Patch Tuesday is back. Just like we saw in June, we have several that are already publicly disclosed, four of those being actively exploited. Overall, we are looking at 117 total exploits closed, with 13 of them being rated critical. It’s looking like June’s worst trends are still plaguing systems, while going back to the large total numbers we saw often in 2020.
It’s the worst of both worlds, without even going over all of the confusion surrounding Printnightmare.
Some Highlights (Or Lowlights)
CVE-2021-34473
This Remote Code Execution for Microsoft Exchange is rated as a 9.1, requires no user interaction, has a low complexity, and does not require user interaction. That seems to cover just about all of the worst case scenarios for an exploit. That is, before we mention that this is one that is already publicly disclosed. If you run exchange on-prem, this should have you running to get it patched ASAP.
CVE-2021-34448
This exploit is already being used out in the wild, and per the MSRC site it can cause a total of integrity and confidentiality. In other words, they can get all information or modify all files from the impacted component. The only ray of sunshine here is that it does require user interaction, but that can be as simple as getting users to visit a corrupted site or click on a bad link. Thank goodness your thorough end-user training has been adopted by everyone!
CVE-2021-34494
Anytime there is a threat to DNS, it’s worth highlighting. On the bright side, you don’t need to patch every machine with this one, only machines that are DNS servers. On the dark side, it requires minimal permissions and no user interaction to exploit. This is not one that is already publicly known or exploited, so at least patching should get you ahead of it.
In Review
This was a very rough month. I was really hoping the spike we saw in already exploited vulnerabilities was an outlier, but it seems to be more of a trend at this point. This would have been one of the roughest months I have done a write-up for, even before you account for things that came out before Patch Tuesday.
It is becoming apparent that patching needs to happen faster and more efficiently than ever before. PDQ Deploy and Inventory can not only help you get patches done faster, but our team can also help you get the process automated so you don’t even have to worry about them. We would love for our readers to read these blogs to stay on top of updates--and not to find out how much of your hair you will need to pull out this month
*Highlights Magazine is a trademark of "Highlights For Children". Lowlights Magazine is a dripping satire and should be recognized as such.
Loading...