Microsoft Patch Tuesday fixes 13 critical flaws, including 4 under active attack

0 Comments

The latest Patch Tuesday brings a new batch of security updates addressing a total of 117 vulnerabilities

The second Tuesday of the month is here, which means that Microsoft has rolled out patches for security vulnerabilities in Windows and its other products as part of its monthly Patch Tuesday bundle. This month’s batch of security updates brings fixes for no fewer than 117 security vulnerabilities including four security loopholes that are being actively exploited in the wild according to Microsoft.

Of the grand total, 13 security flaws have received the highest severity rating of “critical”, meanwhile 103 were classified as “important”, and it’s worth noting that six security bugs are listed as publicly known at the time of the release.

The PrintNightmare zero-day, which received an out-of-band update recently, is one of the four actively exploited security flaws. Indexed as CVE-2021-34527, the remote code execution vulnerability resides in the Windows Print Spooler service and affects all supported versions of the Microsoft Windows operating system. Successful exploitation of this flaw enables remote attackers to run arbitrary code with SYSTEM privileges on the vulnerable system and could allow them to completely take over.

The next actively exploited vulnerability on the list is a remote code execution bug found in the scripting engine. Tracked as  CVE-2021-34448  it holds a score of 6.8 out of 10 on the CVSS scale and is rated critical. “In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability,” said the Redmond tech titan. However, for the flaw to be exploited an attacker would have to dupe the user into visiting the website, by sending them a link either via email or direct message and then convince them to open the file.

The last two vulnerabilities under active attack, indexed as CVE-2021-31979 and CVE-2021-33771, are a duo of elevation of privilege flaws residing in the Windows kernel.

Security updates have been released for a wide range of products, including Microsoft Office, Exchange Server, Visual Studio Code, as well as other products in Microsoft’s portfolio.

All updates are available via this Microsoft Update Catalog for all supported versions of Windows. Both regular users and system administrators would be well advised to apply the patches as soon as practicable.