Microsoft has released important “Patch Tuesday” monthly security updates. These should applied promptly as some of these vulnerabilities have potential to be actively exploited in-the-wild later:

https://isc.sans.edu/forums/diary/Microsoft+July+2021+Patch+Tuesday/27628/

https://www.zerodayinitiative.com/blog/2021/7/13/the-july-2021-security-update-review

https://blog.talosintelligence.com/2021/07/microsoft-patch-tuesday-for-july-2021.html

https://us-cert.cisa.gov/ncas/current-activity/2021/07/13/microsoft-releases-july-2021-security-updates

https://redmondmag.com/articles/2021/07/13/microsoft-july-patch-bundle.aspx

https://msrc.microsoft.com/update-guide/releaseNote/2021-Jul

https://portal.msrc.microsoft.com/en-us/security-guidance/summary

https://patchtuesdaydashboard.com/

This month we got patches for 117 vulnerabilities. Of these, 13 are critical, 6 were previously disclosed and 4 are being exploited according to Microsoft.  The known Printnightmare vulnerability (CVE-2021-34527) is one of the 4 exploited. Microsoft released an out of bound emergency security fix for it (KB5004945) on July 6 but it  is worth stressing the importance of applying this update. Remember to confirm if the PointAndPrint Windows registry is set to zero as well. Please, refer to the security advisory and a diary from Johannes detailing the vulnerability.

 

By admin