Microsoft Patch Tuesday – August 2021

Patch Tuesday is once again upon us. The August 2021 edition of Patch Tuesday brings us 47 fixes, 7 of which are rated as critical with 1 actively exploited. We've listed the most important changes below.

⚡ TL;DR | Go Straight to the August 2021 Patch Tuesday Audit Report

Multiple Print Spooler Remote Code Execution Vulnerabilities Fixed

After the infamous PrintNightmare vulnerability was fixed, a second Print Spooler service vulnerability was quickly discovered. CVE-2021-34481 was disclosed on July 15 and remained unpatched until now. Microsoft recommended keeping the Print Spooler service disabled, but after today's patch, it should be once again safe to enable the Print Spooler service in your environment.

Additionally, another two Print Spooler service RCEs were detected and fixed, making it 4 RCE vulnerabilities in only 2 months' time. CVE-2021-36936 and CVE-2021-36947 were disclosed in today's patch Tuesday and both having a base CVSS 3.0 score of 8.8 are even more severe than the previous Print Spooler RCE vulnerability.

Windows Update Elevation of Privilege Vulnerability Actively Exploited

The Windows Update Medic Service also got a fix in todays' patch Tuesday. The Medic Service or WaasMedic is a background service that was added to Windows 10 in the new method Windows 10 handles the updating process. It is designed to repair the Windows Update service so that devices can continue to receive updates unhindered. Unfortunately, an elevation of privilege vulnerability was detected in this component, CVE-2021-36948 has a CVSS 3.0 score of 7.8 and has been actively exploited according to Microsoft.

Severe Hyper-v Vulnerabilties Fixed

CVE-2021-26424, a Windows TCP/IP remote code execution vulnerability that can be exploited by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host has been fixed. An attacker could send a specially crafted TCPIP packet to its host utilizing the TCPIP Protocol Stack (tcpip.sys) to process packets which could lead to remote code execution. With a CVSS 3.0 score of 9.9, it is just short of a perfect 10 and should motivate everyone to update as soon as possible.

PetitPotam Fixed

Another high-profile vulnerability that got fixed is PetitPotam. Listed as a Windows LSA spoofing vulnerability, CVE-2021-36942 has been included in this months' patch Tuesday so your domain controllers are a little safer again.

Run the Patch Tuesday August 2021 Audit Report

To help manage your update progress, we've created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see at a glance which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

Receive the Latest Patch Tuesday Report for FREE Every Month

  • Hidden
  • This field is for validation purposes and should be left unchanged.

You may also like...

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​