Security News
Microsoft has fixed 117 CVEs, 4 of which are actively exploited. "A pair of Windows kernel privilege elevation flaws should also be high on the patch list as they are being actively exploited. These are exactly the type of vulnerabilities in the ransomware attack toolkit, allowing threat actors to boost their user level from user to admin, for greater control over the environment. Admins should keep an eye on existing and new accounts for suspicious activity."
Today is Microsoft's July 2021 Patch Tuesday, and with it comes fixes for nine zero-day vulnerabilities and a total of 117 flaws, so Windows admins will be pulling their hair out as they scramble to get devices patched and secured. Microsoft has fixed 117 vulnerabilities with today's update, with 13 classified as Critical, 1 Moderate, and 103 as Important.
A new emergency directive issued by the Cybersecurity and Infrastructure Security Agency orders federal agencies to mitigate the actively exploited Window Print Spooler vulnerability on their networks. CISA issued the Emergency Directive 21-04 after Microsoft released security updates on Friday to address the vulnerability dubbed PrintNightmare in all supported Windows versions.
SolarWinds has issued an emergency patch after a critical security hole in its Serv-U Managed File Transfer and Serv-U Secure FTP was spotted being exploited in the wild. The vulnerability, discovered by Microsoft's Threat Intelligence Center and Offensive Security Research teams, can be exploited by an attacker to achieve remote code execution, and is present in Serv-U version 15.2.3 HF1 and all prior builds.
How to improve your organization's Active Directory security postureActive Directory, a directory service developed by Microsoft for Windows domain networks, is most organizations' primary store for employee authentication and identity management, and controls which assets / applications / systems a user has access to. This makes Active Directory a valuable target for attackers and spur organizations to improve its security.
Just days after shipping an emergency Windows update to cover a dangerous code execution flaw in the Print Spooler service, Microsoft is investigating a new set of claims that its so-called 'PrintNightmare' patch has not properly fixed the underlying vulnerability. The company followed up with a blog post late Thursday insisting the emergency patch is "Working as designed" and "Effective against the known print spooling exploits."
Updates are available for Windows 7 and Server 2008/2008 R2 if you have an Extended Security Update subscription. Windows 10 21H1, released on May 18 now bundles the servicing stack updates and the latest cumulative updates into a single package.
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to run arbitrary code on infected systems. "Several days ago, two security vulnerabilities were found in Microsoft Windows' existing printing mechanism," Yaniv Balmas, head of cyber research at Check Point, told The Hacker News.
Google on Wednesday announced the availability of the July 2021 security updates for the Android operating system, which include patches for over 40 vulnerabilities. Seventeen of the vulnerabilities were addressed with the 2021-07-01 security patch level.
One of the vulnerabilities in Kaseya's IT management software VSA that was exploited by miscreants to infect up to 1,500 businesses with ransomware was reported to the vendor in April - and the patch just wasn't ready in time. Kaseya pulled the plug on its software-as-a-service offering of VSA, and urged all of its customers to switch off their VSA servers to avoid being hit by the ransomware.