Please see Security Advisories for the week ending August 13, 2021
- Microsoft Releases August 2021 Security Updates
- Microsoft has provided a fix for 3 zero-day vulnerabilities as part of their August Patch Tuesday release
- Drupal Releases Security Updates
- Mozilla Releases Security Updates for Firefox and Thunderbird
- Citrix Releases Security Update for ShareFile Storage Zones Controller
- Adobe Releases Security Updates for Multiple Products
- SAP Releases August 2021 Security Updates
_______________________________
Microsoft Releases August 2021 Security Updates
Situation
Microsoft has released August 2021 security updates for Microsoft products. Products include Visual Studio, Microsoft Office, Windows Defender, Microsoft Dynamics, and much more.
Problem
Vulnerabilities found include remote code execution, information disclosure, bypass, privilege escalation, and more.
Implication
Failure to patch systems could result in loss of control of affected systems.
Need
Apply the latest security updates to all Microsoft products.
For a more technical overview:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Aug
________________________________
Microsoft has provided a fix for 3 zero-day vulnerabilities as part of their August Patch Tuesday release
Situation
Microsoft has provided a fix for 3 zero-day vulnerabilities as part of their August Patch Tuesday release.
Problem
The two publicly disclosed zero-day vulnerabilities are in the wild: CVE-2021-36936 (Windows Print Spooler Remote Code Execution Vulnerability) & CVE-2021-36942 (Windows LSA Spoofing Vulnerability). Finally, one actively exploited elevation of privileges vulnerability was discovered by the Microsoft Security Response Center (MSRC) and Microsoft Threat Intelligence Center (MSTIC): CVE-2021-36948 (Windows Update Medic Service Elevation of Privilege Vulnerability).
Implication
An attacker can exploit this vulnerability to obtain access to sensitive information.
Need
Expedite full patch routine or at a minimum push update to zero-day vulnerabilities as soon as possible.
________________________________
Drupal Releases Security Updates
Situation
Drupal has released security updates to address vulnerabilities that could affect versions 8.9, 9.1, and 9.2.
Problem
The Drupal project uses the CKEditor, library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal.
Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can create or edit content (even without access to CKEditor themselves) may be able to exploit one or more Cross-Site Scripting (XSS) vulnerabilities to target users with access to the WYSIWYG CKEditor, including site admins with privileged access.
Implication
An attacker could exploit these vulnerabilities to take control of an affected system.
Need
CISA encourages users and administrators to review Drupal Security Advisory SA-CORE-2021-005 and apply the necessary updates.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2021/08/12/drupal-releases-security-updates
For a more technical overview:
https://www.drupal.org/sa-core-2021-005
________________________________
Mozilla Releases Security Updates for Firefox and Thunderbird
Situation
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird.
Problem
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.
Implication
Failure to patch systems could result in loss of control of affected systems.
Need
Mozilla advises patching to the most up to date versions of: Firefox 91, Firefox ESR 78.13, and Thunderbird version 78.13.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2021/08/10/mozilla-releases-security-updates-firefox
For a more technical overview:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/
________________________________
Citrix Releases Security Update for ShareFile Storage Zones Controller
Situation
Citrix has released a security update to address a vulnerability affecting Citrix ShareFile storage zones controller.
Problem
An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. Customers are only affected by this issue if they previously selected “Enable Encryption” in the ShareFile storage zones controller configuration page and did not re-select this setting after running the CTX269106 mitigation tool. ShareFile customers who have not run the CTX269106 mitigation tool or who re-selected “Enable Encryption” immediately after running the tool are unaffected by this issue.
Implication
An attacker can exploit this vulnerability to obtain access to sensitive information.
Need
CISA recommends users and administrators review Citrix Security Bulletin CTX322787 and apply the necessary update.
For a brief overview:
For a more technical overview:
https://support.citrix.com/article/CTX322787
________________________________
Adobe Releases Security Updates for Multiple Products
Situation
Adobe has released security updates for Connect and Magneto.
Problem
These affect Connect versions 11.2.2 and earlier, Magneto Commerce 2.4.2, 2.4.2-p, and 2.37 and earlier, and Magneto Open Source 2.4.2-p1, 2.3.7 and earlier.
Vulnerabilities include improper authorization, XSS, improper validation, path traversal, and much more.
Implication
Attackers can exploit vulnerabilities to take control of the affected system.
Need
Apply the latest updates for Connect and Magneto.
For more information:
Connect: https://helpx.adobe.com/security/products/connect/apsb21-66.html
Magneto: https://helpx.adobe.com/security/products/magento/apsb21-64.html
________________________________
Intel Releases Multiple Security Updates
Situation
Intel has released security updates for the products:
- NUC 9 Extreme Laptop Kits
- NUC Pro Chassis Element Driver
- Ethernet Linux Driver
- Optane PMem
- Graphics Drivers
- Ethernet Adapters 800 Series
Problem
Vulnerabilities found include privilege escalation, denial of service, information disclosure, and more.
Implication
An attack can exploit and take control of the affected systems.
Need
Apply the latest updates to the above products.
For more info: https://us-cert.cisa.gov/ncas/current-activity/2021/08/10/intel-releases-multiple-security-updates
________________________________
SAP Releases August 2021 Security Updates
Situation
SAP has released security updates to address vulnerabilities affecting multiple products.
Problem
This batch of updates addresses multiple products: SAP Business Client, SAP NetWeaver AS ABAP and ABAP Platform, NetWeaver Guided Procedures, NetWeaver AS for Java, SAP CRM, SAP Process Integration, SAP Lumira, SAP Web Dispatcher and Internet Communication Manager, SAP Business Objects Web Intelligence, and SAP 3D Visual Enterprise Viewer for a range of vulnerabilities, including: authentication bypass, Denial of Service, external entity injection for manipulation of XML code, Cross-Site Scripting, HTTP request smuggling, memory corruption, and improper input validation, respectively.
Implication
An attacker could exploit some of these vulnerabilities to take control of an affected system.
Need
CISA encourages users and administrators to review the SAP security updates and apply the necessary updates.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2021/08/10/sap-releases-august-2021-security-updates
For a more technical overview:
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806