August Patch Tuesday 2021 Fixes 44 Vulnerabilities

August Patch Tuesday 2021 Fixes 44 Vulnerabilities Including Weaponized Threat

Microsoft Releases August 2021 Patch Tuesday Fixes

There are 7 Critical and 37 Important fixes in this August Patch Tuesday for Microsoft Windows and Windows components, Office, .NET Core and Visual Studio, Windows Defender, Windows Update and Update Assistant, Azure, and Microsoft Dynamics.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

  1. Windows 7 – 4 Critical and 8 Important vulnerabilities fixed
  2. Windows 2008 R2 – 4 Critical and 9 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “There are a number of extremely serious threats to deal with this month, and although there are less than half the number we have been facing just a couple months ago, it has never been more important to deploy these update to protect your environment.”

Top August 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-36948: Windows Update Medic Service Elevation of Privilege Vulnerability

The vulnerability allows a local user to escalate privileges on the system, due to a boundary error within the Windows Update Medic Service. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.

We are also extremely concerned as this was discovered by Microsoft Security Response Center (MSRC) / Microsoft Threat Intelligence Center which could indicate this would be turned into a ransomware attack.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: Yes
  • Public Aware: No
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-34535: Remote Desktop Client Remote Code Execution Vulnerability

In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.

In the case of Hyper-V, a malicious program running in a guest VM could trigger guest-to-host RCE by exploiting this vulnerability in the Hyper-V Viewer when a victim running on the host connects to the attacking Hyper-V guest.

Microsoft advise this exploit is more likely.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): No

3. CVE-2021-36936: Windows Print Spooler Remote Code Execution Vulnerability

The vulnerability allows a remote attacker to execute arbitrary code on the target system and successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Microsoft advise this exploit is more likely.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.8
  • Weaponised: No
  • Public Aware: Yes
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

CVE Reference Description Vendor Severity CVSS Score Weaponized Public Aware Countermeasure Syxsense Recommended
CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability Critical 8.8 No Yes No Yes
CVE-2021-36942 Windows LSA Spoofing Vulnerability Important 7.5 No Yes No Yes
CVE-2021-34535 Remote Desktop Client Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2021-34480 Scripting Engine Memory Corruption Vulnerability Critical 6.8 No No No Yes
CVE-2021-34530 Windows Graphics Component Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-34534 Windows MSHTML Platform Remote Code Execution Vulnerability Critical 6.8 No No No Yes
CVE-2021-26432 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-26424 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2021-34524 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-34537 Windows Bluetooth Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-36947 Windows Print Spooler Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-26423 .NET Core and Visual Studio Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-34485 .NET Core and Visual Studio Information Disclosure Vulnerability Important 5 No No No
CVE-2021-34532 ASP.NET Core and Visual Studio Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-33762 Azure Cycle Cloud Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-36943 Azure Cycle Cloud Elevation of Privilege Vulnerability Important 4 No No No
CVE-2021-26430 Azure Sphere Denial of Service Vulnerability Important 6 No No No
CVE-2021-26429 Azure Sphere Elevation of Privilege Vulnerability Important 7.7 No No No
CVE-2021-26428 Azure Sphere Information Disclosure Vulnerability Important 4.4 No No No
CVE-2021-36949 Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability Important 7.1 No No No
CVE-2021-36950 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important 5.4 No No No
CVE-2021-36946 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important 5.4 No No No
CVE-2021-34478 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-36940 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-34471 Microsoft Windows Defender Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2021-36941 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34536 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36945 Windows 10 Update Assistant Elevation of Privilege Vulnerability Important 7.3 No No No
CVE-2021-36938 Windows Cryptographic Primitives Library Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-36927 Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26425 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34486 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34487 Windows Event Tracing Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-34533 Windows Graphics Component Font Parsing Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-36937 Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34483 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26431 Windows Recovery Environment Agent Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26433 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-36926 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-36932 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-36933 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-26426 Windows User Account Profile Picture Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-34484 Windows User Profile Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-30590 Chromium: CVE-2021-30590 Heap buffer overflow in Bookmarks High N/A No No No
CVE-2021-30591 Chromium: CVE-2021-30591 Use after free in File System API High N/A No No No
CVE-2021-30592 Chromium: CVE-2021-30592 Out of bounds write in Tab Groups High N/A No No No
CVE-2021-30593 Chromium: CVE-2021-30593 Out of bounds read in Tab Strip High N/A No No No
CVE-2021-30594 Chromium: CVE-2021-30594 Use after free in Page Info UI High N/A No No No
CVE-2021-30596 Chromium: CVE-2021-30596 Incorrect security UI in Navigation Medium N/A No No No
CVE-2021-30597 Chromium: CVE-2021-30597 Use after free in Browser UI Medium N/A No No No

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.