Overview
Microsoft patches a total of 97 operating system and software flaws with July 2021 Patch Tuesday update. 9 of these vulnerabilities turn out to be zero-day vulnerabilities, and 4 of them are considered to be actively exploited in the wild.
What Is Patch Tuesday?
Patch Tuesday, a.k.a., Black Tuesday (or Update Tuesday), is an unofficial term used to refer to the scheduled updates rolled out on Tuesdays by Microsoft to fix for known bugs in the Windows operating system and the other Microsoft products.
It was introduced in 2003 to provide a routine schedule for the system administrators to plan for updates for Microsoft products. The idea was to simplify the patch management by regular schedules and save the network administrators from the hassle of unpredictable updates. With predetermined update schedules, system administrators could arrange compatibility and deployment tests before installing the updates.
About the Security Vulnerabilities
Microsoft patches several of its products with the Patch Tuesday update in July. 9 of the vulnerabilities, from a total of 97, turn out to be zero-days, and 4 of these zero-day vulnerabilities are actively exploited in the wild, according to the Microsoft update guide.
Out of these 97 vulnerabilities, 2 are rated critical and 70 are rated high in severity according to CVSS (Common Vulnerability Scoring System) scale. However, note that these initial ratings made currently by Microsoft could differ from the final severity evaluation in NVD (National Vulnerability Database).
Zero-Day Vulnerabilities
Following is a list of zero-day vulnerabilities that were detected to be actively exploited in the wild. Among these, CVE-2021-34527 Print Spooler vulnerability, a.k.a., PrintNightmare vulnerability, was patched last week with an emergency update, as it was accidentally disclosed publicly by Chinese researchers.
- CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability
- CVE-2021-31979 Windows Kernel Elevation of Privilege Vulnerability
- CVE-2021-34448 Scripting Engine Memory Corruption Vulnerability
- CVE-2021-33771 Windows Kernel Elevation of Privilege Vulnerability
According to a report by Citizen Lab, two of these vulnerabilities (CVE-2021-31979 and CVE-2021-33771) were found to be exploited by a spyware that was allegedly developed by an Israeli cyber security company called Candiru. Microsoft Threat Intelligence Center (MSTIC) further shared that at least 100 human rights defenders, dissidents, journalists, activists and politicians in Palestine, Israel, Iran, Lebanon, Yemen, Spain, United Kingdom, Turkey, Armenia, and Singapore fell victims of this spyware.
The other 5 zero-day vulnerabilities that have no known exploits at the time of the patch release are as follows:
- CVE-2021-33781 Azure AD Security Feature Bypass Vulnerability
- CVE-2021-33779 Windows ADFS Security Feature Bypass Vulnerability
- CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-34523 Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2021-34492 Windows Certificate Spoofing Vulnerability
Vulnerabilities That Are Not Zero-Days
The following is a list of the remaining 88 vulnerabilities that are not zero-days:
List the remaining 88 security vulnerabilities …
- CVE-2021-34529 Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-34477 Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability
- CVE-2021-34525 Windows DNS Server Remote Code Execution Vulnerability
- CVE-2021-34522 Microsoft Defender Remote Code Execution Vulnerability
- CVE-2021-34470 Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2021-34517 Microsoft SharePoint Server Spoofing Vulnerability
- CVE-2021-34466 Windows Hello Security Feature Bypass Vulnerability
- CVE-2021-34516 Win32k Elevation of Privilege Vulnerability
- CVE-2021-34464 Microsoft Defender Remote Code Execution Vulnerability
- CVE-2021-34514 Windows Kernel Elevation of Privilege Vulnerability
- CVE-2021-34440 GDI+ Information Disclosure Vulnerability
- CVE-2021-34489 DirectWrite Remote Code Execution Vulnerability
- CVE-2021-34488 Windows Console Driver Elevation of Privilege Vulnerability
- CVE-2021-34439 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
- CVE-2021-34438 Windows Font Driver Host Remote Code Execution Vulnerability
- CVE-2021-33788 Windows LSA Denial of Service Vulnerability
- CVE-2021-33786 Windows LSA Security Feature Bypass Vulnerability
- CVE-2021-33785 Windows AF_UNIX Socket Provider Denial of Service Vulnerability
- CVE-2021-33784 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- CVE-2021-33783 Windows SMB Information Disclosure Vulnerability
- CVE-2021-33782 Windows Authenticode Spoofing Vulnerability
- CVE-2021-33778 HEVC Video Extensions Remote Code Execution Vulnerability
- CVE-2021-33777 HEVC Video Extensions Remote Code Execution Vulnerability
- CVE-2021-33776 HEVC Video Extensions Remote Code Execution Vulnerability
