You are currently viewing Microsoft July 2021 Patch Tuesday Addresses 117 CVEs Including 9 Zero-Days

Microsoft July 2021 Patch Tuesday Addresses 117 CVEs Including 9 Zero-Days

Microsoft has released July Patch Tuesday security updates with a total of 117 vulnerabilities in the family of Windows, Mac, and Android operating systems and related products. In the release by Microsoft, 13 were rated as Critical, 1 as moderate, and 103 as Important. The products covered in the July security update include Microsoft Exchange Server, Microsoft Office, Microsoft SharePoint Server, Microsoft Bing, OpenEnclave, etc.

Microsoft has also released patches for nine zero-day vulnerabilities. Five among these are publicly disclosed, and Four are actively exploited.


Zero-day vulnerabilities

CVE-2021-34523Microsoft Exchange Server Elevation of Privilege Vulnerability. According to Microsoft, it has less chance of exploitation since the attacker would need to have already established a presence on the vulnerable Exchange Server before trying to exploit. It is the highest-rated zero-day EoP this time for Exchange Server and has a CVSSv3 score of 9.0.

CVE-2021-34473Microsoft Exchange Server Remote Code Execution Vulnerability. According to Microsoft, it has a high chance of exploitation and has a CVSSv3 score of 9.1. It is the highest-rated zero-day RCE this time for Exchange Server. According to Microsoft, even though it is patched as part of the April 2021 Patch Tuesday release, CVE was accidentally removed from the security update guide.

CVE-2021-33779Windows Active Directory Federation Services bypass vulnerability. The vulnerability is publicly disclosed but not exploited yet. This security feature bypass vulnerability is rated as important.

CVE-2021-33781Windows Active Directory Security Feature Bypass Vulnerability. It is less likely to be exploited, as per Microsoft. This publicly disclosed vulnerability is not exploited yet, and it is rated as important. It allows remote attackers to bypass authentication and gain elevated privileges on the target system.

CVE-2021-34527Windows Print Spooler Remote Code Execution Vulnerability.Vulnerability. The vulnerability is publicly disclosed and actively exploited in the wild. The flaw is an elevation of privilege vulnerability in the ‘RpcAddPrinterDriverEx’ function in the Windows Print Spooler service. It allows attackers to run arbitrary code with SYSTEM privilege that further allows the attackers to install arbitrary programs and cause unauthorized disclosure. The vulnerability dubbed as PrintNightmare is rated as critical.

CVE-2021-33771Windows Kernel Elevation of Privilege Vulnerability. The vulnerability is being exploited in the wild but was not publicly disclosed. It is rated as important. The vulnerability is due to an improper boundary check, and it allows local attackers to execute arbitrary code on the system with elevated privileges.

CVE-2021-34448Microsoft Scripting Engine Memory Corruption Vulnerability. The vulnerability is being exploited in the wild but was not publicly disclosed. The flaw is due to an improper boundary check when the Microsoft scripting engine process the HTML content. It allows remote attackers to execute arbitrary code on the target system.

CVE-2021-31979Microsoft Windows Kernel Privilege Escalation Vulnerability. The vulnerability is being exploited in the wild but was not publicly disclosed. The flaw is due to an improper boundary check in Windows Kernel. It allows attackers to execute arbitrary code on the system with elevated privileges.

CVE-2021-34492Microsoft Windows Certificate Spoofing Vulnerability. The flaw exists because Windows Certificate not handling user-supplied data properly. The vulnerability is rated as important. It allows remote attackers to spoof page content.

The actively exploited flaws among these zero-days consist of privilege escalation Vulnerabilities in Windows Kernel, memory corruption vulnerability in Microsoft Scripting Engine, and remote code execution vulnerability in Print Spooler.

Microsoft has also fixed critical vulnerabilities in Dynamics Business Central Control, Microsoft Windows Codecs Library, Microsoft Windows Media Foundation, DNS Server, Hyper-V, Windows Kernel, Windows MSHTML Platform.


