Security News > 2021 > August > Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability
Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild.
Chief among the patched issues is CVE-2021-36948, an elevation of privilege flaw affecting Windows Update Medic Service - a service that enables remediation and protection of Windows Update components - which could be abused to run malicious programs with escalated permissions.
"An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM," Microsoft said in its advisory for CVE-2021-36942; adding the "Security update blocks the affected API calls OpenEncryptedFileRawA and OpenEncryptedFileRawW through LSARPC interface."
Microsoft has released security updates to resolve a previously disclosed remote code execution in the Print Spooler service tracked as CVE-2021-34481.
Another critical flaw remediated as part of Patch Tuesday updates is CVE-2021-26424, a remote code execution vulnerability in Windows TCP/IP, which Microsoft notes "Is remotely triggerable by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCP/IP packet to its host utilizing the TCP/IP Protocol Stack to process packets."
To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update or by selecting Check for Windows updates.
News URL
Related news
- Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- Microsoft rolls back decision to stop Windows 11 22H2 preview updates (source)
- Microsoft: Windows 11 “invites” coming to more Windows 10 Pro PCs (source)
- Microsoft is killing off the Android apps in Windows 11 feature (source)
- Microsoft says Windows 10 21H2 support is ending in June (source)
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover (source)
- Microsoft again bothers Chrome users with Bing popup ads in Windows (source)
- Microsoft announces deprecation of 1024-bit RSA keys in Windows (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-12 | CVE-2021-36948 | Unspecified vulnerability in Microsoft products Windows Update Medic Service Elevation of Privilege Vulnerability | 7.8 |
2021-08-12 | CVE-2021-36942 | Unspecified vulnerability in Microsoft products Windows LSA Spoofing Vulnerability | 7.5 |
2021-08-12 | CVE-2021-26424 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.9 |
2021-07-16 | CVE-2021-34481 | Improper Privilege Management vulnerability in Microsoft products <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. | 8.8 |