It is once again Patch Tuesday. This one could be interesting as the White Hat Conference Pwn2Own is just wrapping up. Much was found, but luckily, as a White-Hat, everyone is given a shot to patch before the information is released. A lot of new stuff is out there though, so patch soon. This month, 114 exploits are being closed, with 19 listed as critical. Well done, Pwn2Own participants. Many of these are remote code executions, so you might want to start your testing ASAP. Four of these exploits are known, and one is being actively exploited.
*Highlights Magazine is a trademark of "Highlights For Children". Lowlights Magazine is a dripping satire and should be recognized as such.
CVE-2021-28333: I am specifying this critical patch randomly. Many critical patches don’t have unique information. These CVE’s range from 28329 to 28343. They are all remote execution vulnerabilities that attack RPC. Just because they are similar does not mean they are not serious. These alone make patching ASAP your best bet.
CVE-2021-28480: Here, you have a 9.8 rated exploit that impacts Exchange. If you have on-prem Exchange, make sure you are patching. This is a remote code execution that does not require any user interaction. A worm-able Exchange exploit sounds pretty bad. This is the highest-rated CVE this Patch Tuesday, and patching should be a top priority.
CVE-2021-28310: This is the lowest-ranked exploit I plan to highlight, but it is actively being exploited. It requires either having access to the machine or getting someone to run a program where the user can elevate their privileges. With these, your best defense is a well-educated workforce. However, constant vigilance does allow in some human error. So, let’s patch and take that off their shoulders.
This month was always likely to be a bad patch Tuesday if you invite a bunch of White Hats to break into stuff and offer them tens of thousands of dollars to do it. You are going to find some new and interesting exploits. This one was successful and resulted in some fantastic exploits that now need to be collapsed. Now that we covered the "why you should patch", let’s go over the "how". PDQ can help you have your Windows patching on a schedule (that you never have to look at) in less than 15 minutes.
Jordan had spent his life wondering why tasks he didn’t like to do had no options to complete themselves. Eventually he had to make that happen on his own. It turned out that he enjoyed making tasks complete themselves, and PDQ thought that is something he should talk about on the internet while drinking most Thursdays on the PDQ webcast.