قالب وردپرس درنا توس
Home / Technology / Microsoft Patch Tuesday, May 2021 – Krebs on Security

Microsoft Patch Tuesday, May 2021 – Krebs on Security



Microsoft A fix was released today to insert vulnerabilities in at least 55 of its security vulnerabilities Windows Operating system and other software. Malware and malicious software can take advantage of the four weaknesses, without any help from the user, to carry out complete remote control of the vulnerable system. The patch that will be released this month can eliminate a worm-like vulnerability, a creepy wireless vulnerability, and another cause of Microsoft’s death. IE browser (IE) Web browser.

Although May can bring half of Microsoft̵

7;s normal update volume, there are still some noteworthy weaknesses that deserve special attention, especially those from enterprises. As we all know, the most urgent priority this month is CVE-2021-31166, a vulnerability in Windows 10 and Windows Server that allows unauthenticated attackers to remotely execute malicious code at the operating system level. Because of this weakness, the attacker can destroy the host by simply sending a specially crafted packet to the host.

“This makes the vulnerability vulnerable to infection, and even Microsoft pointed out this error in its article,” he said. Dustin Childs, with Trend Micro’s ZDI program. “Before you ignore this, you can also configure Windows 10 as a web server, so it will also be affected. Definitely put it at the top of the test and deployment list.”

Kevin Blaine From Immersive laboratory He said that this fact is only 0.2 points away from a perfect 10 CVSS score, which is enough to determine the importance of the patch.

“For ransomware operators, this type of vulnerability is the main target of exploiting the vulnerability,” Brein said. “Vulnerable vulnerabilities should always be given top priority, especially for public-facing services. Since this particular method of exploitation does not require any form of authentication, it is more attractive to attackers. Organizations using the HTTP.sys protocol stack should give priority to this patch.”

Breen also called attention to a vulnerability in CVE-2021-26419-CVE Internet Explorer 11 -Explain why IE needs to stand for “Internet Exploder”. To trigger this vulnerability, users must visit a website controlled by the attacker, although Microsoft also realizes that it can be triggered by embedding ActiveX controls in Office Documents.

Brian said: “IE needs to die, and I am not the only one who thinks so.” “If you are an organization that must provide IE11 to support older applications, please consider implementing a strategy for users so that IE11 can be The domains accessed are restricted to only those older applications. All other web browsing should be done with a supported browser.”

Another strange bug fixed this month is CVE-2020-24587, which was described as a “Windows wireless network information disclosure vulnerability.” ZDI’s Children’s company (Childs) said this is potentially destructive.

He said: “The patch fixes a vulnerability that may allow an attacker to leak the contents of encrypted wireless data packets on the affected system.” “It is not clear what the scope of this attack is, but You should assume that a certain degree of proximity is required. You will also notice that this CVE is from 2020, which may indicate that Microsoft has been working on this fix.

Microsoft also patched four security vulnerabilities Exchange server An enterprise email platform, which was recently surrounded by four other zero-day Exchange vulnerabilities, causing thousands of servers worldwide to be hacked.One of the errors is considered to be Tangerine The head of the DEVCORE research team, he is responsible for disclosing the ProxyLogon Exchange Server vulnerability, which was patched in the out-of-band release in March.

Researcher Orange Tsai commented that no one guessed that the remote zero-day time he reported to Microsoft on January 5, 2021 was in Exchange Server.

“Although none of these flaws are considered critical in nature, it reminds us that researchers and attackers are still paying close attention to other vulnerabilities in Exchange Server, so organizations that have not updated their systems should do so as soon as possible.” Satnam Narang, The researcher is Defensible.

As always, it is a good idea for Windows users to develop the habit of updating at least once a month, but for ordinary users (read: not businesses), you can usually rest assured to wait a few days until the patch is released, so that Microsoft has Time to eliminate any flaws in the new armor.

But before you update, please Make sure that the system and/or important files are backed up. It is not uncommon for Windows update packages to make the system run normally or prevent it from starting normally, and certain updates are known to erase or destroy files.

Therefore, before installing any patches, do yourself a favor and back it up. Windows 10 even has some built-in tools to help you do this, whether it’s on a per file/folder basis or making a complete and bootable copy of the hard drive all at once.

And, if you want to ensure that Windows is set to suspend updates so that you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, please refer to this guide.

If you experience a glitch this month or have trouble installing any of these patches, please consider leaving a comment below. Other readers have the same experience, and there may be some helpful hints that caused an uproar.


Source link