As part of Patch Tuesday this week, Microsoft released patches for 44 vulnerabilities (51 including bugs in Microsoft Edge), seven of which were classified as critical, three were 0-day, and one was already under attack.
Patches released this month: .NET Core and Visual Studio, ASP.NET Core and Visual Studio, Azure, Windows Update, Windows Print Spooler Components, Windows Media, Windows Defender, Remote Desktop Client, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Word, Microsoft Office SharePoint and so on.
This month, Microsoft released updates for two zero-day vulnerabilities that were previously reported. The first of these is the PrintNightmare problem, which we have written about more than once. This vulnerability allows an attacker to gain System-level privileges simply by connecting to a remote print server under their control.
Microsoft is now confident that it has finally fixed this problem by improving new variations. In addition, users now need administrator rights to install Point and Print drivers.
The second fixed 0-day vulnerability is PetitPotam, which uses the MS-EFSRPC API to force remote Windows servers to authenticate an attacker and share NTLM authentication data or authentication certificates with him.
Another zero-day vulnerability, which, according to the company, is already exploited by hackers, is CVE-2021-36948 (7.8 on the CVSS scale). The issue is local privilege escalation in Windows Update Medic. Who exactly and how exploited this bug has not yet been reported.
Also, a critical bug with a rating of 9.9 on the CVSS scale (affecting Windows 7-10, Windows Server 2008-2019) cannot be ignored, as this vulnerability is associated with Windows TCP / IP and leads to remote code execution (CVE-2021-26424 ); and also the problem of remote code execution in the Remote Desktop Client (CVE-2021-34535), which scored 8.8 points on the CVSS scale.
Let me remind you that last month Microsoft patched 117 vulnerabilities, including 9 zero-day vulnerabilities.
