7 zero-day vulnerabilities, 6 of which have been actively exploited, have been fixed this Patch Tuesday | #microsoft | #hacking | #cybersecurity


The second Tuesday of the month is here, which, in the IT world, means it’s Patch Tuesday. It’s important to patch diligently and regularly to keep cyberthreats and attacks away. This month, Microsoft has released security fixes to address 50 vulnerabilities out of which five are classified as Critical and 45 as Important. Seven zero-days have also been patched of which six have been actively exploited. 

In this blog, we’ll talk about the updates released and offer our advice for how to handle patch management in a hybrid work environment. You can also register for our free Patch Tuesday webinar and listen to our experts break down this month’s Patch Tuesday updates in detail. 

What is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of every month. It’s on this day that Microsoft releases both security and non-security updates for its operating system and other related applications. Since Microsoft has been consistent about when it releases these updates, IT admins are well-prepared for the release of Patch Tuesday updates.

Why is Patch Tuesday important?

Important security updates and patches to fix critical bugs or vulnerabilities are released on Patch Tuesday. If there are any zero-day vulnerabilities, these are also fixed during Patch Tuesday with some exceptions for critical and highly exploited vulnerabilities, in which case an out-of-band security update is released to address that particular vulnerability.

Highlights of June’s Patch Tuesday

Security updates were released for the following lineup of products:

  • .NET Core & Visual Studio

  • Microsoft Intune

  • Microsoft Office

  • Microsoft Scripting Engine

  • Microsoft Windows Codecs Library

  • Windows Defender

  • Windows Kernel

  • Windows NTFS

  • Windows Remote Desktop

One publicly disclosed and 6 actively exploited zero-day vulnerabilities patched

Six actively exploited zero-day vulnerabilities were patched this month. Here is the list

CVE IDs

Component

Impact

Status

CVE-2021-31955

Windows Kernel

Information disclosure

Actively exploited

CVE-2021-31956

Windows NTFS

Elevation of privilege

Actively exploited

CVE-2021-33739

Microsoft DWM Core Library

Elevation of privilege

Actively exploited

CVE-2021-33742

Windows MSHTML Platform

Remote code execution

Actively exploited

CVE-2021-31199

Microsoft Enhanced Cryptographic Provider

Elevation of privilege

Actively exploited

CVE-2021-31201

Microsoft Enhanced Cryptographic Provider

Elevation of privilege

Actively exploited

CVE-2021-31968

Windows Remote Desktop Services

Denial of service

Publicly disclosed but not actively exploited

Critical updates released

There are five Critical updates released this Patch Tuesday, the details of which can be found in the table below:

CVE ID

Product

Title

CVE-2021-31963

Microsoft Office SharePoint

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-31959

Microsoft Scripting Engine

Scripting Engine Memory Corruption Vulnerability

CVE-2021-31967

Microsoft Windows Codecs Library

VP9 Video Extensions Remote Code Execution Vulnerability

CVE-2021-31985

Windows Defender

Microsoft Defender Remote Code Execution Vulnerability

CVE-2021-33742

Windows MSHTML Platform

Windows MSHTML Platform Remote Code Execution Vulnerability

Best practices to handle patch management in a hybrid work environment

Many organizations have opted to embrace remote work even after they were cleared to return to the office. This decision poses various challenges to IT admins, especially in terms of managing and securing distributed endpoints. Here are a few pointers to help simplify the process of remote patching.

  • Disable automatic updates, because all it takes is one faulty patch to bring down the whole system. IT admins can educate end users on how to disable automatic updates on their machines. Patch Manager Plus and Desktop Central also have a dedicated patch that can be deployed to endpoints to ensure that automatic updates are disabled.

  • Create a restore point—a backup or image that captures the state of the machines—before deploying big updates like those from Patch Tuesday.

  • Establish a schedule for patching and keep end users informed about it. Let end users know what needs to be done on their end—for instance, connecting to the VPN during a specified time.

  • Test the patches on a pilot group of systems before deploying them to the production environment. This will ensure that the patches don’t interfere with the workings of other applications.

  • Allow end users to skip deployment and scheduled reboots. This will give them the liberty to install updates at their convenience so it doesn’t disrupt their work. ManageEngine’s patch management products come with user-defined deployment and rebooting options.

  • Some organizations use a VPN to deploy patches. To stop patch deployment tasks from eating up your VPN bandwidth, install Critical and zero-day updates first.

  • Schedule non-security updates and security updates that are not rated Critical to be deployed after Patch Tuesday, such as during the third or fourth week of the month. You can also choose to decline certain updates if you feel they are not required in your environment.

  • Run patch reports to get a detailed view of the health status of your endpoints.

  • For back-to-the-office machines, check if they are compliant with your security policies. If not, quarantine them.

  • Install the latest updates and feature packs before deeming your back-to-the-office machines fit for production.

  • Take inventory of applications and remove any that are now obsolete for your back-to-the-office machines, like remote collaboration software.

With Desktop Central or Patch Manager Plus, you can completely automate the entire process of patch management, from testing patches to deploying them. You can also tailor patch tasks according to your current situation. For a hands-on experience with either of these products, you can try a free, 30-day trial and keep all your applications and operating systems patched and secure.

Want to learn about the Patch Tuesday updates? Join our experts as they break down Patch Tuesday. Have questions you’d like to ask? Our experts are ready to answer them. Register for our free Patch Tuesday webinar!

 

 

The post 7 zero-day vulnerabilities, 6 of which have been actively exploited, have been fixed this Patch Tuesday appeared first on ManageEngine Blog.

*** This is a Security Bloggers Network syndicated blog from ManageEngine Blog authored by Karthika Surendran. Read the original post at: https://blogs.manageengine.com/desktop-mobile/patch-manager-plus/2021/06/09/7-zero-day-vulnerabilities-6-of-which-have-been-actively-exploited-have-been-fixed-this-patch-tuesday.html



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

one + one =