This week’s Patch Tuesday launch from Microsoft is a giant one for the Home windows ecosystem; it contains 117 patches that deal with 4 publicly reported and 4 exploited vulnerabilities. The excellent news: this month’s Microsoft Workplace and growth platform (Visible Studio) patches are comparatively easy and may be added with minimal danger to your customary patch launch schedules, and there are not any browser updates. Alas, we’ve got a extremely severe printer challenge (CVE-2021-34527) that was launched out of bounds (OOB) and has been up to date no less than twice previously few days. Which means it’s essential pay quick consideration to the Home windows updates and that you simply add all the Home windows desktop patches to your “Patch Now” schedule.
There have been a number of updates by means of the week, and we anticipate extra to the print spooler vulnerabilities within the coming days. Sadly, this huge and broad-scoped collection of patches would require vital testing because of the core system and kernel modifications they entail. For additional data you possibly can verify the Home windows 10 well being dashboard. You can too discover extra data on the danger of deploying these Patch Tuesday in this infographic.
Key testing eventualities
There are not any reported high-risk modifications to the Home windows platform. Nevertheless, there may be one reported practical change and a further characteristic added this month:
- Check your printers, with a view to doubtlessly stopping all needed spooler providers.
- Confirm that printing through LOB functions works as anticipated.
- Check that Phrase and PowerPoint recordsdata may be downloaded and opened.
I believe with the 5 kernel updates and a specific give attention to the server patch CVE-2021-34458, this month, ] a full LOB utility check will be required.
Every month, Microsoft features a listing of identified points that relate to the working system and platforms included within the newest replace cycle. I’ve referenced just a few key points that relate to the newest Microsoft builds, together with:
- Units with Home windows installations created from customized offline media or customized ISO photos might need Microsoft Edge Legacy eliminated by this replace, however not robotically changed by the brand new Microsoft Edge. To keep away from this challenge, make sure you first slipstream the SSU launched March 29, 2021 or later into the customized offline media or ISO picture earlier than slipstreaming the LCU.
- ESU Updates (Home windows 7 and Server 2008): After putting in this replace and restarting your machine, you may obtain the error “Failure to configure Home windows updates.” It’s possible you’ll obtain this discover in case you have not activated your ESU MAK add-on key. For extra details about activation, yow will discover out extra at this Microsoft weblog submit.
Resolved Points with earlier patches
- June Replace : After putting in KB5003671 or KB5003681 on Home windows 8.1 or Home windows Server 2012 R2, apps accessing occasion logs on distant units is likely to be unable to attach. This challenge may happen if the native or distant has not but put in updates launched June 8, 2021 or later. Affected apps are utilizing sure legacy Occasion Logging APIs. You may obtain an error when making an attempt to attach. Final June, there was a identified challenge apparently by design.
At this level in July’s replace cycle, there have been three main updates to earlier launched updates:
- CVE-2021-31940 and CVE-2021-31941: These revisions to previous updates are informational updates that relate to MAC desktop software program availability. In case you are a Home windows person, no additional motion is required.
- CVE-2020-17049: Microsoft is releasing safety updates to deploy the enforcement section for this vulnerability. Lively Listing area controllers at the moment are able to Enforcement mode. Presently, the PerformTicketSignature registry key settings might be ignored and Enforcement mode can’t be overridden. Now you recognize.
Mitigations and workarounds
As of now, it doesn’t seem that Microsoft has revealed any mitigations or work-arounds for this July launch.
Every month, we break down the replace cycle into product households (as outlined by Microsoft) with the next primary groupings:
- Browsers (Microsoft IE and Edge).
- Microsoft Home windows (each desktop and server).
- Microsoft Workplace.
- Microsoft Trade.
- Microsoft Growth platforms (ASP.NET Core, .NET Core and Chakra Core).
- Adobe (retired?).
