Threat Advisories

Critical Vulnerabilities revealed in Microsoft’s Patch Tuesday

August 11, 2021

THREAT LEVEL: Red.

For a detailed advisory, download the pdf file here.

Multiple vulnerabilities have been patched by Microsoft in August 2021 Patch Tuesday. Three of them have been labeled as zero-day vulnerabilities (CVE-2021-36936, CVE-2021-36942, and CVE-2021-36948). One of them (CVE-2021-36948) has already been exploited in the wild. The attacker is yet to be identified. Microsoft has classified six vulnerabilities as critical, and patches for all of them are now available.

Vulnerability Details

Patch Links

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36948

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34530

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34534

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36936

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26432

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34480

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34535

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26424

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36942

References

https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2021-patch-tuesday-fixes-3-zero-days-44-flaws/

Critical flaws in Cisco’s Small Business RV Series VPN routers

Have you patched the vulnerabilities in Microsoft Exchange Server?