- CVE-2021-33775 HEVC Video Extensions Remote Code Execution Vulnerability
- CVE-2021-33772 Windows TCP/IP Driver Denial of Service Vulnerability
- CVE-2021-33768 Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2021-33766 Microsoft Exchange Information Disclosure Vulnerability
- CVE-2021-33764 Windows Key Distribution Center Information Disclosure Vulnerability
- CVE-2021-33756 Windows DNS Snap-in Remote Code Execution Vulnerability
- CVE-2021-33754 Windows DNS Server Remote Code Execution Vulnerability
- CVE-2021-33752 Windows DNS Snap-in Remote Code Execution Vulnerability
- CVE-2021-33751 Storage Spaces Controller Elevation of Privilege Vulnerability
- CVE-2021-33750 Windows DNS Snap-in Remote Code Execution Vulnerability
- CVE-2021-33749 Windows DNS Snap-in Remote Code Execution Vulnerability
- CVE-2021-33746 Windows DNS Server Remote Code Execution Vulnerability
- CVE-2021-33745 Windows DNS Server Denial of Service Vulnerability
- CVE-2021-34479 Microsoft Visual Studio Spoofing Vulnerability
- CVE-2021-34528 Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-34476 Bowser.sys Denial of Service Vulnerability
- CVE-2021-34474 Dynamics Business Central Remote Code Execution Vulnerability
- CVE-2021-34521 Raw Image Extension Remote Code Execution Vulnerability
- CVE-2021-34520 Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2021-34469 Microsoft Office Security Feature Bypass Vulnerability
- CVE-2021-34519 Microsoft SharePoint Server Information Disclosure Vulnerability
- CVE-2021-34468 Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2021-34518 Microsoft Excel Remote Code Execution Vulnerability
- CVE-2021-34467 Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2021-34452 Microsoft Word Remote Code Execution Vulnerability
- CVE-2021-34501 Microsoft Excel Remote Code Execution Vulnerability
- CVE-2021-34500 Windows Kernel Memory Information Disclosure Vulnerability
- CVE-2021-34450 Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2021-34499 Windows DNS Server Denial of Service Vulnerability
- CVE-2021-34449 Win32k Elevation of Privilege Vulnerability
- CVE-2021-34498 Windows GDI Elevation of Privilege Vulnerability
- CVE-2021-34497 Windows MSHTML Platform Remote Code Execution Vulnerability
- CVE-2021-34447 Windows MSHTML Platform Remote Code Execution Vulnerability
- CVE-2021-34496 Windows GDI Information Disclosure Vulnerability
- CVE-2021-34446 Windows HTML Platforms Security Feature Bypass Vulnerability
- CVE-2021-34445 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- CVE-2021-34494 Windows DNS Server Remote Code Execution Vulnerability
- CVE-2021-34444 Windows DNS Server Denial of Service Vulnerability
- CVE-2021-34493 Windows Partition Management Driver Elevation of Privilege Vulnerability
- CVE-2021-34491 Win32k Information Disclosure Vulnerability
- CVE-2021-34442 Windows DNS Server Denial of Service Vulnerability
- CVE-2021-34441 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
- CVE-2021-33780 Windows DNS Server Remote Code Execution Vulnerability
- CVE-2021-33774 Windows Event Tracing Elevation of Privilege Vulnerability
- CVE-2021-33773 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- CVE-2021-33767 Open Enclave SDK Elevation of Privilege Vulnerability
- CVE-2021-33765 Windows Installer Spoofing Vulnerability
- CVE-2021-33763 Windows Remote Access Connection Manager Information Disclosure Vulnerability
- CVE-2021-33761 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- CVE-2021-33760 Media Foundation Information Disclosure Vulnerability
- CVE-2021-33759 Windows Desktop Bridge Elevation of Privilege Vulnerability
- CVE-2021-33757 Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability
- CVE-2021-33758 Windows Hyper-V Denial of Service Vulnerability
- CVE-2021-33755 Windows Hyper-V Denial of Service Vulnerability
- CVE-2021-33753 Microsoft Bing Search Spoofing Vulnerability
- CVE-2021-33744 Windows Secure Kernel Mode Security Feature Bypass Vulnerability
- CVE-2021-33743 Windows Projected File System Elevation of Privilege Vulnerability
- CVE-2021-33740 Windows Media Remote Code Execution Vulnerability
- CVE-2021-31984 Power BI Remote Code Execution Vulnerability
- CVE-2021-31961 Windows InstallService Elevation of Privilege Vulnerability
- CVE-2021-31947 HEVC Video Extensions Remote Code Execution Vulnerability
- CVE-2021-31206 Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-31196 Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-31183 Windows TCP/IP Driver Denial of Service Vulnerability
References to Advisories, Solutions and Tools
One single vulnerability all an attacker needs.
Window Snyder
Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes.
To learn more about security vulnerabilities, you could also read our articles What is a Security Vulnerability? or What is Vulnerability Scanning?
