Time again for another round of Patch Tuesday updates.
This month, things are on the quieter side. Maybe the folks at Microsoft are busy getting kids ready for school, or perhaps this is just the calm before the storm, but whatever the reason, we'll take it. Overall, we have a total of 51 vulnerabilities, seven of which are critical, two of which are publicly disclosed, and one actively exploited.
Some Highlights (or Lowlights)
CVE-2021-26424 - It's probably because I've been watching too many Olympic events lately, but I'm pretty impressed with a 9.9 score. According to Microsoft, this vulnerability is triggerable by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCP/IP packet to its host utilizing the TCP/IP protocol stack to process packets. Keep in mind that this vulnerability is currently unproven; however, at a 9.9 you should probably get working on patching it.
CVE-2021-34535 - Next up on our list of highlights is a vulnerability affecting remote desktops. Something to keep in mind is that this affects RDP clients and no RDP servers. If a victim connects to an attacking server, the attacker could trigger a remote code execution. In Hyper-V environments, a malicious program running in a guest VM could trigger guest-to-host RCE by exploiting this vulnerability in the Hyper-V Viewer.
CVE-2021-36948 - This is currently the only CVE being actively exploited in the bunch. A bug in the Windows Update Medic Service could allow local privilege escalation if exploited. Since the attack vector for this vulnerability is local, the threat isn't as high as it could be. Still, this would be a good one to quickly send out to your test environment as soon as possible.
A Patch a Day Keeps the Doctor Away
With back to school and COVID both ramping up, having a lighter month of updates is definitely appreciated. Hopefully, this can be the trend for a while, because I feel like we were hit pretty hard over the summer. In the world of cybersecurity, good patching habits and a good patching solution are critical. No matter how many CVE's get thrown our way, getting patches quickly deployed is essential to protecting our network environments.
If you find yourself struggling to keep up with patch management and wish you had a solution that would do most of the work for you, then you should definitely check out PDQ Deploy and PDQ Inventory. With scheduling and automation at your fingertips, Patch Tuesday will start to look just like every other Tuesday.
*Highlights Magazine is a trademark of "Highlights For Children. Lowlights Magazine is a dripping satire and should be recognized as such.