Patch Tuesday : Microsoft panse 60 failles dont 2 zero days
For the month of September, Patch Tuesday corrects 60 flaws including two zero days. Microsoft also continues to plug the Nightmare breaches affecting the Windows print spooler.
At first glance moderate in volume, the September Patch Tuesday is not to be taken lightly. Microsoft fixes 60 flaws (86 by integrating Chromium for Edge) in several products: Azure, Edge (Android, Chromium and iOS), Office, SharePoint Server, Windows, Windows DNS and the Windows subsystem for Linux. Of the fixes, three are rated critical, one is rated moderate, and the rest are rated important.
As a priority, administrators will need to patch two zero-day vulnerabilities. The first is known as CVE-2021-40444. It has a severity level of 8.8 on a scale of 10 and affects Windows Server 2008 to 2019 and Windows 8.1 to 10. The flaw takes advantage of the MSHTML (Trident) rendering engine used by Internet Explorer to open and read Office documents. . A hacker can create a malicious office file, send it by email, and if the user clicks on the document, the flaw allows the attacker to take control of the PC. “A hacker could create a malicious ActiveX control used in an Office document hosting the browser rendering engine,” says Microsoft. Actively exploited, the gap must therefore be filled quickly. The other security hole known as CVE-2021-36968 causes Windows DNS elevation of privilege. “This CVE applies to older versions of Windows,” says Microsoft. It has been published, without being exploited for the moment.
Printnightmare is gradually being absorbed
The editor also loops fixing bugs in Windows Print Spooler, known as “Printnightmare”. CVE-2021-38667, CVE-2021-38671 and CVE-2021-40447 allowed elevation of privilege. “Researchers continue to find ways to exploit Print Spooler, and we expect research to continue in this area. Only one (CVE-2021-38671) of the three vulnerabilities is considered more likely to be exploited, ”Tenable explains in a comment on Patch Tuesday.
Other critical flaws include RCE (remote code execution) in WLAN AutoConfig for Windows (CVE-2021-36965) and Open Management Infrastructure for Linux (CVE-2021-38647). The latter has a severity score of 9.8 and can be used to take control of a machine on the network, without authentication or other verification. In addition, the Redmond firm warns of three vulnerabilities (CVE-2021-36955, CVE-2021-36963, CVE-2021-38633) deemed potentially exploitable in Windows Common Log File System Driver. Granting elevations of privilege, they can be exploited by ransomware actors to gain the highest level of access. Finally, we must not forget the security updates of Chromium for Edge with no less than 26 fixes.
