An enormous July Patch Tuesday — and the continuing print nightmare

This week’s Patch Tuesday launch from Microsoft is a giant one for the Home windows ecosystem; it consists of 117 patches that deal with 4 publicly reported and 4 exploited vulnerabilities. The excellent news: this month’s Microsoft Workplace and improvement platform (Visible Studio) patches are comparatively easy and might be added with minimal threat to your commonplace patch launch schedules, and there are not any browser updates. Alas, we now have a extremely critical printer situation (CVE-2021-34527) that was launched out of bounds (OOB) and has been up to date not less than twice up to now few days. Meaning you must pay quick consideration to the Home windows updates and that you just add all the Home windows desktop patches to your “Patch Now” schedule. 

There have been a number of updates by the week, and we anticipate extra to the print spooler vulnerabilities within the coming days. Sadly, this huge and broad-scoped sequence of patches would require vital testing because of the core system and kernel adjustments they entail. For additional info you may verify the Home windows 10 well being dashboard. You can too discover extra info on the danger of deploying these Patch Tuesday in this infographic.

Key testing eventualities

There are not any reported high-risk adjustments to the Home windows platform. Nonetheless, there’s one reported purposeful change and a further function added this month:

  • Check your printers, with a view to probably stopping all crucial spooler providers.
  • Confirm that printing by way of LOB functions works as anticipated.
  • Check that Phrase and PowerPoint information might be downloaded and opened.
  • Check that scripting, particularly with JavaScript, works as anticipated.

I believe with the 5 kernel updates and a specific give attention to the server patch CVE-2021-34458, this month, ] a full LOB utility check will  be required.

Identified points

Every month, Microsoft features a record of identified points that relate to the working system and platforms included within the newest replace cycle. I’ve referenced just a few key points that relate to the most recent Microsoft builds, together with:

  • Units with Home windows installations created from customized offline media or customized ISO photographs may need Microsoft Edge Legacy eliminated by this replace, however not mechanically changed by the brand new Microsoft Edge. To keep away from this situation, remember to first slipstream the SSU launched March 29, 2021 or later into the customized offline media or ISO picture earlier than slipstreaming the LCU.
  • ESU Updates (Home windows 7 and Server 2008): After putting in this replace and restarting your machine, you would possibly obtain the error “Failure to configure Home windows updates.” Chances are you’ll obtain this discover when you have not activated your ESU MAK add-on key. For extra details about activation, you will discover out extra at this Microsoft weblog submit.

Resolved Points with earlier patches

  • June Replace : After putting in KB5003671 or KB5003681 on Home windows 8.1 or Home windows Server 2012 R2, apps accessing occasion logs on distant gadgets could be unable to attach. This situation would possibly happen if the native or distant has not but put in updates launched June 8, 2021 or later. Affected apps are utilizing sure legacy Occasion Logging APIs. You would possibly obtain an error when making an attempt to attach. Final June, there was a identified situation apparently by design.

Main revisions

At this level in July’s replace cycle, there have been three main updates to earlier launched updates:

  • CVE-2021-31940 and CVE-2021-31941: These revisions to previous updates are informational updates that relate to MAC desktop software program availability. If you’re a Home windows person, no additional motion is required.
  • CVE-2020-17049: Microsoft is releasing safety updates to deploy the enforcement section for this vulnerability. Energetic Listing area controllers at the moment are able to Enforcement mode. At the moment, the PerformTicketSignature registry key settings will probably be ignored and Enforcement mode can’t be overridden. Now you understand.

Mitigations and workarounds

As of now, it doesn’t seem that Microsoft has revealed any mitigations or work-arounds for this July launch.

Every month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:

  • Browsers (Microsoft IE and Edge).
  • Microsoft Home windows (each desktop and server).
  • Microsoft Workplace.
  • Microsoft Alternate.
  • Microsoft Improvement platforms (ASP.NET Core, .NET Core and Chakra Core).
  • Adobe (retired?).