Microsoft security bulletin summary for July 2021

  • Microsoft Exchange Server
  • Microsoft Office
  • Microsoft Office SharePoint
  • Microsoft Windows
  • OpenEnclave
  • Visual Studio Code
  • Windows Defender
  • Microsoft Windows Media Foundation
  • Microsoft Bing

Product: Microsoft Windows
CVEs/Advisory: CVE-2021-31183, CVE-2021-31961, CVE-2021-31979, CVE-2021-33740, CVE-2021-33743, CVE-2021-33744, CVE-2021-33745, CVE-2021-33746, CVE-2021-33749, CVE-2021-33750, CVE-2021-33751, CVE-2021-33752, CVE-2021-33754, CVE-2021-33755, CVE-2021-33756, CVE-2021-33757, CVE-2021-33758, CVE-2021-33759, CVE-2021-33761, CVE-2021-33763, CVE-2021-33764, CVE-2021-33765, CVE-2021-33771, CVE-2021-33773, CVE-2021-33774, CVE-2021-33779, CVE-2021-33780, CVE-2021-33781, CVE-2021-33782, CVE-2021-33783, CVE-2021-33784, CVE-2021-33785, CVE-2021-33786, CVE-2021-33788, CVE-2021-34438, CVE-2021-34439, CVE-2021-34440, CVE-2021-34441, CVE-2021-34442, CVE-2021-34444, CVE-2021-34445, CVE-2021-34446, CVE-2021-34447, CVE-2021-34448, CVE-2021-34449, CVE-2021-34450, CVE-2021-34454, CVE-2021-34455, CVE-2021-34456, CVE-2021-34457, CVE-2021-34458, CVE-2021-34459, CVE-2021-34460, CVE-2021-34462, CVE-2021-34466, CVE-2021-34476, CVE-2021-34488, CVE-2021-34489, CVE-2021-34490, CVE-2021-34491, CVE-2021-34492, CVE-2021-34493, CVE-2021-34494, CVE-2021-34496, CVE-2021-34497, CVE-2021-34498, CVE-2021-34499, CVE-2021-34500, CVE-2021-34503, CVE-2021-34504, CVE-2021-34507, CVE-2021-34508, CVE-2021-34509, CVE-2021-34510, CVE-2021-34511, CVE-2021-34512, CVE-2021-34514, CVE-2021-34516, CVE-2021-34525, CVE-2021-34527
Impact: Remote Code Execution, Elevation of Privilege, Denial of Service, Security Feature Bypass, Spoofing, Information Disclosure
Severity: Critical, Important, Low
KBs: 5004233, 5004238, 5004244, 5004249, 5004285, 5004294, 5004298, 5004302, 5004947, 5004948, 5004950, 5004954, 5004956, 5004958, 5004960


Product: Microsoft Office
CVEs/Advisory: CVE-2021-34451, CVE-2021-34452, CVE-2021-34467, CVE-2021-34468, CVE-2021-34469, CVE-2021-34501, CVE-2021-34517, CVE-2021-34518, CVE-2021-34519, CVE-2021-34520
Impact: Remote Code Execution, Spoofing, Security Feature Bypass, Information Disclosure
Severity: Important, Moderate
KBs: 5001949, 5001973, 5001975, 5001976, 5001977, 5001979, 5001981, 5001983, 5001984, 5001986, 5001992, 5001993, 5001996


Product: Microsoft Office SharePoint
CVEs/Advisory: CVE-2021-34467, CVE-2021-34468, CVE-2021-34517, CVE-2021-34519, CVE-2021-34520
Impact: Remote Code Execution, Information Disclosure, Spoofing
Severity: Important, Moderate
KBs:5001975, 5001976, 5001981, 5001984, 5001992, 5001996


Product: Open Enclave SDK
CVEs/Advisory: CVE-2021-33767
Impact: Elevation of Privilege
Severity: Important


Product: Microsoft Visual Studio Code
CVEs/Advisory: CVE-2021-34479, CVE-2021-34529, CVE-2021-34528
Impact: Spoofing, Remote Code Execution
Severity: Important


Product: Microsoft Bing Search for Android
CVEs/Advisory: CVE-2021-33753
Impact: Spoofing
Severity: Important


Product: Microsoft Exchange Server
CVEs/Advisory: CVE-2021-31196, CVE-2021-31206, CVE-2021-33766, CVE-2021-33768, CVE-2021-34470, CVE-2021-34473, CVE-2021-34523
Impact: Remote Code Execution, Information Disclosure, Elevation of Privilege
Severity: Critical, Important
KBs: 5001779, 5003611, 5003612, 5004778, 5004779, 5004780


SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments