Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Patch Tuesday, August 2021

Here we are in August and it's Patch Tuesday once more. It's another light month with only 9 CVEs patched for vulnerabilities rated as "Critical" and 35 CVEs rated as "Important". On the Critical list, you'll Remote Code Execution vulnerabilities in Windows Graphics Engine, MSHTML Platform, NFS/OpenRPC/XDR Driver, the MS TCP/IP stack, and Windows Print Spooler. Additionally, Azure Sphere has Denial of Service and Information Disclosure vulnerabilities patched.

On the list of vulnerabilities rated as "Important," there are some additional vulnerabilities patched in the NFS/OpenRPC/XDR Driver as well as the Windows Print Spooler. You'll also see vulnerabilities patched in Microsoft Dynamics, Azure, .NET Core, and Visual Studio. Luckily only one of these vulnerabilities has been publicly disclosed prior to today's release. That is a Windows LSA Spoofing Vulnerability (CVE-2021-36942), aka "PetitPotam". So now's the time to get patching. 


Critical

Azure Sphere Denial of Service Vulnerability
CVE-2021-26430
Denial of Service

Azure Sphere Information Disclosure Vulnerability
CVE-2021-26428
Information Disclosure

Remote Desktop Client Remote Code Execution Vulnerability
CVE-2021-34535
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2021-34480
Remote Code Execution

Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-34530
Remote Code Execution

Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-34534
Remote Code Execution

Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-36936
Remote Code Execution

Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability
CVE-2021-26432
Remote Code Execution

Windows TCP/IP Remote Code Execution Vulnerability
CVE-2021-26424
Remote Code Execution


Important

.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-26423
Denial of Service

.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-34485
Information Disclosure

ASP.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-34532
Information Disclosure

Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2021-33762, CVE-2021-36943
Elevation of Privilege

Azure Sphere Elevation of Privilege Vulnerability
CVE-2021-26429
Elevation of Privilege

Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
CVE-2021-36949
Elevation of Privilege

Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
CVE-2021-34524
Remote Code Execution

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-36946
Spoofing

Microsoft Office Remote Code Execution Vulnerability
CVE-2021-34478
Remote Code Execution

Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-36940
Spoofing

Microsoft Windows Defender Elevation of Privilege Vulnerability
CVE-2021-34471
Elevation of Privilege

Microsoft Word Remote Code Execution Vulnerability
CVE-2021-36941
Remote Code Execution

Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-34536
Elevation of Privilege

Windows 10 Update Assistant Elevation of Privilege Vulnerability
CVE-2021-36945
Elevation of Privilege

Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2021-34537
Elevation of Privilege

Windows Cryptographic Primitives Library Information Disclosure Vulnerability
CVE-2021-36938
Information Disclosure

Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability
CVE-2021-36927
Elevation of Privilege

Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-26425, CVE-2021-34486, CVE-2021-34487
Elevation of Privilege

Windows Graphics Component Font Parsing Remote Code Execution Vulnerability
CVE-2021-34533
Remote Code Execution

Windows LSA Spoofing Vulnerability
CVE-2021-36942
Spoofing

Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability
CVE-2021-36937
Remote Code Execution

Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-34483
Elevation of Privilege

Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-36947
Remote Code Execution

Windows Recovery Environment Agent Elevation of Privilege Vulnerability
CVE-2021-26431
Elevation of Privilege

Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
CVE-2021-26433, CVE-2021-36926, CVE-2021-36932, CVE-2021-36933
Information Disclosure

Windows Update Medic Service Elevation of Privilege Vulnerability
CVE-2021-36948
Elevation of Privilege

Windows User Account Profile Picture Elevation of Privilege Vulnerability
CVE-2021-26426
Elevation of Privilege

Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2021-34484
Elevation of Privilege

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2021-36950
Cross-site Scripting

Latest SpiderLabs Blogs

Breakdown of Tycoon Phishing-as-a-Service System

Just weeks after Trustwave SpiderLabs reported on the Greatness phishing-as-a-service (PaaS) framework, SpiderLabs’ Email Security team is tracking another PaaS called Tycoon Group.

Read More

Physical Address Strangeness in Spam

Ten years ago, Congress passed the "CAN-SPAM Act" (also known as theYou-CAN-SPAM Act, since it defined legal spam and supersedes any stricter state-antispam laws). One of the provisions of the act is...

Read More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising

During an Advanced Continual Threat Hunt (ACTH) investigation that took place in early December 2023, Trustwave SpiderLabs discovered Ov3r_Stealer, an infostealer distributed using Facebook...

Read More