted by Microsoft's latest security update, issued on July 13, include Microsoft Office, SharePoint, Excel, Microsoft Exchange Server, Windows Defender, Windows Kernel, and Windows SMB.
Read on:
Microsoft acquires cybersecurity company RiskIQ
The best parts of Windows 11 are already in Windows 10. You just have to enable them
Some of the most interesting vulnerabilities resolved in this update are:
CVE-2021-31206: A Microsoft Exchange Server RCE found during Pwn2Own.
CVE-2021-34448: An actively exploited scripting engine memory corruption vulnerability, requiring a victim to actively visit a malicious website or to click a malicious link.
CVE-2021-34494: A Windows DNS Server RCE, albeit restricted to DNS servers only.
CVE-2021-34458: A Windows Kernel RCE which permits a single root input/output virtualization (SR-IOV) device, assigned to a guest, to potentially tamper with PCIe associates.
The latest round of patches comes just a week after an emergency fix was issued by Microsoft to rectify a security flaw nicknamed "PrintNightmare." Tracked under CVE-2021-1675 and CVE-2021-34527, the combination of RCE and a local privilege escalation flaw is already impacting some printers, and exploit code has been released.
In total, four of the vulnerabilities -- CVE-2021-34527 (PrintNightmare), CVE-2021-34448, CVE-2021-31979, and CVE-2021-33771 -- are listed as exploited in the wild.
Microsoft thanked researchers from Google Security, Checkmarx, the Trend Micro Zero Day Initiative, and Fortinet's FortiGuard Lab, among other organizations, for reporting the now-patched security flaws, A number of vulnerabilities were also reported by Microsoft Threat Intelligence Center (MSTIC).
According to the Zero Day Initiative (ZDI), which reported 17 of the bugs, this month's volume of fixes "is more than the last two months combined and on par with the monthly totals from 2020."
Last month, Microsoft resolved 50 vulnerabilities in the June batch of security fixes. These included seven zero-day bugs, six of which were reported by the Redmond giant as being actively exploited.
A month prior, the tech giant tackled 55 security flaws during May Patch Tuesday. Four of which were deemed critical, and three were zero-days.
Alongside Microsoft's Patch Tuesday round, other vendors, too, have published security updates which can be accessed below.
