For the month of September, Patch Tuesday fixes 60 flaws including two zero days. Microsoft also continues to plug the Nightmare breaches affecting the Windows print spooler.
A light release for Patch Tuesday September 2021 but with two zero days flaws to patch quickly. (Photo Credit: Geralt / ElasticComputerFarm / Pixabay)
At first glance moderate in volume, the September Patch Tuesday is however not to be taken slight. Microsoft fixes 60 flaws ( 86 by integrating Chromium for Edge) in several products: Azure, Edge (Android, Chromium and iOS), Office, SharePoint Server, Windows, Windows DNS and the Windows Subsystem for Linux. Of the fixes, three are rated critical, one is rated moderate, and the others are rated as important.
Administrators will prioritize fixing two zero day vulnerabilities. The first is known as CVE- 2021-40444 . It has a severity level of 8.8 on a scale of 10 and affects Windows Server 2008 to 2019 and Windows 8.1 to 10. The flaw takes advantage of the MSHT rendering engineML (Trident) used by Internet Explorer to open and read Office documents. An attacker can create a malicious office file, send it by email, and if the user clicks on the document, the vulnerability allows the attacker to take control of the PC. "A hacker could create a malicious ActiveX control used in an Office document hosting the browser rendering engine," says Microsoft. Actively exploited, the gap must therefore be filled quickly. The other security hole known as CVE-2021-36968 causes Windows DNS elevation of privilege. “This CVE applies to older versions of Windows,” says Microsoft. It has been published, without being exploited for the moment.
Printnightmare is gradually filling up
The editor also loops the correction of bugs in Windows Print Spooler, known as nom from "Printnightmare. CVE-2021-38667, CVE-2021-38671 and CVE-2021-40447 allowed elevation of privilege. “Researchers continue to find ways to exploit Print Spooler, and we expect research to continue in this area. Only one (CVE-2021-38671) of the three vulnerabilities is considered more likely to be exploited, "Tenable explains in a comment on Patch Tuesday.
Other critical flaws include cites an RCE (remote code execution) in WLAN AutoConfig for Windows (CVE-2021-36965) and Open Management Infrastructure for Linux (CVE-2021-38647). The latter has a severity score of 9.8 and can be used to take control of a machine on the network, without authentication or other verification. In addition, the Redmond firm warns of three vulnerabilities (CVE-2021-36955, CVE-2021-36963, CVE-2021-38633) deemed potentially exploitable in Windows Common Log File System Driver. Granting elevations of privilege, they can be exploited by ransomware actors to gain the highest level of access. Finally, don't forget the Chromium security updates for Edge with no less than 26 fixes.