Microsoft’s July 2021 Security Updates Fix Multiple Products’ High-Risk Vulnerabilities

Microsoft’s July 2021 Security Updates Fix Multiple Products’ High-Risk Vulnerabilities

julho 28, 2021 | Jie Ji

Overview

According to NSFOCUS CERT’s monitoring, Microsoft released July 2021 Security Updates on July 14 to fix 117 vulnerabilities, including high-risk remote code execution and privilege escalation, in widely used products like Windows, Microsoft Office, Microsoft Edge, Visual Studio, and SharePoint Server.

In the vulnerabilities fixed by this month’s security updates, there are 13 critical vulnerabilities and 103 important ones. Nine of them are 0-day vulnerabilities, and five of them have been publicly disclosed:

  • Windows Certificate Spoofing Vulnerability (CVE-2021-34492)
  • Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473)
  • Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2021-34523)
  • Windows ADFS Security Feature Bypass Vulnerability (CVE-2021-33779)
  • Active Directory Security Feature Bypass Vulnerability (CVE-2021-33781)
  • Four of these vulnerabilities have been exploited in the wild:
  • Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527)
  • Windows Script Engine Memory Corruption Vulnerability (CVE-2021-34448)
  • Windows Kernel Privilege Escalation Vulnerability (CVE-2021-31979)
  • Windows Kernel Privilege Escalation Vulnerability (CVE-2021-33771)

Affected users are advised to apply patches. For details, please refer to Appendix: Vulnerability List.

NSFOCUS Remote Security Assessment System (RSAS) can detect most of the vulnerabilities (including high-risk ones such as CVE-2021-34448, CVE-2021-34473, CVE-2021-34494, CVE-2021-34458, and CVE-2021-34527) fixed by these security updates. Customers are advised to immediately update the plug-in package of their RSAS to V6.0R02F01.2401, which is available at http://update.nsfocus.com/update/listRsasDetail/v/vulsys.

Reference link: https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Jul

Description of Major Vulnerabilities

Based on product popularity and vulnerability importance, we have selected the vulnerabilities with a huge impact from the updates for affected users.

Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527):

Print Spooler is a service that manages printing-related affairs in the Windows system. Domain users can remotely exploit this vulnerability to execute arbitrary code on the domain controller with SYSTEM privileges, thereby gaining control of the entire domain. The exploit of this vulnerability has been made public and taken place in the wild. NSFOCUS CERT tracked the vulnerability over the course. For details and preventive measures, please refer to: https://mp.weixin.qq.com/s/fq0QhojmcrnucJ7kDZPK1A.

For vulnerability details, visit the following link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34527

Windows Script Engine Memory Corruption Vulnerability (CVE-2021-34448):

A memory corruption vulnerability exists in the Script Engine. An unauthenticated, remote attacker could exploit this vulnerability to trick a user into opening a crafted file or visiting a malicious website, thereby controlling the user’s computer system. Currently, the vulnerability has been found to be exploited in the wild.

For vulnerability details, visit the following link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34448

Windows Kernel Remote Code Execution Vulnerability (CVE-2021-34458):

A remote code execution vulnerability in the Windows kernel affects the SR-IOV virtual machine system, with a CVSS base score of 9.9.

For vulnerability details, visit the following link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34458

Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473):

A remote code execution vulnerability exists in the Microsoft Exchange Server. An unauthenticated, remote attacker could exploit this vulnerability to send a crafted request to the server and execute arbitrary code on the target server.

For vulnerability details, visit the following link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34473

Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-31206):

This is one of the vulnerabilities discovered as part of this year’s Pwn2Own competition. An attacker who has successfully exploited this vulnerability could gain a certain degree of control over the server.

For vulnerability details, visit the following link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31206

Windows DNS Server Remote Code Execution Vulnerability (CVE-2021-34494):

A remote code execution vulnerability exists in the Windows DNS server. An authenticated attacker could execute arbitrary code on the target host with SYSTEM privileges by sending a crafted request to the DNS server.

For vulnerability details, visit the following link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34494

Windows Kernel Privilege Escalation Vulnerabilities (CVE-2021-31979/CVE-2021-33771):

Two privilege escalation vulnerabilities exist in the Windows kernel. An authenticated, local attacker could run a crafted binary file, thereby escalating the privileges of the current account on the target host. Currently, the vulnerability has been found to be exploited in the wild.

