Security News > 2021 > August > Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability
Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild.
Chief among the patched issues is CVE-2021-36948, an elevation of privilege flaw affecting Windows Update Medic Service - a service that enables remediation and protection of Windows Update components - which could be abused to run malicious programs with escalated permissions.
"An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM," Microsoft said in its advisory for CVE-2021-36942; adding the "Security update blocks the affected API calls OpenEncryptedFileRawA and OpenEncryptedFileRawW through LSARPC interface."
Microsoft has released security updates to resolve a previously disclosed remote code execution in the Print Spooler service tracked as CVE-2021-34481.
Another critical flaw remediated as part of Patch Tuesday updates is CVE-2021-26424, a remote code execution vulnerability in Windows TCP/IP, which Microsoft notes "Is remotely triggerable by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCP/IP packet to its host utilizing the TCP/IP Protocol Stack to process packets."
To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update or by selecting Check for Windows updates.
News URL
Related news
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Microsoft: Windows Recall now can be removed, is more secure (source)
- Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2021-36948 | Unspecified vulnerability in Microsoft products Windows Update Medic Service Elevation of Privilege Vulnerability | 7.8 |
| 2021-08-12 | CVE-2021-36942 | Unspecified vulnerability in Microsoft products Windows LSA Spoofing Vulnerability | 7.5 |
| 2021-08-12 | CVE-2021-26424 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.9 |
| 2021-07-16 | CVE-2021-34481 | Improper Privilege Management vulnerability in Microsoft products <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. | 8.8 |