Browsers

Strictly talking, there are not any browser updates for the July Patch Tuesday. Nonetheless, Microsoft launched an replace to its Edge browser final June that addressed two vulnerabilities that would result in elevation-of-privilege eventualities. As these updates have been a part of the Chromium mission, they have been launched on June 24 as a part of the Edge Secure Channel (Model 91.0.864.59). We now have not seen any impression to any Chromium browsers or dependent controls because of these updates.

If you happen to permit automated updates for Microsoft Edge, no additional motion is required at the moment. You possibly can learn extra about these releases on the Microsoft Edge Safety replace web page discovered right here.

Home windows

Earlier than we even begin the dialogue about this month’s Home windows updates, add all of those Home windows updates to your “Patch Now” schedule. It is a huge replace for Microsoft with 90 patches for Home windows desktops alone. 9 of those patches are rated as important — all of which relate to the Distant Desktop function in Home windows.

Sadly, 4 vulnerabilities addressed on this replace have been publicly disclosed (together with CVE-2021-34527) and an additional 4 have been reported as exploited within the wild. Two of those exploited points relate to Home windows kernel elevation-of-privilege eventualities. This makes for a troublesome replace to check, given the urgency of the printer spooler “disaster” and the necessity for fast deployment of those updates. There are going to be issues with this replace.

And, we’re not but completed with Home windows updates for July. In truth, Microsoft simply launched updates to its beforehand up to date patches with CVE-2021-33481 and CVE-2021-34527 receiving main revisions yesterday. You possibly can learn extra in regards to the print spooler issues on the Microsoft safety weblog discovered right here. The present suggestion is to show off the spooler service on your servers. That is sturdy medication for what seems to be a really critical situation.

Add this Home windows replace to your “Patch Now” schedule, and put together for extra pressing updates.

Microsoft Workplace

In contrast to what’s taking place on the desktop and server atmosphere this month, Microsoft Workplace updates seem comparatively benign. Microsoft has launched 10 patches that have an effect on all presently supported variations of Workplace, with 9 rated as essential and one rated as average by Microsoft. These updates have an effect on the same old suspects with Phrase, Excel and Sharepoint safety vulnerabilities resulting in potential spoofing or elevation of privilege points. Add these Microsoft Workplace updates to your commonplace patch schedule.

Microsoft Alternate Server

Whereas we do not see fairly the priority (and urgency) with Microsoft Alternate as we now have seen in previous months, Microsoft has launched six updates rated as essential and a single important rated replace (CVE-2021-34473). This important replace addresses a low complexity, network-based assault that doesn’t require person intervention. And, it is Microsoft’s second try at resolving this vulnerability (the primary strive was in April) that would result in arbitrary code execution on the goal server. Given this concern, we now have added the Microsoft Alternate updates for the month of July to the “Patch Now” schedule.

Microsoft Improvement Platforms

Microsoft has launched 5 updates, all rated as essential to the Microsoft Visible Studio improvement platform. This month additionally features a single GitHub advisory (CVE-2021-33767) that pertains to the Open Enclave SDK. All of those updates ought to have a minimal impression on their respective platforms and might be added to the usual improvement replace regime.

Adobe

Microsoft has not launched any (extra) updates to the Adobe ecosystem this month. Nonetheless, given the essential and pressing nature of the OOB printer updates, all different patches referring to printers and printing must be famous. This month Adobe has launched (APSB21-51) 10 important updates and a further two essential updates to all supported variations of Adobe Reader (Acrobat DC, Reader DC, Reader 2020, Acrobat 2017 and Acrobat 2017). On condition that these patches deal with reported vulnerabilities that embody low-complexity, distant code execution, “no person,” we suggest that you just add these Adobe Reader updates to your “Patch Now” schedule.

I’d additionally like so as to add that this month’s replace, like earlier Flash associated updates will power the removing of Flash from the goal system. Taking this replace will take away Adobe Flash from the machine.

For extra info, see the Replace on Adobe Flash Participant Finish of Assist.

Copyright © 2021 IDG Communications, Inc.

Source Link

Leave a Reply

Your email address will not be published. Required fields are marked *