This week’s Patch Tuesday launch from Microsoft is an enormous one for the Home windows ecosystem; it contains 117 patches that deal with 4 publicly reported and 4 exploited vulnerabilities. The excellent news: this month’s Microsoft Workplace and improvement platform (Visible Studio) patches are comparatively simple and will be added with minimal danger to your normal patch launch schedules, and there are not any browser updates. Alas, we now have a very critical printer situation (CVE-2021-34527) that was launched out of bounds (OOB) and has been up to date at the least twice previously few days. Meaning you have to pay fast consideration to the Home windows updates and that you simply add the entire Home windows desktop patches to your “Patch Now” schedule.
There have been a number of updates by the week, and we anticipate extra to the print spooler vulnerabilities within the coming days. Sadly, this massive and broad-scoped sequence of patches would require important testing as a result of core system and kernel modifications they entail. For additional info you’ll be able to test the Home windows 10 well being dashboard. You can even discover extra info on the chance of deploying these Patch Tuesday in this infographic.
Key testing situations
There are not any reported high-risk modifications to the Home windows platform. Nonetheless, there may be one reported useful change and a further characteristic added this month:
- Check your printers, with a view to probably stopping all obligatory spooler providers.
- Confirm that printing through LOB functions works as anticipated.
- Check that Phrase and PowerPoint information will be downloaded and opened.
I believe with the 5 kernel updates and a specific concentrate on the server patch CVE-2021-34458, this month, ] a full LOB software take a look at will be required.
Every month, Microsoft features a record of identified points that relate to the working system and platforms included within the newest replace cycle. I’ve referenced a number of key points that relate to the newest Microsoft builds, together with:
- Units with Home windows installations created from customized offline media or customized ISO photos might need Microsoft Edge Legacy eliminated by this replace, however not mechanically changed by the brand new Microsoft Edge. To keep away from this situation, you should definitely first slipstream the SSU launched March 29, 2021 or later into the customized offline media or ISO picture earlier than slipstreaming the LCU.
- ESU Updates (Home windows 7 and Server 2008): After putting in this replace and restarting your gadget, you would possibly obtain the error “Failure to configure Home windows updates.” It’s possible you’ll obtain this discover you probably have not activated your ESU MAK add-on key. For extra details about activation, yow will discover out extra at this Microsoft weblog put up.
Resolved Points with earlier patches
- June Replace : After putting in KB5003671 or KB5003681 on Home windows 8.1 or Home windows Server 2012 R2, apps accessing occasion logs on distant gadgets may be unable to attach. This situation would possibly happen if the native or distant has not but put in updates launched June 8, 2021 or later. Affected apps are utilizing sure legacy Occasion Logging APIs. You would possibly obtain an error when trying to attach. Final June, there was a identified situation apparently by design.
At this level in July’s replace cycle, there have been three main updates to earlier launched updates:
- CVE-2021-31940 and CVE-2021-31941: These revisions to previous updates are informational updates that relate to MAC desktop software program availability. In case you are a Home windows consumer, no additional motion is required.
- CVE-2020-17049: Microsoft is releasing safety updates to deploy the enforcement part for this vulnerability. Energetic Listing area controllers at the moment are able to Enforcement mode. At the moment, the PerformTicketSignature registry key settings will likely be ignored and Enforcement mode can’t be overridden. Now you recognize.
Mitigations and workarounds
As of now, it doesn’t seem that Microsoft has printed any mitigations or work-arounds for this July launch.
Every month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:
- Browsers (Microsoft IE and Edge).
- Microsoft Home windows (each desktop and server).
- Microsoft Workplace.
- Microsoft Change.
- Microsoft Growth platforms (ASP.NET Core, .NET Core and Chakra Core).
- Adobe (retired?).
Strictly talking, there are not any browser updates for the July Patch Tuesday. Nonetheless, Microsoft launched an replace to its Edge browser final June that addressed two vulnerabilities that might result in elevation-of-privilege situations. As these updates have been a part of the Chromium venture, they have been launched on June 24 as a part of the Edge Secure Channel (Model 91.0.864.59). We’ve got not seen any impression to any Chromium browsers or dependent controls because of these updates.
Should you permit automated updates for Microsoft Edge, no additional motion is required at the moment. You may learn extra about these releases on the Microsoft Edge Safety replace web page discovered right here.
Earlier than we even begin the dialogue about this month’s Home windows updates, add all of those Home windows updates to your “Patch Now” schedule. It is a huge replace for Microsoft with 90 patches for Home windows desktops alone. 9 of those patches are rated as crucial — all of which relate to the Distant Desktop characteristic in Home windows.
Sadly, 4 vulnerabilities addressed on this replace have been publicly disclosed (together with CVE-2021-34527) and an extra 4 have been reported as exploited within the wild. Two of those exploited points relate to Home windows kernel elevation-of-privilege situations. This makes for a tricky replace to check, given the urgency of the printer spooler “disaster” and the necessity for speedy deployment of those updates. There are going to be issues with this replace.
And, we’re not but performed with Home windows updates for July. Actually, Microsoft simply launched updates to its beforehand up to date patches with CVE-2021-33481 and CVE-2021-34527 receiving main revisions yesterday. You may learn extra concerning the print spooler issues on the Microsoft safety weblog discovered right here. The present suggestion is to show off the spooler service on your servers. That is sturdy medication for what seems to be a really critical situation.
Add this Home windows replace to your “Patch Now” schedule, and put together for extra pressing updates.
In contrast to what’s occurring on the desktop and server setting this month, Microsoft Workplace updates seem comparatively benign. Microsoft has launched 10 patches that have an effect on all at present supported variations of Workplace, with 9 rated as vital and one rated as reasonable by Microsoft. These updates have an effect on the standard suspects with Phrase, Excel and Sharepoint safety vulnerabilities resulting in potential spoofing or elevation of privilege points. Add these Microsoft Workplace updates to your normal patch schedule.
Microsoft Change Server
Whereas we do not see fairly the priority (and urgency) with Microsoft Change as we now have seen in previous months, Microsoft has launched six updates rated as vital and a single crucial rated replace (CVE-2021-34473). This crucial replace addresses a low complexity, network-based assault that doesn’t require consumer intervention. And, it is Microsoft’s second try at resolving this vulnerability (the primary strive was in April) that might result in arbitrary code execution on the goal server. Given this concern, we now have added the Microsoft Change updates for the month of July to the “Patch Now” schedule.
Microsoft Growth Platforms
Microsoft has launched 5 updates, all rated as vital to the Microsoft Visible Studio improvement platform. This month additionally features a single GitHub advisory (CVE-2021-33767) that pertains to the Open Enclave SDK. All of those updates ought to have a minimal impression on their respective platforms and will be added to the usual improvement replace regime.
Microsoft has not launched any (further) updates to the Adobe ecosystem this month. Nonetheless, given the vital and pressing nature of the OOB printer updates, all different patches referring to printers and printing ought to be famous. This month Adobe has launched (APSB21-51) 10 crucial updates and a further two vital updates to all supported variations of Adobe Reader (Acrobat DC, Reader DC, Reader 2020, Acrobat 2017 and Acrobat 2017). Provided that these patches tackle reported vulnerabilities that embody low-complexity, distant code execution, “no consumer,” we suggest that you simply add these Adobe Reader updates to your “Patch Now” schedule.
I’d additionally like so as to add that this month’s replace, like earlier Flash associated updates will drive the elimination of Flash from the goal system. Taking this replace will take away Adobe Flash from the machine.
For extra info, see the Replace on Adobe Flash Participant Finish of Help.