Microsoft releases a bumper batch of security updates

Get a free Techzine subscription!

 Microsoft released a bunch of security updates following Patch Tuesday. Check your systems for updates and install these security systems as soon as possible.

Following Patch Tuesday, Microsoft released 4 XL-sized security fixes for its products to deal with 12 critical issues that plagued network admins and others. The vendors quickly followed close behind to apply these fixes.

The Windows batch for July has identified 13 critical bugs – which is why you need to install these new updates to prevent any exploits from developing in your system. Here is a quick rundown of the four patches:

CVE-2021-34527

This is a remote code execution hole found in the Windows Print Spooler, also knows as Printnightmare. Some infosec bodies claim that they can evade this Patch; however, Microsoft has dismissed any such claims saying that evading the Patch wouldn’t be possible since Registry keys have specific values.

This Patch comes installed by default, says Microsoft; however, to ensure its installation, review your registry keys and allow administrators to install printer drivers.

CVE-2021-34448

A compromised web page can help users carry out commands and execute codes remotely through Microsoft’s Scripting Engine. Unfortunately, all Microsoft has said on the matter is that exploitation in the wild has been detected. It happens to be one of the most devastating bugs as it exploits a memory corruption vulnerability in the scripting engine of the Windows Server. The bug is triggered when the user opens a corrupted file, email attachment or visits a compromised site.

CVE-2021-31979 and CVE-2021-33771

These exploit codes haven’t been made public yet, but this is the privilege escalation flaw of Windows that is apparently being exploited by malware to gain admin access. But these codes have a severity rating of important and represent Windows kernel elevation-of-privilege vulnerabilities.