Microsoft Patches OMIGOD, MSHTML and PrintNightmare Bugs

Microsoft mounted about 60 CVEs in this month’s Patch Tuesday update round, including a zero-day staying actively exploited in the wild.

Initially designed community previous week, CVE-2021-40444 is a distant code execution vulnerability in Microsoft’s MSHTML engine.

✔ Approved From Our Partners

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code

A 2nd zero-working day, which was publicly disclosed but not actively exploited, is CVE-2021-36968, an elevation of privilege vulnerability in Windows DNS. It is labeled “important” by Microsoft and only impacts Windows 7 and Windows Server 2008.

Nonetheless, these vulnerable legacy devices could appeal to threat actors as targets, in accordance to Ivanti VP of products administration, Chris Goettl.

“In this situation, they could locate the actuality that this only affects legacy OSs as desirable, banking on the fact that businesses are however operating these systems but not continuing with extended security updates (ESU) from Microsoft,” he discussed.

“If you tumble into this team, there is yet a lot more rationale to either subscribe to Microsoft’s ESU for Windows 7 and Server 2008/2008 R2 or migrate off of these platforms, as the risk of operating these conclude-of-daily life techniques continues to mature.”

Elsewhere there was also an updated patch for a single of the print spooler bugs known as PrintNightmare, to take care of new issues discovered by researchers over and above the authentic correct. With exploit code available for this CVE, it is also a make any difference of urgency to patch, reported Goettl.

Other noteworthy CVEs that acquired the patch treatment method this thirty day period have been CVE-2021-38647, CVE-2021-38648, CVE-2021-38645, and CVE-2021-38649 — influencing Microsoft’s Open Management Infrastructure (OMI) agent.

Dubbed “OMIGOD” by scientists at Wiz.io, the bugs could allow a distant attacker to acquire root entry to Linux virtual devices running on Azure.

“We conservatively estimate that hundreds of Azure clients and hundreds of thousands of endpoints are impacted. In a little sample of Azure tenants we analyzed, around 65% ended up unknowingly at risk,” the company warned.