Strictly talking, there are not any browser updates for the July Patch Tuesday. Nevertheless, Microsoft launched an replace to its Edge browser final June that addressed two vulnerabilities that would result in elevation-of-privilege eventualities. As these updates had been a part of the Chromium venture, they had been launched on June 24 as a part of the Edge Steady Channel (Model 91.0.864.59). We’ve got not seen any impression to any Chromium browsers or dependent controls because of these updates.
In case you enable automated updates for Microsoft Edge, no additional motion is required presently. You’ll be able to learn extra about these releases on the Microsoft Edge Safety replace web page discovered right here.
Earlier than we even begin the dialogue about this month’s Home windows updates, add all of those Home windows updates to your “Patch Now” schedule. This can be a huge replace for Microsoft with 90 patches for Home windows desktops alone. 9 of those patches are rated as important — all of which relate to the Distant Desktop characteristic in Home windows.
Sadly, 4 vulnerabilities addressed on this replace have been publicly disclosed (together with CVE-2021-34527) and an extra 4 have been reported as exploited within the wild. Two of those exploited points relate to Home windows kernel elevation-of-privilege eventualities. This makes for a troublesome replace to check, given the urgency of the printer spooler “disaster” and the necessity for speedy deployment of those updates. There are going to be issues with this replace.
And, we aren’t but executed with Home windows updates for July. Actually, Microsoft simply launched updates to its beforehand up to date patches with CVE-2021-33481 and CVE-2021-34527 receiving main revisions yesterday. You’ll be able to learn extra in regards to the print spooler issues on the Microsoft safety weblog discovered right here. The present advice is to show off the spooler service on your servers. That is sturdy drugs for what seems to be a really severe challenge.
Add this Home windows replace to your “Patch Now” schedule, and put together for extra pressing updates.
In contrast to what’s occurring on the desktop and server setting this month, Microsoft Workplace updates seem comparatively benign. Microsoft has launched 10 patches that have an effect on all at the moment supported variations of Workplace, with 9 rated as essential and one rated as average by Microsoft. These updates have an effect on the standard suspects with Phrase, Excel and Sharepoint safety vulnerabilities resulting in potential spoofing or elevation of privilege points. Add these Microsoft Workplace updates to your customary patch schedule.
Microsoft Trade Server
Whereas we do not see fairly the priority (and urgency) with Microsoft Trade as we’ve got seen in previous months, Microsoft has launched six updates rated as essential and a single important rated replace (CVE-2021-34473). This important replace addresses a low complexity, network-based assault that doesn’t require person intervention. And, it is Microsoft’s second try at resolving this vulnerability (the primary strive was in April) that would result in arbitrary code execution on the goal server. Given this concern, we’ve got added the Microsoft Trade updates for the month of July to the “Patch Now” schedule.
Microsoft Growth Platforms
Microsoft has launched 5 updates, all rated as essential to the Microsoft Visible Studio growth platform. This month additionally features a single GitHub advisory (CVE-2021-33767) that pertains to the Open Enclave SDK. All of those updates ought to have a minimal impression on their respective platforms and may be added to the usual growth replace regime.
Microsoft has not launched any (further) updates to the Adobe ecosystem this month. Nevertheless, given the essential and pressing nature of the OOB printer updates, all different patches regarding printers and printing ought to be famous. This month Adobe has launched (APSB21-51) 10 important updates and a further two essential updates to all supported variations of Adobe Reader (Acrobat DC, Reader DC, Reader 2020, Acrobat 2017 and Acrobat 2017). On condition that these patches handle reported vulnerabilities that embody low-complexity, distant code execution, “no person,” we suggest that you simply add these Adobe Reader updates to your “Patch Now” schedule.
I might additionally like so as to add that this month’s replace, like earlier Flash associated updates will pressure the removing of Flash from the goal system. Taking this replace will take away Adobe Flash from the machine.
For extra data, see the Replace on Adobe Flash Participant Finish of Assist.
Copyright © 2021 IDG Communications, Inc.