14.07.2021 Currently Abused Flaws Fixed in Microsoft’s July 2021 Patch Tuesday

by Elena Lapina

On 13 July 2021, Microsoft released updates to address vulnerabilities in multiple products; some of the fixed flaws have been marked as currently abused.  We recommend timely patching of these flaws.

Details

  • Microsoft’s July 2021 Patch Tuesday has fixed 117 vulnerabilities; including 13 classified as Critical, three actively abused flaws, and five publicly disclosed ones.
  • The three vulnerabilities marked under active exploitation are:
    • CVE-2021-34448 – a scripting engine memory corruption flaw that could allow code execution if a user browses to a specially-crafted website.
    • CVE-2021-31979 and CVE-2021-33771 – both Windows kernel privilege escalation bugs.
  • Microsoft stated that the details for the following vulnerabilities were made public:
    • CVE-2021-34492 – a Windows Certificate Spoofing issue, CVSS:3.0 score: 8.1.
    • CVE-2021-34523 – a Microsoft Exchange Server Elevation of Privilege issue, CVSS:3.0 score: 9.
    • CVE-2021-33779 – a Windows ADFS Security Feature Bypass issue, CVSS:3.0 score: 8.1.
    • CVE-2021-33781 – an Active Directory Security Feature Bypass, CVSS:3.0 score: 8.1.
    • CVE-2021-34473 – a Microsoft Exchange Server Remote Code Execution (RCE) vulnerability that was demonstrated during Pwn2Own, a hacking competition. The CVSS:3.0 score for this flaw is 9.1 out of 10.
  • Other flaws requiring attention are:
    • CVE-2021-34458 – a Windows Kernel RCE impacting Windows instances hosting virtual machines with single root input/output virtualization devices. CVSS:3.0 score: 9.9.
    • CVE-2021-34494 – a Windows DNS Server flaw that could allow remote code execution at a privileged service level on a listening network port without user interaction. CVSS:3.0 score: 8.8.
    • CVE-2021-34514 – a Windows Kernel Elevation of Privilege Vulnerability discovered by Field Effect’s Principal Security Researcher Erik Egsgard. CVSS:3.0 score: 7.8.

Recommendations

  • We recommend timely patching for the noted Microsoft vulnerabilities as publicly disclosed and exploited flaws make it more likely for unpatched systems to become targets of exploitation.
  • In order to expedite the updates, users should go to Settings > Windows Update > Check for Updates.

References Microsoft

Connect Start Securing Your Organization Today

Contact us at hello@fieldeffect.com or call us today.

 

Request Demo

Fill out the form and we will send you details about our demo.