Security News > 2021 > August > Actively Exploited Windows Zero-Day Gets a Patch
Microsoft has patched 51 security vulnerabilities in its scheduled August Patch Tuesday update, including seven critical bugs, two issues that were publicly disclosed but unpatched until now, and one that's listed as a zero-day that has been exploited in the wild.
"Despite its CVSS rating of 9.9, this may prove to be a trivial bug, but it's still fascinating," said Dustin Childs of Trend Micro's Zero Day Initiative in his Tuesday analysis.
The next bug, CVE-2021-26432 in Windows Services, is more likely to be exploited given its low complexity status, according to Microsoft's advisory; it doesn't require privileges or user interaction to exploit, but Microsoft offered no further details.
The bug affects many Windows 10 versions as well as Windows Server 2016 and 2019.
The final critical bug is CVE-2021-36936, a Windows Print Spooler RCE bug that's listed as publicly known.
The actively exploited bug is tracked as CVE-2021-36948 and is rated as important; it could pave the way for RCE via the Windows Update Medic Service in Windows 10 and Server 2019 and newer operating systems.
News URL
https://threatpost.com/exploited-windows-zero-day-patch/168539/
Related news
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- April's Patch Tuesday leaves unlucky Windows Hello users unable to login (source)
- Emergency patch for potential SAP zero-day that could grant full system control (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization (source)
- Play ransomware exploited Windows logging flaw in zero-day attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2021-36948 | Unspecified vulnerability in Microsoft products Windows Update Medic Service Elevation of Privilege Vulnerability | 0.0 |
| 2021-08-12 | CVE-2021-36936 | Unspecified vulnerability in Microsoft products Windows Print Spooler Remote Code Execution Vulnerability | 0.0 |
| 2021-08-12 | CVE-2021-26432 | Unspecified vulnerability in Microsoft products Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability | 0.0 |