Security News > 2021 > July > July 2021 Patch Tuesday: Microsoft fixes 4 actively exploited bugs

Microsoft has fixed 117 CVEs, 4 of which are actively exploited.

"A pair of Windows kernel privilege elevation flaws should also be high on the patch list as they are being actively exploited. These are exactly the type of vulnerabilities in the ransomware attack toolkit, allowing threat actors to boost their user level from user to admin, for greater control over the environment. Admins should keep an eye on existing and new accounts for suspicious activity."

Security researcher Omer Tsarfati says that Microsoft's patch may not fully mitigate the issue.

To mark the July 2021 Patch Tuesday, Adobe has addressed 29 CVEs, most of which are critical.

"Since there are only two updated HotNews Notes and two new High Priority Notes, SAP's July Patch Day can be considered a fairly uneventful patch day," Onapsis researcher Thomas Fritsch commented, but warned that a note's CVSS score does not necessarily take into account the worst case scenario.

Intel has released one security advisory on this July 2021 Patch Tuesday: for an escalation of privilege vulnerability in the customer build time configuration for the Intel BIOS Shared SW Architecture Design for Test feature.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/giOv-WVLn0M/