For vulnerability details, visit the following links:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31979

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-33771

Scope of Impact

The following table lists affected products and versions that require special attention. Please view Microsoft’s security updates for other products affected by these vulnerabilities.

CVE IDAffected Products and Versions
CVE-2021-34527All Windows versions supported by Microsoft
CVE-2021-34448Windows Server 2012 R2
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2021-34458Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows Server, version 20H2 (Server Core Installation)
Windows Server, version 2004 (Server Core installation)
Windows Server 2019  (Server Core installation)
Windows Server 2019
CVE-2021-34473Microsoft Exchange Server 2019 Cumulative Update 9
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2019 Cumulative Update 8
Microsoft Exchange Server 2016 Cumulative Update 19
Microsoft Exchange Server 2016 Cumulative Update 20
CVE-2021-31206Microsoft Exchange Server 2019 Cumulative Update 9
Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft Exchange Server 2016 Cumulative Update 20
Microsoft Exchange Server 2013 Cumulative Update 23
CVE-2021-34494Windows Server, version 20H2 (Server Core Installation)
Windows Server, version 2004 (Server Core installation)
Windows Server 2019  (Server Core installation)
Windows Server 2019 Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
CVE-2021-31979All Windows versions supported by Microsoft
CVE-2021-33771Windows Server, version 20H2 (Server Core Installation)
Windows Server, version 2004 (Server Core installation)
Windows Server 2019  (Server Core installation)
Windows Server 2019
Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems

Mitigation

Patch Update

Currently, Microsoft has released security updates to fix the preceding vulnerabilities in product versions supported by Microsoft. Affected users are strongly advised to apply these updates as soon as possible. These updates are available at the following link:

https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Jul

Note: Windows Update may fail due to network and computer environment issues.  Therefore, users are advised to check whether the patches are successfully applied immediately upon installation.

Select the Start button and select Settings (N) > Security & Security > Windows Update to view the prompt message on the page. Alternatively, please view historical updates by clicking the View update history button.

If an update fails to be successfully installed, you can click the update name to open the Microsoft’s official update download page. Users are advised to click the links on the page to visit the “Microsoft Update Catalog” website to download and install independent packages.

