Security News

The US Cybersecurity and Infrastructure Security Agency issued its first alert tagged as "Urgent," warning admins to patch on-premises Microsoft Exchange servers against actively exploited ProxyShell vulnerabilities. "Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207," CISA warned over the weekend.

A second unofficial patch for the Windows PetitPotam NTLM relay attack has been released to fix further issues not addressed by Microsoft's official security update. In July, security researcher GILLES Lionel, aka Topotam, disclosed a new technique called 'PetitPotam' that performs unauthenticated forced authentication on domain controllers using various functions in the MS-EFSRPC API. Microsoft's security update is not complete.

The fix means that only administrators will be able to install print drivers on Windows PCs. Microsoft has finally patched the last in a series of security vulnerabilities in its Windows Print Spooler service that could have allowed attackers to remotely control an affected system and install malicious programs or create new accounts. On Tuesday, the company pushed out its August Patch Tuesday lineup, which included a fix for the Print Spooler Remote Code Execution Vulnerability to address this specific issue.

Siemens and Schneider Electric on Tuesday released 18 security advisories addressing a total of more than 50 vulnerabilities affecting their products. Siemens has released 10 new advisories for the August 2021 Patch Tuesday and they cover a total of 32 vulnerabilities.

Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. Chief among the patched issues is CVE-2021-36948, an elevation of privilege flaw affecting Windows Update Medic Service - a service that enables remediation and protection of Windows Update components - which could be abused to run malicious programs with escalated permissions.

Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. Chief among the patched issues is CVE-2021-36948, an elevation of privilege flaw affecting Windows Update Medic Service - a service that enables remediation and protection of Windows Update components - which could be abused to run malicious programs with escalated permissions.

Microsoft has patched 51 security vulnerabilities in its scheduled August Patch Tuesday update, including seven critical bugs, two issues that were publicly disclosed but unpatched until now, and one that's listed as a zero-day that has been exploited in the wild. "Despite its CVSS rating of 9.9, this may prove to be a trivial bug, but it's still fascinating," said Dustin Childs of Trend Micro's Zero Day Initiative in his Tuesday analysis.

Microsoft today released software updates to plug at least 44 security vulnerabilities in its Windows operating systems and related products. Microsoft said attackers have seized upon CVE-2021-36948, which is a weakness in the Windows Update Medic service.

Now is the winter of our discontent made glorious summer by the fact that it's August and Patch Tuesday brings word of only 44 vulnerabilities in Microsoft's software. There's a bit of selective counting here however, given that Microsoft has been patching Edge's Chromium bugs separately.

The zero-day attacks against Microsoft's software products continue to pile up with a new warning from Redmond about a zero-day attack hitting a security defect in the Windows Update Medic Service. The Windows Update Medic Service is used to repair Windows Update components from damage so that Windows machines can continue to receive software updates.