GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

All Posts

Patch Tuesday July 2021 Edition...PrintNightmare, Windows RCEs and More Exchange RCEs

What We Know

For Patch Tuesday July 2021, Microsoft is patching the vulnerability and ongoing exploitation of PrintNightmare. You can read about CVE-2021-34527 on the Microsoft vulnerability site here. This one is really causing a lot of pain for organizations and CISA has also released Emergency Directive 21-04 that outlines what and when Federal Civilian Executive Branch agencies must do to mitigate this one.

For this month, Microsoft is addressing 117 total vulnerabilities, 13 of which are of the Critical rating, 103 have the Important rating, and 1 has a Moderate rating in severity.

That is a lot of CVEs!

The 13 Critical are listed below; we feel that CVE-2021-34527 “PrintNightmare” should be a top priority for every organization: 

CVE-2021-34527 - Windows Print Spooler Components - Windows Print Spooler RCE Vulnerability (actively exploited)
CVE-2021-34448 - Microsoft Scripting Engine - Scripting Engine Memory Corruption Vulnerability (actively exploited)
CVE-2021-34474 - Dynamics Business Central Control - Dynamics Business Central RCE Vulnerability
CVE-2021-34473 - Microsoft Exchange Server - Microsoft Exchange Server RCE Vulnerability
CVE-2021-33740 - Microsoft Windows Codecs Library - Windows Media RCE Vulnerability
CVE-2021-34439 - Microsoft Windows Media Foundation - Microsoft Windows Media Foundation RCE Vulnerability
CVE-2021-34503 - Microsoft Windows Media Foundation - Microsoft Windows Media Foundation RCE Vulnerability
CVE-2021-34494 – (server role) DNS Server - Windows DNS Server RCE Vulnerability
CVE-2021-34450 – (server role) Hyper-V - Windows Hyper-V RCE Vulnerability
CVE-2021-34522 - Windows Defender - Microsoft Defender RCE Vulnerability
CVE-2021-34464 - Windows Defender - Microsoft Defender RCE Vulnerability
CVE-2021-34458 - Windows Kernel - Windows Kernel RCE Vulnerability
CVE-2021-34497 - Windows MSHTML Platform - Windows MSHTML Platform RCE Vulnerability

There are also several on-premises Exchange Server vulnerabilities released, including the above Critical (RCE), and three were addressed in April but not discussed until this release.

What should you be doing?

The vulnerabilities that were released this month are significant and should be patched as soon as possible following your normal change and testing processes. You should also be looking at the vulnerabilities and updates on your perimeter security devices on a regular basis. When performing penetration tests for clients, our team often finds unpatched systems left open and vulnerable.

The latest patches can be viewed on the Microsoft Security Response Center (MSRC) website. As usual, you must follow the instructions for any of these updates and test thoroughly before upgrading your entire environment.

How long before more POC exploits are made public?

POC exploits are on the rise and aren't going away anytime soon. If there ever were a time to enhance your vulnerability management program to deal with vulnerabilities like these and out-of-band zero-day vulnerabilities, it is NOW.

Steps you can take now:

• Ask yourself, should we consider a move to Microsoft Online Exchange?
• Follow proper change control process
• Test your patches before rolling into production
• Ensure you have immutable backups of all systems, that way if the worst happens you have a method of recovering.
• Regardless of whether or not your systems are exposed to the Internet, patch them!

If you need help with this security threat, please reach out to your GreenPages Account Manager or reach out to us.

Randy Becker 2

Randy is responsible for GreenPages’ overall cyber security strategy, including developing comprehensive policies and procedures to protect critical applications while ensuring business agility and velocity. With more than 30 years in the IT industry, Randy has strong expertise in cyber security and risk management; security operations and optimization; infrastructure modernization; and hybrid cloud architecture, design, and implementation. Randy is also a HITRUST Certified CSF Practitioner (CCSFP) which ensures clients have access to the highest level of expertise related to privacy, security, compliance, and risk management.

 

Work With Us!

Related Posts

The Benefits of Microsoft Intune Suite for Modern Workplaces

By Josh Morganthall, Microsoft Practice Manager, GreenPages Microsoft Intune Suite unifies several endpoint management and security solutions into one bundle. In this blog post, I discuss the business value of Microsoft's cloud-based service and the operational efficiencies and enhanced user experience it brings to IT teams and users. 

CIO Fireside Chat Recap: Cloud & FinOps

By Mario Brum, VP of Practice Area and Technical Advisory Services Mario hosted the second in GreenPages' ongoing series of CIO Fireside Chats discussing how an industry-leading retail technology company partnered with GreenPages to use FinOps for optimizing the company's cloud costs. 

Preparing Your Business for the End of Windows Server 2012 Support

By Josh Morganthall, GreenPages Senior Solutions Architect for Microsoft Cloud In this blog post, Josh outlines the steps that CIOs need to take to prepare for Windows Server 2012 reaching its end of support on October 10, 2023 to ensure their IT operations remain secure, productive, and running without interruption.

Strategy, architecture, integration & management across the world’s leading technologies.

VMware
AWS
Citrix
Microsoft
Cisco
Dell EMC
HP
Lenovo
VMware
Citrix
Microsoft
Cisco
HP

Digital Transformation

Cloud Enablement & Operations

Resources

Contact

GreenPages
Two International Drive
Suite #260
Portsmouth, NH 03801
Call Us: 800.989.2989

Legal
Terms & Conditions

Join Us On

© 2020 GreenPages, Inc. All rights reserved.