Daily Bulletin


August Patch Tuesday is much lighter than the past few months. A total of 44 vulnerabilities were resolved by Microsoft, seven of which are rated as Critical by Microsoft. The updates address vulnerabilities in the Windows OS, Office, SharePoint, and a host of development tools including .NET Core, ASP .NET, and Azure. There is one Zero Day this month and four publicly disclosed vulnerabilities. As foreshadowed by security analysts in July, there are more fixes for the Print Spooler that are amongst the list of CVEs that you will want to address in a timely manner.

 

Microsoft resolved a Zero Day vulnerability in Windows 10 1809 and Server 2019 and later OS versions. CVE-2021-36948 is an Elevation of Privilege vulnerability in the Windows Update Medic Service. Microsoft assigned the severity of this vulnerability as Important and CVSSv3 is 7.8.

 

Microsoft resolved a pair of Print Spooler vulnerabilities (CVE-2021-34481 and CVE-2021-36936) that are both marked as Publicly Disclosed. CVE-2021-34481 is actually a re-release from July Patch Tuesday. After a more complete investigation, Microsoft made an additional update to address the vulnerability more completely. Normally a public disclosure is enough to put a vulnerability at higher risk of being exploited since details of the vulnerability had been made available prior to the update being released. In this case, right on the tails of multiple known exploited print spooler vulnerabilities, including PrintNightmare (CVE-2021-34527) the risk of these publicly disclosed vulnerabilities being exploited has increased. As a threat actor investigates code for vulnerabilities, they will potentially be looking for multiple ways to exploit a weak code area. White Hat researchers were able to uncover and report these additional exploits, so we should expect threat actors to be able to identify these additional vulnerabilities as well.

 

On July 20th, Microsoft released details of CVE-2021-36934, which is an Elevation of Privilege vulnerability also known as HiveNightmare or SeriousSAM. The vulnerability got quite a bit of buzz in patch management forums like PatchManagement.org due to the nature of the workaround as it required deleting Volume Shadow Copies and creating a new restore point once the ACLs had been updated. Expect the buzz to turn to a grumble as the notes of the CVE outline a need to delete all shadow copies of your system volume to fully mitigate the vulnerability even after applying the security update.

 

An Elevation of Privilege vulnerability (CVE-2021-36948) in Windows Update Medic Service has been resolved. The vulnerability was rated as Important and affects Windows 10 1809 and Server 2019 and later OS versions. The vulnerability has been publicly disclosed putting it at higher risk of being exploited.

 

Mozilla has also released updates for Mozilla Firefox, Firefox ESR and Thunderbird this month. The Firefox updates resolve 11 CVEs and the update is rated as High by Mozilla.

 

Business News

A Guide to Finance Automation Software

When running a business, it is critical to streamline certain processes to maintain efficiency. Too much to spent manually on tasks can wind up being detrimental to the overall health of the organis...

Daily Bulletin - avatar Daily Bulletin

Top Tips for Cost-effective Storefront Signage

The retail industry is highly competitive and if you are in the process of setting up a retail store, you have come to the right place, as we offer a few tips to help you create a stunning storefront...

Daily Bulletin - avatar Daily Bulletin

How Freight Forwarding Simplifies Global Trade Operations

Global trade operations are becoming increasingly complex due to international regulations, customs procedures, and the sheer scale of global logistics. For businesses looking to expand internation...

Daily Bulletin - avatar Daily Bulletin