44 flaws fixed through the August 2021 Patch Tuesday release

May 2023 · 7 minute read
patch tuesday 2021 august

As you are well aware by now, every second Tuesday of each month means that we are getting important updates from the Redmond company, as a part of the Patch Tuesday release.

Microsoft provided 44 security fixes for August’s Patch Tuesday, with seven of the vulnerabilities being rated critical. There were also three zero-days included in the batch and the other 37 were rated as important. 

Also important is the fact that thirteen of the patches involved a remote code execution vulnerability while another eight revolved around information disclosure. 

Three zero days errors fixes via the August 2021 Patch Tuesday

The most important patch released in the latest batch addresses the Windows Print Spooler Remote Code Execution vulnerability, which has been a major topic of discussion since it was discovered back in June.

The tech company faced major backlash from the security community for totally messing up the release of patches meant to address the issue. 

The affected tools are .NET Core & Visual Studio, ASP.NET Core & Visual Studio, Azure, Windows Update, Windows Print Spooler Components, Windows Media, Windows Defender, Remote Desktop Client, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Office, Microsoft Office Word, Microsoft Office SharePoint and more.

And since we’ve mentioned that Microsoft also addressed three zero-days vulnerabilities through this update event, here is exactly what they had to deal with:

The Windows Update Medic Service Elevation of Privilege vulnerability is apparently the only one that has been exploited in the wild, according to Microsoft’s report.

One of the security experts, Allan Liska, said CVE-2021-36948 stood out to him because of its similarities to CVE-2020-17070, which was published in November 2020.

Obviously, it is bad that it is being exploited in the wild, but we saw almost the exact same vulnerability in November of 2020 but I can’t find any evidence that that was exploited in the wild. So, I wonder if this is a new focus for threat actors.

Liska later added that CVE-2021-26424 is a major vulnerability because it is a Windows TCP/IP Remote Code Execution vulnerability, that impacts Windows 7 through 10 and Windows Server 2008 through 2019.

While this vulnerability is not listed as publicly disclosed or exploited in the wild, Microsoft did label this as ‘Exploitation More Likely’ meaning that exploitation is relatively trivial. Vulnerabilities in the TCP/IP stack can be tricky. There was a lot of concern earlier this year around CVE-2021-24074, a similar vulnerability, but that has not been exploited in the wild. On the other hand, last year’s CVE-2020-16898, another similar vulnerability, has been exploited in the wild.

Microsoft fixes PrintNightmare and PetitPotam attacks

The LSA spoofing vulnerability is related to an advisory Microsoft sent out late last month about how to protect Windows domain controllers and other Windows servers from the NTLM Relay Attack known as PetitPotam.

The PetitPotam method, which was discovered in July by French researcher Gilles Lionel, takes on the NTLM Relay attack that can coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.

Adobe also released two patches addressing 29 CVEs in Adobe Connect and Magento. This is the smallest number of patches released by Microsoft since December 2019.

This decline is mainly due to resource constraints, considering Microsoft devoted extensive time in July responding to events like PrintNightmare and PetitPotam.

Patch Tuesday August 2021 security updates

This is the complete list of resolved vulnerabilities and released advisories in the August 2021 Patch Tuesday updates.

