Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
qualysblogAnand PaturiQUALYSBLOG:0F0ACCA731E84F3B1067935E483FC950
HistoryAug 10, 2021 - 7:58 p.m.

Microsoft and Adobe Patch Tuesday (August 2021) – Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities

2021-08-1019:58:49
Anand Paturi
blog.qualys.com
90

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

JSON

Microsoft Patch Tuesday – August 2021

Microsoft patched 51 vulnerabilities in their August 2021 Patch Tuesday release, and 7 of them are rated as critical severity. Three 0-day vulnerability patches were included in the release.

Critical Microsoft Vulnerabilities Patched

CVE-2021-36942 - Windows LSA Spoofing Vulnerability

An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM. A malicious user can use this attack to take complete control over windows domain Per Microsoft, this vulnerability affects all servers, but domain controllers should be prioritized in terms of applying security updates.

CVE-2021-34481 – Windows Print Spooler Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. This Patch Tuesday Microsoft released security updates to address this vulnerability and should be prioritized.

Three 0-Day Vulnerabilities Patched

  • CVE-2021-36936 - Windows Print Spooler Remote Code Execution Vulnerability
  • CVE-2021-36942 - Windows LSA Spoofing Vulnerability
  • CVE-2021-36948 - Windows Update Medic Service Elevation of Privilege Vulnerability - This has been actively exploited, per Microsoft.

Qualys QIDs Providing Coverage

QID Title Severity CVE ID
110388 Microsoft SharePoint Enterprise Server Multiple Vulnerabilities August 2021 Medium CVE-2021-36940
110389 Microsoft Office and Microsoft Office Services and Web Apps Security Update August 2021 High CVE-2021-34478, CVE-2021-36941
375798 Microsoft Azure CycleCloud Elevation of Privilege Vulnerability August 2021 Medium CVE-2021-33762, CVE-2021-36943, KB3142345
91801 Microsoft Dynamics Business Central Cross-Site (XSS) Scripting Vulnerability August 2021 Medium CVE-2021-36946
91802 Microsoft Windows Security Update for August 2021

| High| CVE-2021-26424, CVE-2021-26425, CVE-2021-26426, CVE-2021-26431, CVE-2021-26432, CVE-2021-26433, CVE-2021-34480, CVE-2021-34483, CVE-2021-34484, CVE-2021-34486, CVE-2021-34487, CVE-2021-34530, CVE-2021-34533, CVE-2021-34534, CVE-2021-34535, CVE-2021-34536, CVE-2021-34537, CVE-2021-36926, CVE-2021-36927, CVE-2021-36932, CVE-2021-36933, CVE-2021-36936, CVE-2021-36937, CVE-2021-36938, CVE-2021-36947, CVE-2021-36948
91803| Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability August 2021 | High| CVE-2021-36942
91804| Microsoft Windows Defender Elevation of Privilege Vulnerability August 2021 | Medium| CVE-2021-34471
91805| Microsoft Windows 10 Update Assistant Elevation of Privilege Vulnerability August 2021 | Medium | CVE-2021-36945
91806| Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability August 2021 | Medium| CVE-2021-36949
91774| Microsoft .NET Core and ASP.NET Core Security Update for August 2021 | High| CVE-2021-26423, CVE-2021-34485, CVE-2021-34532
91809| Microsoft Visual Studio Security Update for August 2021 | Medium| CVE-2021-26423, CVE-2021-34485, CVE-2021-34532

Adobe Patch Tuesday – August 2021

Adobe addressed 29 CVEs this Patch Tuesday impacting Adobe Connect and Magento product. The patches for Magento are labeled as Priority 2, while the remaining patches are set to Priority 3.

Adobe Security Bulletin QID Severity CVE ID
Adobe Connect Multiple Vulnerabilities (APSB21-66) 730152 Medium CVE-2021-36061, CVE-2021-36062, CVE-2021-36063

Discover Patch Tuesday Vulnerabilities in VMDR

Qualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).

You can see all your impacted hosts by these vulnerabilities using the following QQL query:

vulnerabilities.vulnerability:(qid:91774 OR qid:91801 OR qid:91802 OR qid:91803 OR qid:91804 OR qid:91805 OR qid:91806 OR qid:91809 OR qid:375798 OR qid:110389 OR qid:110388 OR qid:730152)

Respond by Patching

VMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the “Missing” patches to identify and deploy the applicable, available patches in one go.

