This week’s Patch Tuesday launch from Microsoft is an enormous one for the Windows ecosystem; it consists of 117 patches that deal with 4 publicly reported and 4 exploited vulnerabilities. The excellent news: this month’s Microsoft Office and improvement platform (Visual Studio) patches are comparatively simple and could be added with minimal threat to your normal patch launch schedules, and there are not any browser updates. Alas, we’ve got a extremely severe printer subject (CVE-2021-34527) that was launched out of bounds (OOB) and has been up to date at the very least twice up to now few days. That means you should pay instant consideration to the Windows updates and that you simply add the entire Windows desktop patches to your “Patch Now” schedule. There had been a number of updates by the week, and we anticipate extra to the print spooler vulnerabilities within the coming days. Unfortunately, this massive and broad-scoped collection of patches would require vital testing as a result of core system and kernel adjustments they entail. For additional data you may test the Windows 10 well being dashboard. You can even discover extra data on the danger of deploying these Patch Tuesday in this infographic.Key testing situationsThere are not any reported high-risk adjustments to the Windows platform. However, there’s one reported practical change and a further characteristic added this month:Test your printers, with a view to probably stopping all crucial spooler companies.
Verify that printing through LOB functions works as anticipated.
Test that Word and PowerPoint recordsdata could be downloaded and opened.
I feel with the 5 kernel updates and a selected deal with the server patch CVE-2021-34458, this month, ] a full LOB utility take a look at will be required.Known pointsEach month, Microsoft features a record of recognized points that relate to the working system and platforms included within the newest replace cycle. I’ve referenced just a few key points that relate to the newest Microsoft builds, together with:Devices with Windows installations created from customized offline media or customized ISO photographs might need Microsoft Edge Legacy eliminated by this replace, however not mechanically changed by the brand new Microsoft Edge. To keep away from this subject, make sure you first slipstream the SSU launched March 29, 2021 or later into the customized offline media or ISO picture earlier than slipstreaming the LCU.
ESU Updates (Windows 7 and Server 2008): After putting in this replace and restarting your machine, you would possibly obtain the error “Failure to configure Windows updates.” You might obtain this discover in case you have not activated your ESU MAK add-on key. For extra details about activation, you’ll find out extra at this Microsoft weblog put up.
Resolved Issues with earlier patchesJune Update : After putting in KB5003671 or KB5003681 on Windows 8.1 or Windows Server 2012 R2, apps accessing occasion logs on distant gadgets is likely to be unable to attach. This subject would possibly happen if the native or distant has not but put in updates launched June 8, 2021 or later. Affected apps are utilizing sure legacy Event Logging APIs. You would possibly obtain an error when making an attempt to attach. Last June, there was a recognized subject apparently by design.
Major revisionsAt this level in July’s replace cycle, there have been three main updates to earlier launched updates:CVE-2021-31940 and CVE-2021-31941: These revisions to previous updates are informational updates that relate to MAC desktop software program availability. If you’re a Windows person, no additional motion is required.
CVE-2020-17049: Microsoft is releasing safety updates to deploy the enforcement part for this vulnerability. Active Directory area controllers at the moment are able to Enforcement mode. At this time, the PerformTicketSignature registry key settings will probably be ignored and Enforcement mode can’t be overridden. Now you recognize.
Mitigations and workaroundsAs of now, it doesn’t seem that Microsoft has printed any mitigations or work-arounds for this July launch.Each month, we break down the replace cycle into product households (as outlined by Microsoft) with the next primary groupings:Browsers (Microsoft IE and Edge).
Microsoft Windows (each desktop and server).
Microsoft Development platforms (ASP.NET Core, .NET Core and Chakra Core).
BrowsersStrictly talking, there are not any browser updates for the July Patch Tuesday. However, Microsoft launched an replace to its Edge browser final June that addressed two vulnerabilities that would result in elevation-of-privilege situations. As these updates had been a part of the Chromium mission, they had been launched on June 24 as a part of the Edge Stable Channel (Version 91.0.864.59). We haven’t seen any influence to any Chromium browsers or dependent controls on account of these updates. If you permit automated updates for Microsoft Edge, no additional motion is required right now. You can learn extra about these releases on the Microsoft Edge Security replace web page discovered right here.WindowsEarlier than we even begin the dialogue about this month’s Windows updates, add all of those Windows updates to your “Patch Now” schedule. This is an enormous replace for Microsoft with 90 patches for Windows desktops alone. Nine of those patches are rated as crucial — all of which relate to the Remote Desktop characteristic in Windows. Unfortunately, 4 vulnerabilities addressed on this replace have been publicly disclosed (together with CVE-2021-34527) and an additional 4 have been reported as exploited within the wild. Two of those exploited points relate to Windows kernel elevation-of-privilege situations. This makes for a tricky replace to check, given the urgency of the printer spooler “crisis” and the necessity for speedy deployment of those updates. There are going to be issues with this replace. And, we aren’t but achieved with Windows updates for July. In truth, Microsoft simply launched updates to its beforehand up to date patches with CVE-2021-33481 and CVE-2021-34527 receiving main revisions yesterday. You can learn extra concerning the print spooler issues on the Microsoft safety weblog discovered right here. The present advice is to show off the spooler service to your servers. This is robust drugs for what seems to be a really severe subject. Add this Windows replace to your “Patch Now” schedule, and put together for extra pressing updates.Microsoft OfficeIn contrast to what’s occurring on the desktop and server surroundings this month, Microsoft Office updates seem comparatively benign. Microsoft has launched 10 patches that have an effect on all presently supported variations of Office, with 9 rated as necessary and one rated as reasonable by Microsoft. These updates have an effect on the same old suspects with Word, Excel and Sharepoint safety vulnerabilities resulting in potential spoofing or elevation of privilege points. Add these Microsoft Office updates to your normal patch schedule.Microsoft Exchange ServerWhereas we do not see fairly the priority (and urgency) with Microsoft Exchange as we’ve got seen in previous months, Microsoft has launched six updates rated as necessary and a single crucial rated replace (CVE-2021-34473). This crucial replace addresses a low complexity, network-based assault that doesn’t require person intervention. And, it is Microsoft’s second try at resolving this vulnerability (the primary attempt was in April) that would result in arbitrary code execution on the goal server. Given this concern, we’ve got added the Microsoft Exchange updates for the month of July to the “Patch Now” schedule.Microsoft Development PlatformsMicrosoft has launched 5 updates, all rated as necessary to the Microsoft Visual Studio improvement platform. This month additionally features a single GitHub advisory (CVE-2021-33767) that pertains to the Open Enclave SDK. All of those updates ought to have a minimal influence on their respective platforms and could be added to the usual improvement replace regime.AdobeMicrosoft has not launched any (further) updates to the Adobe ecosystem this month. However, given the necessary and pressing nature of the OOB printer updates, all different patches referring to printers and printing ought to be famous. This month Adobe has launched (APSB21-51) 10 crucial updates and a further two necessary updates to all supported variations of Adobe Reader (Acrobat DC, Reader DC, Reader 2020, Acrobat 2017 and Acrobat 2017). Given that these patches tackle reported vulnerabilities that embody low-complexity, distant code execution, “no user,” we suggest that you simply add these Adobe Reader updates to your “Patch Now” schedule.I might additionally like so as to add that this month’s replace, like earlier Flash associated updates will power the removing of Flash from the goal system. Taking this replace will take away Adobe Flash from the machine. For extra data, see the Update on Adobe Flash Player End of Support.
Copyright © 2021 IDG Communications, Inc.