[MART] - Daily Diary #323 - Microsoft - August 2021 Patch Tuesday

CTAS-MAT ctas-mat at appgate.com
Tue Aug 10 21:00:41 UTC 2021

I hope everyone is doing well!

Below is the entry for today.

08/10/2021 - Diary entry #323

Today Microsoft released the August 2021 Patch Tuesday, containing the fixes for 44 vulnerabilities in Windows, plus 7 others in Microsoft Edge. From those, seven are classified as critical and 37 as important.

This patch is extremely important, as it fixes PrintSpooler vulnerabilities required by PrintNightmare exploit. Covered in our Daily Diaries #295, #296 and #300, PrintNightmare is an exploit that was publicly released on Github by accident. It abuses vulnerabilities in PrintSpooler, windows printing service, to escalate privilege up to system, and, in a few architectures, it can also be used to achieve Remote Code Execution. After the patch, Windows now requires users to have administrative privileges to install print drivers using the Point and Print Windows feature.

This patch also fixes CVE-2021-36942, used in PetitPotam attack that allows an attacker to take over a Windows domain, and CVE-2021-36948, a Privilege Escalation Vulnerability that was found being exploited in the wild. As usual, we highly recommend anyone using Microsoft's products to verify if the latest update was already applied, as it fixes all the bugs we mentioned and more.

Kind Regards,


[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>

Felipe Duarte Domingues
Security Researcher

E: felipe.duarte at appgate.com<mailto:felipe.duarte at appgate.com>
O: +55 19 98840 2509

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/mart/attachments/20210810/3b2af676/attachment.htm>

More information about the MART mailing list