The following QQL will return the missing patches pertaining to this Patch Tuesday.

(qid:91774 OR qid:91801 OR qid:91802 OR qid:91803 OR qid:91804 OR qid:91805 OR qid:91806 OR qid:91809 OR qid:375798 OR qid:110389 OR qid:110388 OR qid:730152)

Patch Tuesday Dashboard

The current updated Patch Tuesday dashboards are available in Dashboard Toolbox: 2021 Patch Tuesday Dashboard.

Webinar Series: This Month in Vulnerabilities and Patches

To help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is hosting a monthly webinar series This Month in Vulnerabilities and Patches.

We discuss some of the key vulnerabilities disclosed in the past month and how to patch them:

  • Microsoft Patch Tuesday, August 2021
  • Adobe Patch Tuesday, August 2021

Join us live or watch on demand!

Webinar August 12, 2021 or on demand.

About Patch Tuesday

Patch Tuesday QIDs are published at Security Alerts, typically late in the evening of Patch Tuesday, followed shortly after by PT dashboards.

Related

kaspersky 6
nessus 36
openvas 11
mskb 16
rapid7blog 2
hivepro 1
avleonov 1
thn 2
threatpost 1
krebs 1
malwarebytes 1
adobe 1
attackerkb 2
oraclelinux 2
rocky 2
almalinux 2
redhat 4
altlinux 10
mscve 20
prion 28
githubexploit 2
cve 29
cnvd 4
zdi 4
cisa_kev 2
veracode 1
osv 4
checkpoint_advisories 2
cisa 1
qualysblog 1
kaspersky
kaspersky
KLA12259 Multiple vulnerabilities in Microsoft Windows
2021-08-10 00:00:00
KLA12250 Multiple vulnerabilities in Microsoft Products (ESU)
2021-08-10 00:00:00
KLA12255 Multiple vulnerabilities in Microsoft Office
2021-08-10 00:00:00
nessus
nessus
KB5005031: Windows 10 Version 1909 Security Update (August 2021)
2021-08-10 00:00:00
KB5005040: Windows 10 version 1507 LTS Security Update (August 2021)
2021-08-10 00:00:00
KB5005030: Windows 10 Version 1809 and Windows Server 2019 Security Update (August 2021)
2021-08-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5005030)
2021-08-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5005033)
2021-08-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5005040)
2021-08-11 00:00:00
mskb
mskb
August 10, 2021—KB5005076 (Monthly Rollup)
2021-08-10 07:00:00
August 10, 2021—KB5005040 (OS Build 10240.19022) - EXPIRED
2021-08-10 07:00:00
August 10, 2021—KB5005043 (OS Build 14393.4583) - EXPIRED
2021-08-10 07:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2021
2021-08-11 03:19:33
PetitPotam: Novel Attack Chain Can Fully Compromise Windows Domains Running AD CS
2021-08-03 20:13:50
hivepro
hivepro
Critical Vulnerabilities revealed in Microsoft’s Patch Tuesday
2021-08-11 13:25:48
avleonov
avleonov
Security News: Microsoft Patch Tuesday August 2021, Phishers Started Using reCAPTCHA, Scan 1 IP and Go to Jail
2021-08-19 21:38:46
thn
thn
Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability
2021-08-11 05:31:00
Ransomware Gangs Exploiting Windows Print Spooler Vulnerabilities
2021-08-13 08:29:00
threatpost
threatpost
Actively Exploited Windows Zero-Day Gets a Patch
2021-08-10 21:17:58
krebs
krebs
Microsoft Patch Tuesday, August 2021 Edition
2021-08-10 21:12:58
malwarebytes
malwarebytes
PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday
2021-08-11 12:16:17
adobe
adobe
APSB21-66 Security update available for Adobe Connect
2021-08-10 00:00:00
attackerkb
attackerkb
CVE-2021-34487
2021-08-12 00:00:00
CVE-2021-34486
2021-08-12 00:00:00
oraclelinux
oraclelinux
