[ad_1]
After two comparatively quiet months, July has confirmed to be one other busy month for Microsoft safety bulletins. A complete of 117 bulletins had been issued for varied safety vulnerabilities mounted within the July Patch Tuesday cycle. 13 of those had been rated as Vital, 103 as Essential, and one was categorized as Reasonable. Fifteen had been submitted by way of the Pattern Micro Zero Day Initiative.
PrintNightmare patched out-of-band
Earlier than the second Tuesday hit, nonetheless, system directors had been already busy remediating PrintNightmare. This bug (CVE-2021-34527), which was inadvertently disclosed quickly after June’s Patch Tuesday, allowed for distant code execution on affected machines by way of a bug within the print spooler. This was not resolved till an out-of-band patch was launched over the primary weekend of July. Microsoft blamed later studies of an incomplete patch on insecure settings associated to the Level and Print function, which led to the corporate issuing “clarified steering.” It’s price noting that PrintNightmare is among the 4 vulnerabilities mounted that Microsoft famous as being presently exploited.
Change, DNS Server bugs multiply
Seven of the bulletins issued this month had been within the Change Server. Whereas just one (CVE-2021-34473) was rated as Vital, it seems to be probably problematic: not solely was it publicly disclosed earlier than the patch, however Microsoft additionally categorized it as extra more likely to be exploited for each present and older variations. All because of this it is extremely more likely to be focused for exploitation by varied risk actors. Word, nonetheless, that three of the bulletins cowl vulnerabilities that had been silently patched in April.
Home windows’s DNS Server can also be a fertile supply of potential exploits for this month. Microsoft mounted 9 vulnerabilities on this product, and whereas solely considered one of these is rated Vital (CVE-2021-34494), this specific one might enable for distant code execution at a privileged service stage with out person interplay. Mixed with the inherent significance of DNS servers, this one is price patching shortly.
Different vulnerabilities of observe
Among the many different vulnerabilities, some nonetheless deserve particular consideration. A trio of vulnerabilities within the TCP/IP driver stack might enable for a denial-of-service assault on machines, inflicting them to go offline. Microsoft Defender, Storage Areas, and the SharePoint Server are all parts/purposes which are coated by a number of patches this month.
Pattern Micro Options
A proactive, multilayered method to safety is vital towards threats that exploit vulnerabilities — from the gateway, endpoints, networks, and servers.Word that our options to PrintNightmare are additionally coated in our Data Base particularly, in addition to being listed under.
The Pattern Micro™ Deep Safety™ resolution supplies community safety, system safety, and malware prevention. Mixed with Vulnerability Safety, it may defend person programs from a variety of upcoming threats that may goal vulnerabilities. Each options defend customers from exploits that concentrate on these vulnerabilities by way of the next rule:
1011016 – Recognized DCERPC AddPrinterDriverEx Name Over TCP Protocol (CVE-2021-34527)
1011018 – Recognized DCERPC AddPrinterDriverEx Name Over SMB Protocol (CVE-2021-34527)
1011040 – Microsoft Web Explorer Scripting Engine Reminiscence Corruption Vulnerability (CVE-2021-34448)
TippingPoint® Subsequent-Technology Intrusion Prevention System (NGIPS) is a community site visitors resolution that makes use of complete and contextual consciousness evaluation for superior threats that exploit vulnerabilities.
TippingPoint protects prospects via the next rule:
39940: RPC: Microsoft Home windows AddPrinterDriverEx Request (CVE-2021-34527)
39954: RPC: Microsoft Home windows AsyncEnumPrinterDrivers/AsyncAddPrinterDriver Request (CVE-2021-34527)
39959: HTTP: Microsoft SharePoint Code Execution Vulnerability (CVE-2021-34467)
39997: TCP: Microsoft SharePoint Specific Logon AutoDiscover Request (CVE-2021-34473)
[ad_2]