With cybersecurity threats on the rise thanks to the pandemic, it is essential to understand the importance of Patch Tuesday releases, and find ways to deploy them to remote endpoints efficiently.
This Patch Tuesday, Microsoft has released fixes for 56 vulnerabilities, among which 11 are classified as Critical, 2 are classified as Moderate, and 43 as Important. Along with these vulnerabilities, Microsoft also released fixes for one actively exploited zero-day and six other publicly-disclosed vulnerabilities this month.
A lineup of significant updates
Microsoft released security updates for:
-
Microsoft Windows
-
Microsoft Edge for Android
-
Microsoft Office
-
Microsoft Dynamics
-
Microsoft Windows Codecs Library
-
Visual Studio
-
.NET Core
Windows Win32k zero-day vulnerability
CVE-2021-1732 is an elevation of privilege vulnerability in the Windows Win32k. This actively-exploited vulnerability allows an attacker or malicious program to elevate their privileges to administrative privileges.
Publicly disclosed vulnerabilities
This month, Microsoft has fixed the below six publicly-disclosed vulnerabilities:
-
CVE-2021-1721 – .NET Core and Visual Studio Denial of Service Vulnerability
-
CVE-2021-1727 – Windows Installer Elevation of Privilege Vulnerability
-
CVE-2021-1733 – Sysinternals PsExec Elevation of Privilege Vulnerability
-
CVE-2021-24098 – Windows Console Driver Denial of Service Vulnerability
-
CVE-2021-24106 – Windows DirectX Information Disclosure Vulnerability
-
CVE-2021-26701 – .NET Core Remote Code Execution Vulnerability
Noteworthy updates
Microsoft has fixed the supply chain vulnerability in Azure Artifactory tracked as CVE-2021-24105. This vulnerability allows malicious users to create public packages that have the same name as packages used by company applications. When these applications are run, they pull the malicious packages and trigger a supply chain attack.
Major companies like Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber have all been affected by this attack.
Shedding some light on this month’s critical updates
Listed below are the 11 Critical vulnerabilities reported in this month’s Patch Tuesday:
Product |
CVE title |
CVE ID |
.NET Core |
.NET Core Remote Code Execution Vulnerability |
|
.NET Core |
.NET Core Remote Code Execution Vulnerability |
|
Microsoft Graphics Component |
Windows Graphics Component Remote Code Execution Vulnerability |
|
Microsoft Windows Codecs Library |
Microsoft Windows Codecs Library Remote Code Execution Vulnerability |
|
Microsoft Windows Codecs Library |
Windows Camera Codec Pack Remote Code Execution Vulnerability |
|
Role: DNS Server |
Windows DNS Server Remote Code Execution Vulnerability |
|
Role: Windows Fax Service |
Windows Fax Service Remote Code Execution Vulnerability |
|
Role: Windows Fax Service |
Windows Fax Service Remote Code Execution Vulnerability |
|
Windows Print Spooler Components |
Windows Local Spooler Remote Code Execution Vulnerability |
|
Windows TCP/IP |
Windows TCP/IP Remote Code Execution Vulnerability |
|
Windows TCP/IP |
Windows TCP/IP Remote Code Execution Vulnerability |
Third-party updates released this month
Coinciding with this month’s Patch Tuesday, Android has released security updates this month. We also have notable security updates from Adobe, Apple, SAP, Cisco, FortiNet and SonicWall.
Sign up for our free webinar on Patch Tuesday updates for a complete breakdown of the security, non-security, and third-party updates released this Patch Tuesday.
Here are a few best practices for remote patch management that you can follow in your organization:
-
Prioritize security updates over non-security and optional updates.
-
Download patches directly to endpoints rather than saving them on your server and distributing them to remote locations.
-
Schedule automation tasks specifically for deploying critical patches for timely updates.
-
Plan to set broad deployment windows so critical updates aren’t missed due to unavoidable hindrances.
-
Allow end users to skip deployments to avoid disrupting their productivity.
-
Ensure the machines under your scope aren’t running any end-of-life OSs or applications.
-
Ensure you use a secure gateway server to establish safe connections between your remote endpoints.
Looking to learn how you can easily implement these best practices using Patch Manager Plus or Desktop Central? Register for our free ManageEngine Patch Tuesday webinar, and watch our experts carry out these best practices in real time. You’ll also gain insights on trending cybersecurity incidents, and our product specialists will be available to clarify any questions you might have.
Happy patching!