Microsoft Releases August 2021 Patch Tuesday Fixes

There are 7 Critical and 37 Important fixes in this August Patch Tuesday for Microsoft Windows and Windows components, Office, .NET Core and Visual Studio, Windows Defender, Windows Update and Update Assistant, Azure, and Microsoft Dynamics.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

1. Windows 7 – 4 Critical and 8 Important vulnerabilities fixed
2. Windows 2008 R2 – 4 Critical and 9 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “There are a number of extremely serious threats to deal with this month, and although there are less than half the number we have been facing just a couple months ago, it has never been more important to deploy these update to protect your environment.”

Top August 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-36948: Windows Update Medic Service Elevation of Privilege Vulnerability

The vulnerability allows a local user to escalate privileges on the system, due to a boundary error within the Windows Update Medic Service. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.

We are also extremely concerned as this was discovered by Microsoft Security Response Center (MSRC) / Microsoft Threat Intelligence Center which could indicate this would be turned into a ransomware attack.

Syxscore

• Vendor Severity: Important
• CVSS: 7.8
• Weaponized: Yes
• Public Aware: No
• Countermeasure: No 

Syxscore Risk Alert

• Attack Vector: Local
• Attack Complexity: Low
• Privileges: Low
• User Interaction: None
• Scope (Jump Point): No

2. CVE-2021-34535: Remote Desktop Client Remote Code Execution Vulnerability

In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.

In the case of Hyper-V, a malicious program running in a guest VM could trigger guest-to-host RCE by exploiting this vulnerability in the Hyper-V Viewer when a victim running on the host connects to the attacking Hyper-V guest.

Microsoft advise this exploit is more likely.

Syxscore

• Vendor Severity: Critical
• CVSS: 8.8
• Weaponized: No
• Public Aware: No
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: None
• User Interaction: Required
• Scope (Jump Point): No

3. CVE-2021-36936: Windows Print Spooler Remote Code Execution Vulnerability

The vulnerability allows a remote attacker to execute arbitrary code on the target system and successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Microsoft advise this exploit is more likely.

Syxscore

• Vendor Severity: Critical
• CVSS: 8.8
• Weaponised: No
• Public Aware: Yes
• Countermeasure: No 

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: Low
• User Interaction: None
• Scope (Jump Point): No

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

CVE Reference	Description	Vendor Severity	CVSS Score	Weaponized	Public Aware	Countermeasure	Syxsense Recommended
CVE-2021-36948	Windows Update Medic Service Elevation of Privilege Vulnerability	Important	7.8	Yes	No	No	Yes
CVE-2021-36936	Windows Print Spooler Remote Code Execution Vulnerability	Critical	8.8	No	Yes	No	Yes
CVE-2021-36942	Windows LSA Spoofing Vulnerability	Important	7.5	No	Yes	No	Yes
CVE-2021-34535	Remote Desktop Client Remote Code Execution Vulnerability	Critical	9.9	No	No	No	Yes
CVE-2021-34480	Scripting Engine Memory Corruption Vulnerability	Critical	6.8	No	No	No	Yes
CVE-2021-34530	Windows Graphics Component Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2021-34534	Windows MSHTML Platform Remote Code Execution Vulnerability	Critical	6.8	No	No	No	Yes
CVE-2021-26432	Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability	Critical	9.8	No	No	No	Yes
CVE-2021-26424	Windows TCP/IP Remote Code Execution Vulnerability	Critical	9.9	No	No	No	Yes
CVE-2021-34524	Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability	Important	8.1	No	No	No	Yes
CVE-2021-34537	Windows Bluetooth Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2021-36947	Windows Print Spooler Remote Code Execution Vulnerability	Important	8.8	No	No	No	Yes
CVE-2021-26423	.NET Core and Visual Studio Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2021-34485	.NET Core and Visual Studio Information Disclosure Vulnerability	Important	5	No	No	No
CVE-2021-34532	ASP.NET Core and Visual Studio Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-33762	Azure Cycle Cloud Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2021-36943	Azure Cycle Cloud Elevation of Privilege Vulnerability	Important	4	No	No	No
CVE-2021-26430	Azure Sphere Denial of Service Vulnerability	Important	6	No	No	No
CVE-2021-26429	Azure Sphere Elevation of Privilege Vulnerability	Important	7.7	No	No	No
CVE-2021-26428	Azure Sphere Information Disclosure Vulnerability	Important	4.4	No	No	No
CVE-2021-36949	Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability	Important	7.1	No	No	No
CVE-2021-36950	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Important	5.4	No	No	No
CVE-2021-36946	Microsoft Dynamics Business Central Cross-site Scripting Vulnerability	Important	5.4	No	No	No
CVE-2021-34478	Microsoft Office Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-36940	Microsoft SharePoint Server Spoofing Vulnerability	Important	7.6	No	No	No
CVE-2021-34471	Microsoft Windows Defender Elevation of Privilege Vulnerability	Important	7.8	No	No	Yes
CVE-2021-36941	Microsoft Word Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-34536	Storage Spaces Controller Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-36945	Windows 10 Update Assistant Elevation of Privilege Vulnerability	Important	7.3	No	No	No
CVE-2021-36938	Windows Cryptographic Primitives Library Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-36927	Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26425	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-34486	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-34487	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2021-34533	Windows Graphics Component Font Parsing Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-36937	Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-34483	Windows Print Spooler Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26431	Windows Recovery Environment Agent Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26433	Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability	Important	7.5	No	No	No
CVE-2021-36926	Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability	Important	7.5	No	No	No
CVE-2021-36932	Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability	Important	7.5	No	No	No
CVE-2021-36933	Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability	Important	7.5	No	No	No
CVE-2021-26426	Windows User Account Profile Picture Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2021-34484	Windows User Profile Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-30590	Chromium: CVE-2021-30590 Heap buffer overflow in Bookmarks	High	N/A	No	No	No
CVE-2021-30591	Chromium: CVE-2021-30591 Use after free in File System API	High	N/A	No	No	No
CVE-2021-30592	Chromium: CVE-2021-30592 Out of bounds write in Tab Groups	High	N/A	No	No	No
CVE-2021-30593	Chromium: CVE-2021-30593 Out of bounds read in Tab Strip	High	N/A	No	No	No
CVE-2021-30594	Chromium: CVE-2021-30594 Use after free in Page Info UI	High	N/A	No	No	No
CVE-2021-30596	Chromium: CVE-2021-30596 Incorrect security UI in Navigation	Medium	N/A	No	No	No
CVE-2021-30597	Chromium: CVE-2021-30597 Use after free in Browser UI	Medium	N/A	No	No	No