Appendix: Vulnerability List

Affected ProductCVE IDVulnerability TitleSeverity
WindowsCVE-2021-33740Windows Media Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-34494Windows DNS Server Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-34497Windows MSHTML Platform Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-34448Scripting Engine Memory Corruption VulnerabilityCritical
WindowsCVE-2021-34450Windows Hyper-V Remote Code Execution VulnerabilityCritical
Exchange ServerCVE-2021-34473Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft DynamicsCVE-2021-34474Dynamics Business Central Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-34439Microsoft Windows Media Foundation Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-34503Microsoft Windows Media Foundation Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-34458Windows Kernel Remote Code Execution VulnerabilityCritical
System CenterCVE-2021-34464Microsoft Defender Remote Code Execution VulnerabilityCritical
System CenterCVE-2021-34522Microsoft Defender Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-34527Windows Print Spooler Remote Code Execution VulnerabilityCritical
WindowsCVE-2021-31183Windows TCP/IP Driver Denial-of-Service VulnerabilityImportant
Exchange ServerCVE-2021-31196Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Exchange ServerCVE-2021-31206Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-31947HEVC Video Extensions Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-31961Windows InstallService Privilege Escalation VulnerabilityImportant
Power BI Report ServerCVE-2021-31984Power BI Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33743Windows Projected File System Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33744Windows Secure Kernel Mode Security Feature Bypass VulnerabilityImportant
AppsCVE-2021-33753Microsoft Bing Search Spoofing VulnerabilityImportant
WindowsCVE-2021-33755Windows Hyper-V Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-33757Windows Security Account Manager Remote Protocol Security Feature Bypass VulnerabilityImportant
WindowsCVE-2021-33758Windows Hyper-V Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-33759Windows Desktop Bridge Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33760Media Foundation Information Disclosure VulnerabilityImportant
WindowsCVE-2021-33761Windows Remote Access Connection Manager Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33763Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
WindowsCVE-2021-33765Windows Installer Spoofing VulnerabilityImportant
Open Enclave SDKCVE-2021-33767Open Enclave SDK Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33771Windows Kernel Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33773Windows Remote Access Connection Manager Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33774Windows Event Tracing Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33780Windows DNS Server Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34441Microsoft Windows Media Foundation Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34442Windows DNS Server Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-34491Win32k Information Disclosure VulnerabilityImportant
WindowsCVE-2021-34492Windows Certificate Spoofing VulnerabilityImportant
WindowsCVE-2021-34493Windows Partition Management Driver Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34444Windows DNS Server Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-34445Windows Remote Access Connection Manager Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34446Windows HTML Platforms Security Feature Bypass VulnerabilityImportant
WindowsCVE-2021-34496Windows GDI Information Disclosure VulnerabilityImportant
WindowsCVE-2021-34447Windows MSHTML Platform Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34498Windows GDI Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34449Win32k Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34499Windows DNS Server Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-34500Windows Kernel Memory Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2021-34501Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-34452Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-34467Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-34518Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-34468Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-34469Microsoft Office Security Feature Bypass VulnerabilityImportant
Microsoft OfficeCVE-2021-34520Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34521Raw Image Extension Remote Code Execution VulnerabilityImportant
Exchange ServerCVE-2021-34523Microsoft Exchange Server Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34476Bowser.sys Denial-of-Service VulnerabilityImportant
Visual Studio CodeCVE-2021-34528Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-34479Microsoft Visual Studio Spoofing VulnerabilityImportant
WindowsCVE-2021-31979Windows Kernel Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33745Windows DNS Server Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-33746Windows DNS Server Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33749Windows DNS Snap-in Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33750Windows DNS Snap-in Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33751Storage Spaces Controller Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33752Windows DNS Snap-in Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33754Windows DNS Server Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33756Windows DNS Snap-in Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33764Windows Key Distribution Center Information Disclosure VulnerabilityImportant
Exchange ServerCVE-2021-33766Microsoft Exchange Information Disclosure VulnerabilityImportant
Exchange ServerCVE-2021-33768Microsoft Exchange Server Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33772Windows TCP/IP Driver Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-33775HEVC Video Extensions Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33776HEVC Video Extensions Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33777HEVC Video Extensions Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33778HEVC Video Extensions Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-33779Windows ADFS Security Feature Bypass VulnerabilityImportant
WindowsCVE-2021-33781Active Directory Security Feature Bypass Vulnerability (CVE-2021-33781)Important
WindowsCVE-2021-33782Windows Authenticode Spoofing VulnerabilityImportant
WindowsCVE-2021-33783Windows SMB Information Disclosure VulnerabilityImportant
WindowsCVE-2021-33784Windows Cloud Files Mini Filter Driver Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-33785Windows AF_UNIX Socket Provider Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-33786Windows LSA Security Feature Bypass VulnerabilityImportant
WindowsCVE-2021-33788Windows LSA Denial-of-Service VulnerabilityImportant
WindowsCVE-2021-34438Windows Font Driver Host Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34488Windows Console Driver Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34489DirectWrite Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34440GDI+ Information Disclosure VulnerabilityImportant
WindowsCVE-2021-34490Windows TCP/IP Driver Denial-of-Service VulnerabilityImportant
Microsoft OfficeCVE-2021-34451Microsoft Office Online Server Spoofing VulnerabilityImportant
WindowsCVE-2021-34454Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
WindowsCVE-2021-34504Windows Address Book Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34455Windows File History Service Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34456Windows Remote Access Connection Manager Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34457Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
WindowsCVE-2021-34507Windows Remote Assistance Information Disclosure VulnerabilityImportant
WindowsCVE-2021-34508Windows Kernel Remote Code Execution VulnerabilityImportant
WindowsCVE-2021-34459Windows AppContainer Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34509Storage Spaces Controller Information Disclosure VulnerabilityImportant
WindowsCVE-2021-34460Storage Spaces Controller Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34510Storage Spaces Controller Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34511Windows Installer Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34461Windows Container Isolation FS Filter Driver Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34512Storage Spaces Controller Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34462Windows AppX Deployment Extensions Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34513Storage Spaces Controller Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34514Windows Kernel Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34516Win32k Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34466Windows Hello Security Feature Bypass VulnerabilityImportant
Microsoft OfficeCVE-2021-34517Microsoft SharePoint Server Spoofing VulnerabilityImportant
Exchange ServerCVE-2021-34470Microsoft Exchange Server Privilege Escalation VulnerabilityImportant
WindowsCVE-2021-34525Windows DNS Server Remote Code Execution VulnerabilityImportant
.NET Education Bundle SDK Install Tool,.NET Install Tool for Extension AuthorsCVE-2021-34477Visual Studio Code .NET Runtime Privilege Escalation VulnerabilityImportant
Visual Studio CodeCVE-2021-34529Visual Studio Code Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-34519Microsoft SharePoint Information Disclosure VulnerabilityModerate

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.