Microsoft Patch Tuesday (July 2021)

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057

Windows 10 KB5004237 & KB5004245 cumulative updates released​

As part of the July 2021 Patch Tuesday, Microsoft has released new KB5004237 and KB5004245 cumulative updates for recent versions of Windows. Today's cumulative updates include security fixes for PCs with May 2021 Update, October 2020 Update and May 2020 Update.

This month's KB5004237 and KB5004245 cumulative updates are part of the mandatory Patch Tuesday updates that numerous bug fixes and performance enhancements. Also included are security updates for 117 vulnerabilities in the OS, browsers, core components and other basic functions.

It is critical for Windows users to install these updates as soon as possible as they contain fixes for nine zero-day vulnerabilities, with four actively exploited by threat actors.

What's new in Builds 19043.1110, 19042.1110 and 19041.1110​

KB5004237 (Build 19043.1110, 19042.1110 and 19041.1110) comes with these bug fixes:
  • Addresses a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare”, as documented in CVE-2021-34527. After installing this and later Windows updates, users who are not administrators can only install signed print drivers to a print server. By default, administrators can install signed and unsigned printer drivers to a print server. The installed root certificates in the system’s Trusted Root Certification Authorities trusts signed drivers. Microsoft recommends that you immediately install this update on all supported Windows client and server operating system, starting with devices that currently host the print server role. You also have the option to configure the RestrictDriverInstallationToAdministrators registry setting to prevent non-administrators from installing signed printer drivers on a print server. For more information, see KB5005010.
  • Updates an issue in a small subset of users that have lower than expected performance in games after installing KB5000842 or later.
  • Updates an issue that causes the Japanese Input Method Editor (IME) to suddenly stop working while you are typing.
  • Updates an issue in which signing in using a PIN fails. The error message is "Something happened and your PIN isn’t available. Click to set up your PIN again."
  • Updates an issue that, in certain cases, takes you out of the exclusive virtual reality (VR) app and back to Windows Mixed Reality Home when you press the Windows button on the controller.
  • Updates an issue that causes blurry text on the news and interests button on the Windows taskbar for some screen resolutions.
  • Updates an issue with Search box graphics on the Windows taskbar that occurs if you right-click the taskbar and turn off News and interests. This graphics issue is especially visible when using dark mode.
  • Updates an issue that might prevent you from using your fingerprint to sign in after startup or waking up your device from sleep.
  • Updates an issue that might cause a high-pitched noise or squeak in certain apps when you play 5.1 Dolby Digital audio using certain audio devices and Windows settings.
Windows 10 version 1909 is getting KB5004245 and it includes the same set of bug fixes highlighted above.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Microsoft July 2021 Patch Tuesday fixes 9 zero-days, 117 flaws
Today is Microsoft's July 2021 Patch Tuesday, and with it comes fixes for nine zero-day vulnerabilities and a total of 117 flaws, so Windows admins will be pulling their hair out as they scramble to get devices patched and secured.

Microsoft has fixed 117 vulnerabilities with today's update, with 13 classified as Critical, 1 Moderate, and 103 as Important.

Of the 117 vulnerabilities, 44 are remote code execution, 32 are for elevation of privilege, 14 are information disclosure, 12 are Denial of Service, 8 are security feature bypass, and seven are spoofing vulnerabilities.

For information about the non-security Windows updates, you can read about today's Windows 10 KB5004237 & KB5004245 cumulative updates.
Nine zero-days fixed, with four actively exploited

July's Patch Tuesday includes nine zero-day vulnerabilities, with four actively exploited in the wild.

Microsoft classifies a zero-day vulnerability as publicly disclosed or actively exploited with no official security updates or released.

The five publicly disclosed, but not exploited, zero-day vulnerabilities are:
  • CVE-2021-34492 - Windows Certificate Spoofing Vulnerability
  • CVE-2021-34523 - Microsoft Exchange Server Elevation of Privilege Vulnerability
  • CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-33779 - Windows ADFS Security Feature Bypass Vulnerability
  • CVE-2021-33781 - Active Directory Security Feature Bypass Vulnerability
There was one publicly disclosed and actively exploited vulnerability known as PrintNightmare.
  • CVE-2021-34527 - Windows Print Spooler Remote Code Execution Vulnerability
Finally, there are three actively exploited Windows vulnerabilities that were not publicly disclosed.
  • CVE-2021-33771 - Windows Kernel Elevation of Privilege Vulnerability
  • CVE-2021-34448 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2021-31979 - Windows Kernel Elevation of Privilege Vulnerability
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
The Ghacks overview is posted:
It is the second Tuesday of the month and that means it is Microsoft Patch Day. Microsoft released security and non-security updates for all supported client and server versions of its Windows operating system as well as for other company products such as Microsoft Office.

Our overview starts with an executive summary; the operating system distribution and list of critical security updates follow. Below that are the main cumulative updates for all client and server versions of Windows and the list of other security updates.

The list of known issues includes only those confirmed by Microsoft. You will also find links to security advisories and other, non-security updates, as well as download information and additional resource links on this page.
And the Zero Day Initiative posted their July 2021 Security Update Review:
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
Updates an issue that causes the Japanese Input Method Editor (IME) to suddenly stop working while you are typing.
The update has been successfully applied, but this minor issue has not yet been resolved. The other day, I suspected a hardware failure and bought a new keyboard. It's a lightweight panda graph and is very comfortable. I made a good purchase thanks to this bug.🥴
 

CyberTech

Level 44
Verified
Top Poster
Well-known
Nov 10, 2017
3,247
The update has been successfully applied, but this minor issue has not yet been resolved. The other day, I suspected a hardware failure and bought a new keyboard. It's a lightweight panda graph and is very comfortable. I made a good purchase thanks to this bug.🥴
I think someone have a crush on you from Microsoft workplace that's a reason haha kidding....
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
I think someone have a crush on you from Microsoft workplace that's a reason haha kidding....
-The heart of love is updated daily. It's always buggy.-:LOL:

Entering Japanese on a pc requires a lot of steps. You have to press the space several times until you enter the desired word. It's a small bug, but it causes a lot of stress.
 

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057

Windows 10 printing issues fixed by July Patch Tuesday update​

Separate update pushed to fix printing problems​

To provide a fix for customers who do not want or can't use KIR to resolve these printing problems, Microsoft also released the KB5004237 update as part of the July 2021 Patch Tuesday.

"This issue was resolved in KB5004237, released July 13, 2021. If you are using an update released before July 13, 2021, you can resolve this issue using Known Issue Rollback (KIR)," Microsoft said in a new update to the Windows release health dashboard

"This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port. After installing this update, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue."
 

CyberTech

Level 44
Verified
Top Poster
Well-known
Nov 10, 2017
3,247
Microsoft seems to be having to deal with issues related to printers for a while now. This year alone, starting with the March update that caused the blue screen of death (BSOD) when trying to print, and more recently with the PrintNightmare print spooler service vulnerability. And Microsoft's troubles aren't stopping there.

Today, the firm has confirmed that its recent July security update version KB5004237, which was released on July 13, is causing problems when printing on certain systems when trying to utilize smart cards for user authentication. This time, alongside printing problems, scanning on such systems may also not work.

According to the Redmond firm, the KB5004237 July 13 cumulative update fixed printing problems on such printers that were connected via USB. However, it seems the update has also introduced a new bug as a result of the changes made for dealing with the CVE-2021-33764 vulnerability. This is causing the new issue on Domain Controller servers which act as gatekeepers responsible for dealing with such authentication requests.

The rest
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top