Microsoft and Adobe Patch Tuesday (August 2021) – Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities

Anand Paturi

Microsoft Patch Tuesday – August 2021

Microsoft patched 51 vulnerabilities in their August 2021 Patch Tuesday release, and 7 of them are rated as critical severity. Three 0-day vulnerability patches were included in the release.

Critical Microsoft Vulnerabilities Patched

CVE-2021-36942 – Windows LSA Spoofing Vulnerability

An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM. A malicious user can use this attack to take complete control over windows domain Per Microsoft, this vulnerability affects all servers, but domain controllers should be prioritized in terms of applying security updates.

CVE-2021-34481 – Windows Print Spooler Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. This Patch Tuesday Microsoft released security updates to address this vulnerability and should be prioritized.

Three 0-Day Vulnerabilities Patched

  • CVE-2021-36936 – Windows Print Spooler Remote Code Execution Vulnerability
  • CVE-2021-36942 – Windows LSA Spoofing Vulnerability
  • CVE-2021-36948 – Windows Update Medic Service Elevation of Privilege Vulnerability – This has been actively exploited, per Microsoft.

Qualys QIDs Providing Coverage

QIDTitleSeverityCVE ID
110388Microsoft SharePoint Enterprise Server Multiple Vulnerabilities August 2021MediumCVE-2021-36940
110389Microsoft Office and Microsoft Office Services and Web Apps Security Update August 2021  HighCVE-2021-34478, CVE-2021-36941
375798Microsoft Azure CycleCloud Elevation of Privilege Vulnerability August 2021  MediumCVE-2021-33762, CVE-2021-36943, KB3142345
91801Microsoft Dynamics Business Central Cross-Site (XSS) Scripting Vulnerability August 2021  Medium  CVE-2021-36946
91802Microsoft Windows Security Update for August 2021

 
HighCVE-2021-26424, CVE-2021-26425, CVE-2021-26426, CVE-2021-26431, CVE-2021-26432, CVE-2021-26433, CVE-2021-34480, CVE-2021-34483, CVE-2021-34484, CVE-2021-34486, CVE-2021-34487, CVE-2021-34530, CVE-2021-34533, CVE-2021-34534, CVE-2021-34535, CVE-2021-34536, CVE-2021-34537, CVE-2021-36926, CVE-2021-36927, CVE-2021-36932, CVE-2021-36933, CVE-2021-36936, CVE-2021-36937, CVE-2021-36938, CVE-2021-36947, CVE-2021-36948
91803Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability August 2021  HighCVE-2021-36942
91804Microsoft Windows Defender Elevation of Privilege Vulnerability August 2021  MediumCVE-2021-34471
91805Microsoft Windows 10 Update Assistant Elevation of Privilege Vulnerability August 2021  Medium  CVE-2021-36945
91806Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability August 2021  MediumCVE-2021-36949
91774Microsoft .NET Core and ASP.NET Core Security Update for August 2021  HighCVE-2021-26423, CVE-2021-34485, CVE-2021-34532
91809Microsoft Visual Studio Security Update for August 2021  MediumCVE-2021-26423, CVE-2021-34485, CVE-2021-34532

Adobe Patch Tuesday – August 2021

Adobe addressed 29 CVEs this Patch Tuesday impacting Adobe Connect and Magento product. The patches for Magento are labeled as Priority 2, while the remaining patches are set to Priority 3.

Adobe Security BulletinQIDSeverityCVE ID
Adobe Connect Multiple Vulnerabilities (APSB21-66)  730152MediumCVE-2021-36061, CVE-2021-36062, CVE-2021-36063

Discover Patch Tuesday Vulnerabilities in VMDR

Qualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).

You can see all your impacted hosts by these vulnerabilities using the following QQL query:

vulnerabilities.vulnerability:(qid:`91774` OR qid:`91801` OR qid:`91802` OR qid:`91803` OR qid:`91804` OR qid:`91805` OR qid:`91806` OR qid:`91809` OR qid:`375798` OR qid:`110389` OR qid:`110388` OR qid:`730152`)

Respond by Patching

VMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the “Missing” patches to identify and deploy the applicable, available patches in one go.

The following QQL will return the missing patches pertaining to this Patch Tuesday.

(qid:`91774` OR qid:`91801` OR qid:`91802` OR qid:`91803` OR qid:`91804` OR qid:`91805` OR qid:`91806` OR qid:`91809` OR qid:`375798` OR qid:`110389` OR qid:`110388` OR qid:`730152`)

Patch Tuesday Dashboard

The current updated Patch Tuesday dashboards are available in Dashboard Toolbox: 2021 Patch Tuesday Dashboard.

Webinar Series: This Month in Vulnerabilities and Patches

To help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is hosting a monthly webinar series This Month in Vulnerabilities and Patches.

We discuss some of the key vulnerabilities disclosed in the past month and how to patch them:

  • Microsoft Patch Tuesday, August 2021
  • Adobe Patch Tuesday, August 2021

Join us live or watch on demand!

Webinar August 12, 2021 or on demand.

About Patch Tuesday

Patch Tuesday QIDs are published at Security Alerts, typically late in the evening of Patch Tuesday, followed shortly after by PT dashboards.

Show Comments (2)

Comments

Your email address will not be published. Required fields are marked *