TagCVE IDCVE TitleSeverity
.NET Core & Visual StudioCVE-2021-34485.NET Core and Visual Studio Information Disclosure VulnerabilityImportant
.NET Core & Visual StudioCVE-2021-26423.NET Core and Visual Studio Denial of Service VulnerabilityImportant
ASP.NET Core & Visual StudioCVE-2021-34532ASP.NET Core and Visual Studio Information Disclosure VulnerabilityImportant
AzureCVE-2021-36943Azure CycleCloud Elevation of Privilege VulnerabilityImportant
AzureCVE-2021-33762Azure CycleCloud Elevation of Privilege VulnerabilityImportant
Azure SphereCVE-2021-26428Azure Sphere Information Disclosure VulnerabilityImportant
Azure SphereCVE-2021-26430Azure Sphere Denial of Service VulnerabilityImportant
Azure SphereCVE-2021-26429Azure Sphere Elevation of Privilege VulnerabilityImportant
Microsoft Azure Active Directory ConnectCVE-2021-36949Microsoft Azure Active Directory Connect Authentication Bypass VulnerabilityImportant
Microsoft DynamicsCVE-2021-36946Microsoft Dynamics Business Central Cross-site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2021-36950Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2021-34524Microsoft Dynamics 365 (on-premises) Remote Code Execution VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2021-30591Chromium: CVE-2021-30591 Use after free in File System APIUnknown
Microsoft Edge (Chromium-based)CVE-2021-30592Chromium: CVE-2021-30592 Out of bounds write in Tab GroupsUnknown
Microsoft Edge (Chromium-based)CVE-2021-30597Chromium: CVE-2021-30597 Use after free in Browser UIUnknown
Microsoft Edge (Chromium-based)CVE-2021-30594Chromium: CVE-2021-30594 Use after free in Page Info UIUnknown
Microsoft Edge (Chromium-based)CVE-2021-30596Chromium: CVE-2021-30596 Incorrect security UI in NavigationUnknown
Microsoft Edge (Chromium-based)CVE-2021-30590Chromium: CVE-2021-30590 Heap buffer overflow in BookmarksUnknown
Microsoft Edge (Chromium-based)CVE-2021-30593Chromium: CVE-2021-30593 Out of bounds read in Tab StripUnknown
Microsoft Graphics ComponentCVE-2021-34530Windows Graphics Component Remote Code Execution VulnerabilityCritical
Microsoft Graphics ComponentCVE-2021-34533Windows Graphics Component Font Parsing Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-34478Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2021-36940Microsoft SharePoint Server Spoofing VulnerabilityImportant
Microsoft Office WordCVE-2021-36941Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft Scripting EngineCVE-2021-34480Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft Windows Codecs LibraryCVE-2021-36937Windows Media MPEG-4 Video Decoder Remote Code Execution VulnerabilityImportant
Remote Desktop ClientCVE-2021-34535Remote Desktop Client Remote Code Execution VulnerabilityCritical
Windows Bluetooth ServiceCVE-2021-34537Windows Bluetooth Driver Elevation of Privilege VulnerabilityImportant
Windows Cryptographic ServicesCVE-2021-36938Windows Cryptographic Primitives Library Information Disclosure VulnerabilityImportant
Windows DefenderCVE-2021-34471Microsoft Windows Defender Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-34486Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-34487Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-26425Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2021-36927Windows Digital TV Tuner device registration application Elevation of Privilege VulnerabilityImportant
Windows MSHTML PlatformCVE-2021-34534Windows MSHTML Platform Remote Code Execution VulnerabilityCritical
Windows NTLMCVE-2021-36942Windows LSA Spoofing VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2021-34483Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2021-36947Windows Print Spooler Remote Code Execution VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2021-36936Windows Print Spooler Remote Code Execution VulnerabilityCritical
Windows Services for NFS ONCRPC XDR DriverCVE-2021-36933Windows Services for NFS ONCRPC XDR Driver Information Disclosure VulnerabilityImportant
Windows Services for NFS ONCRPC XDR DriverCVE-2021-26433Windows Services for NFS ONCRPC XDR Driver Information Disclosure VulnerabilityImportant
Windows Services for NFS ONCRPC XDR DriverCVE-2021-36932Windows Services for NFS ONCRPC XDR Driver Information Disclosure VulnerabilityImportant
Windows Services for NFS ONCRPC XDR DriverCVE-2021-26432Windows Services for NFS ONCRPC XDR Driver Remote Code Execution VulnerabilityCritical
Windows Services for NFS ONCRPC XDR DriverCVE-2021-36926Windows Services for NFS ONCRPC XDR Driver Information Disclosure VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2021-34536Storage Spaces Controller Elevation of Privilege VulnerabilityImportant
Windows TCP/IPCVE-2021-26424Windows TCP/IP Remote Code Execution VulnerabilityCritical
Windows UpdateCVE-2021-36948Windows Update Medic Service Elevation of Privilege VulnerabilityImportant
Windows Update AssistantCVE-2021-36945Windows 10 Update Assistant Elevation of Privilege VulnerabilityImportant
Windows Update AssistantCVE-2021-26431Windows Recovery Environment Agent Elevation of Privilege VulnerabilityImportant
Windows User Profile ServiceCVE-2021-34484Windows User Profile Service Elevation of Privilege VulnerabilityImportant
Windows User Profile ServiceCVE-2021-26426Windows User Account Profile Picture Elevation of Privilege VulnerabilityImportant

Recent security updates from other companies

Other companies that released updates are as follows:

What is your opinion on the recent plan of action that Microsoft turned to? Share your thoughts with us in the comments section below.

ncG1vNJzZmivmaOxsMPSq5ypp6Kpe6S7zGinmqyTnXq1wcSsm5qxXZbCqMHSrWRraGJmfA%3D%3D