As IT administrators do their best to cope with business continuity plans, it’s imperative that they understand and manage patch updates. With cybersecurity threats on the rise thanks to the pandemic, it is essential to gain a better understanding of the Patch Tuesday releases, and find ways to deploy them to remote endpoints efficiently. Microsoft has released fixes for 83 vulnerabilities this Patch Tuesday, among which 10 are classified as critical and 73 as Important. Along with these vulnerabilities, Microsoft has also released fixes for one zero-day, and one publicly disclosed vulnerability this month. 

A lineup of significant updates 

Microsoft security updates have been released for:

  • Microsoft Windows

  • Microsoft Edge (EdgeHTML-based)

  • Microsoft Office, Microsoft Office Services and Web Apps

  • Microsoft Windows Codecs Library

  • Visual Studio

  • SQL Server

  • Microsoft Malware Protection Engine

  • .NET Core

  • .NET Repository

  • ASP .NET

  • Azure

Microsoft Defender Zero-day vulnerability

CVE-2021-1647 is a remote code execution vulnerability in the Windows Defender. Microsoft has fixed this vulnerability in Microsoft Malware Protection Engine version 1.1.17700.4 and above. Though exploited in the wild, Microsoft says, this exploit is only at its proof-of-concept level, and is not functional.

To prevent further attacks, in its latest updates of Microsoft Malware Protection Engine, Microsoft has released patches that do not require any user interaction, and updates are automatically installed. unless blocked specifically by the system administrators.

Publicly disclosed Windows EoP vulnerability

The Microsoft splwow64 Elevation of Privilege vulnerability, identified as CVE-2021-1648, has been fixed by Microsoft this month. This flaw in the Microsoft splwow64 service was abused to elevate the privileges of an attacker’s code.

Noteworthy updates

Here are a few vulnerabilities that are especially noteworthy:

  • Micropatch released for PSExec: A 0patch released for a remote execution vulnerability in the Sysinternals PSExec utility.

 Shedding some light on this month’s critical updates

 10 Critical vulnerabilities have been reported this Patch Tuesday; those are listed below.

Product

CVE Title

CVE ID

Microsoft DTV-DVD Video Decoder

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1668

Microsoft Edge (HTML-based)

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CVE-2021-1705

Microsoft Graphics Component

GDI+ Remote Code Execution Vulnerability

CVE-2021-1665

Microsoft Malware Protection Engine

Microsoft Defender Remote Code Execution Vulnerability

CVE-2021-1647

Microsoft Windows Codecs Library

HEVC Video Extensions Remote Code Execution Vulnerability

CVE-2021-1643

Windows Remote Procedure Call Runtime

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2021-1666

Windows Remote Procedure Call Runtime

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2021-1673

Windows Remote Procedure Call Runtime

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2021-1658

Windows Remote Procedure Call Runtime

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2021-1667

Windows Remote Procedure Call Runtime

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2021-1660

 

Third-party updates released this month

Coinciding with this month’s Patch Tuesday, Adobe has released security updates for Photoshop, Illustrator, and Animate. We also have notable security updates from Apple, Android, SAP, Intel, Cisco, and VMware.

 

Sign up for our free webinar on Patch Tuesday updates to receive a complete breakdown of the security, non-security, and third-party updates released this Patch Tuesday. 

Keep reading for a few best practices that are ideal in a remote patch management scenario.

  • Prioritize security updates over non-security and optional updates.

  • Download patches directly to endpoints rather than saving them on your server, and distributing them to remote locations.

  • Schedule automation tasks specifically for deploying critical patches for timely updates.

  • Always test the newly incoming patches before deploying them to your endpoints.
  • Plan to set broad deployment windows so critical updates aren’t missed due to unavoidable hindrances.

  • Allow end users to skip deployments to avoid disturbing their productivity.

  • Ensure the machines under your scope aren’t running any end-of-life OSs or applications.

  • Ensure you use a secure gateway server to establish a safe connection between your remote endpoints.

Want to see how you can implement these best practices with ease using Patch Manager Plus or Desktop Central? Register for our free ManageEngine Patch Tuesday webinar, and watch our experts carry out these best practices in real time. You’ll also gain insights on trending cybersecurity incidents, and our product specialists will be available to clarify any questions you might have.

 Happy patching!