As part of July Patch Tuesday, Microsoft fixed (released patches) for 117 vulnerabilities, of which 13 were classified as critical. That is, the July set of patches is twice as large as the May and June “Patch Tuesday” combined.This time, bugs were fixed in products such as Microsoft Office, SharePoint, Excel, Microsoft Exchange Server, Windows Defender, Windows kernel, Windows SMB, and so on.
44 vulnerabilities were associated with remote code execution, 32 with privilege escalation, 14 with information disclosure, 12 provoked denial of service, 8 allowed bypassing various security functions, and another 7 were associated with spoofing.
In addition, this month the company fixed nine zero-day vulnerabilities at once, four of which have already been used for attacks. The following 0-day issues have been fixed, but hackers haven’t used them yet:
- CVE-2021-34492: Certificate forgery vulnerability in Windows;
- CVE-2021-34523: Privilege escalation vulnerability in Microsoft Exchange Server;
- CVE-2021-34473: Remote Code Execution Vulnerability in Microsoft Exchange Server;
- CVE-2021-33779: Windows ADFS Bypass Vulnerability;
- CVE-2021-33781: Active Directory bypass vulnerability.
As for the bugs that hackers have already adopted, one of them is the PrintNightmare problem (CVE-2021-34527), which I described in detail earlier.
By the way, I also reported that Microsoft declares that Printnightmare patch works correctly.
And three other vulnerabilities under attack that were not previously known are:
- CVE-2021-33771: Windows Kernel Privilege Elevation Vulnerability;
- CVE-2021-34448: scripting engine vulnerability leading to information corruption in memory;
- CVE-2021-31979: A privilege escalation vulnerability in the Windows kernel.
Along with Microsoft, other companies have released updates to their products this week.
- Apache Tomcat;
- developers of SUSE, Oracle Linux and Red Hat;
- Schneider Electric;
Let me remind you that a month ago Microsoft specialists also tried Six 0-day vulnerabilities fixed in Windows, including a commercial exploit issue.