14 July 2021

Microsoft’s July Patch Tuesday addresses over 100 bugs, including 3 zero-days


Microsoft’s July Patch Tuesday addresses over 100 bugs, including 3 zero-days

Microsoft has rolled out a bunch of security updates designed to fix more than 100 vulnerabilities across its multiple products, including three zero-day flaws actively exploited in the wild, as well as a number of publicly disclosed but not exploited issues.

The three zero-day flaws are:

  • CVE-2021-33771 - Windows Kernel Elevation of Privilege Vulnerability. The vulnerability exists due to a boundary error and allows a local user to execute arbitrary code on the target system with elevated privileges.

  • CVE-2021-34448 - Scripting Engine Memory Corruption Vulnerability. The issue exists due to a boundary error when processing HTML content in Microsoft scripting engine. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

  • CVE-2021-31979 - Windows Kernel Elevation of Privilege Vulnerability. The vulnerability exists due to a boundary error in Windows kernel. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code on the system with elevated privileges.

The Windows maker also patched five previously disclosed, but not exploited, vulnerabilities. They are as follows:

  • CVE-2021-34492 - Windows Certificate Spoofing Vulnerability

  • CVE-2021-34523 - Microsoft Exchange Server Elevation of Privilege Vulnerability

  • CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2021-33779 - Windows ADFS Security Feature Bypass Vulnerability

  • CVE-2021-33781 - Active Directory Security Feature Bypass Vulnerability

Microsoft’s July Patch Tuesday also fixes the PrintNightmare (CVE-2021-34527) vulnerability, which came to light last month when Chinese security researchers accidently published technical details and PoC code for what they believed was a Windows Print Spooler bug (CVE-2021-1675), patched as part of Microsoft’s June Patch Tuesday. It turned out that the exploit they published was not actually the same issue fixed by Microsoft.

CVE-2021-34527 includes both remote code execution and a local privilege escalation vector that can be used by hackers to execute commands with SYSTEM privileges on vulnerable Windows systems.

The tech giant said it detected active exploitation attempts targeting the bug.

Users are advised to install Microsoft’s July security updates as soon as possible.

Back to the list

Latest Posts

Cyber Security Week in Review: April 19, 2024

Cyber Security Week in Review: April 19, 2024

In brief: the LabHost PhaaS platform shut down, Russian military hackers attacked critical infrastructure in the US and Europe, and more.
19 April 2024
Ukrainian military personnel targeted via messaging apps and dating sites

Ukrainian military personnel targeted via messaging apps and dating sites

The threat actor employs a range of software in their malicious activities, including both commercial programs and  open-source tools.
18 April 2024
Russian military hackers targeted US water utilities and hydroelectric facilities in Europe

Russian military hackers targeted US water utilities and hydroelectric facilities in Europe

This marks the first time Russian nation-state hackers have posed a direct threat to critical infrastructure in Western countries.
18 April 2024
Popular Posts
Featured vulnerabilities
Multiple vulnerabilities in Mozilla Thunderbird
High Patched | 20 Apr, 2024
Authorization bypass in SSSD
Medium Patched | 19 Apr, 2024
Information disclosure in Linux kernel veth driver
Low Patched | 19 Apr, 2024
Denial of service in Envoy
Medium Patched | 19 Apr, 2024
Security features bypass in Moby
Medium Patched | 19 Apr, 2024