.NET Core 3.1 security and bugfix update
2021-08-13 00:00:00
.NET 5.0 security and bugfix update
2021-08-13 00:00:00
rocky
rocky
.NET 5.0 security and bugfix update
2021-08-12 21:05:09
.NET Core 3.1 security and bugfix update
2021-08-12 20:59:59
almalinux
almalinux
Important: .NET Core 3.1 security and bugfix update
2021-08-11 18:21:49
Important: .NET 5.0 security and bugfix update
2021-08-12 06:29:43
redhat
redhat
(RHSA-2021:3142) Important: .NET Core 3.1 security and bugfix update
2021-08-11 18:21:49
(RHSA-2021:3143) Important: .NET Core 3.1 on RHEL 7 security and bugfix update
2021-08-11 18:24:19
(RHSA-2021:3148) Important: .NET 5.0 security and bugfix update
2021-08-12 06:29:43
altlinux
altlinux
Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.22-alt1
2022-02-21 00:00:00
Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 3.1.22-alt1
2022-03-22 00:00:00
Security fix for the ALT Linux 9 package dotnet-coreclr-3.1 version 3.1.22-alt1
2022-03-22 00:00:00
mscve
mscve
Azure CycleCloud Elevation of Privilege Vulnerability
2021-08-10 07:00:00
Microsoft SharePoint Server Spoofing Vulnerability
2021-08-10 07:00:00
Windows 10 Update Assistant Elevation of Privilege Vulnerability
2021-08-10 07:00:00
prion
prion
Authentication flaw
2021-08-12 18:15:00
Privilege escalation
2021-08-12 18:15:00
Privilege escalation
2021-08-12 18:15:00
githubexploit
githubexploit
Exploit for Improper Authentication in Microsoft
2021-08-14 21:05:30
Exploit for Use After Free in Microsoft
2021-10-12 03:50:44
cve
cve
CVE-2021-36063
2021-09-01 15:15:00
CVE-2021-36941
2021-08-12 18:15:00
CVE-2021-36061
2021-09-01 15:15:00
cnvd
cnvd
Adobe Connect Reflective Cross-Site Scripting Vulnerability (CNVD-2021-74112)
2021-08-11 00:00:00
Adobe Connect security feature bypass vulnerability
2021-08-11 00:00:00
Adobe Connect Reflected Cross-Site Scripting Vulnerability
2021-08-11 00:00:00
zdi
zdi
Microsoft Windows Update Assistant Incorrect Permission Assignment Privilege Escalation Vulnerability
2021-08-11 00:00:00
Microsoft Windows Lock Screen Improper Access Control Authentication Bypass Vulnerability
2021-09-02 00:00:00
Microsoft Windows Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability
2021-08-11 00:00:00
cisa_kev
cisa_kev
Microsoft Windows Event Tracing Privilege Escalation Vulnerability
2022-03-28 00:00:00
Microsoft Windows Update Medic Service Privilege Escalation Vulnerability
2021-11-03 00:00:00
veracode
veracode
Information Disclosure
2021-08-26 05:02:39
osv
osv
BIT-aspnet-core-2021-34532
2024-03-06 10:53:27
ASP.NET Core Information Disclosure Vulnerability
2021-08-25 14:45:28
CVE-2021-34532
2021-08-12 18:15:09
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Services for NFS ONCRPC XDR Driver Remote Code Execution (CVE-2021-26432)
2021-08-10 00:00:00
Microsoft Remote Desktop Client Remote Code Execution (CVE-2021-34535)
2021-08-10 00:00:00
cisa
cisa
Microsoft Releases August 2021 Security Updates
2021-08-10 00:00:00
qualysblog
qualysblog
Introducing Qualys VMDR 2.0
2022-06-06 12:55:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for QUALYSBLOG:0F0ACCA731E84F3B1067935E483FC950
kaspersky6nessus36openvas11mskb16rapid7blog2hivepro1avleonov1thn2threatpost1krebs1malwarebytes1adobe1attackerkb2oraclelinux2rocky2almalinux2redhat4altlinux10mscve20prion28githubexploit2cve29cnvd4zdi4cisa_kev2veracode1osv4checkpoint_advisories2cisa1qualysblog1