Microsoft has released patches to fix more than 70 security flaws in its Windows operating systems and other software, including one that is already being exploited. This month’s Patch Tuesday also comprises security updates for the newest version of Windows, Windows 11.
Apple has published iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability (CVE-2021-30883) that is being exploited in active attacks aimed at iPhone and iPad users, according to Bleeping Computer’s Lawrence Abrams.
According to Abrams, the list of impacted Apple devices is massive, affecting both old and new models.
A remote code execution vulnerability in Microsoft Word is one of the most serious flaws, along with two other bugs in Windows Hyper-V, the virtualization component included in Windows.
Microsoft’s somewhat less serious ‘important’ rating was assigned to four of the 20 vulnerabilities fixed in March, including one labeled ‘Multiple security issues were identified during code audit.
The Windows Print Spooler has a spoofing vulnerability that is under CVE-2021-36970 and was discovered by the same researchers who found one of two flaws that later became known as PrintNightmare — the widespread exploitation of a critical Print Spooler flaw that compelled Microsoft to issue an emergency security update back in July.
While no information has been provided officially about the vulnerability, it is certainly one to keep an eye on because we saw a stream of Print Spooler-related bugs patched throughout July as ransomware organizations began using PrintNightmare in their affiliate playbook.
Another vital flaw in Microsoft Exchange Server is CVE-2021-26427, which has been targeted lately by attackers.
This month’s Exchange vulnerability earned a CVSS score of 9.0 (10 is the most dangerous).
“Email servers will always be prime targets, due to the quantity of data in emails and the many ways attackers may use them for malicious purposes.
For a comprehensive listing of all patches released today and sorted by severity, check out the always-useful Patch Tuesday roundup from the SANS Internet Storm Center, as well as the data provided by Morphus Labs.
On that note, please double-check to see if you’ve backed up your computer and/or critical data before updating.
If you’re like me, then storing your personal data on your hard drive is inviting disaster. Backups are crucial to keeping yourself safe and secure. To protect yourself from loss or corruption of your data, back it up immediately after installation before doing anything else.
Tech specialist. Social media guru. Evil problem solver. Total writer. Web enthusiast. Internet nerd. Passionate gamer. Twitter buff.