Microsoft released its September Patch Tuesday updates, which will be available for Windows 10, Windows Server 2016, and Windows Server 2012 R2 today.
Microsoft has released the September Patch Tuesday updates today. The update includes fixes for several known vulnerabilities, including microsoft patch tuesday september 2023.
Alexandru Poloboc is an author.
Editor of the News
Alex spent the most of his time working as a news reporter, anchor, and on TV and radio, with an overwhelming urge to always get to the bottom of things and discover the truth… Continue reading
- Are you prepared for a fresh round of critical software updates?
- As part of Patch Tuesday, Microsoft will distribute them today.
- You can catch up on what the IT behemoth has been up to in recent months.
- Also, find out what the Redmond firm has planned for September.
September has here, bringing with it a new set of Patch Tuesday updates that many users have been looking forward to.
As with all past Patch Tuesday updates, this one brings a slew of new features, fixes, and enhancements to all supported versions of the Windows operating system.
On Wednesday, Microsoft disclosed the existence of CVE-2021-40444, a vulnerability that has been classified as both Publicly Disclosed and Known Exploited.
This vulnerability in MSHTML, a component used by Internet Explorer and Office, allows for remote code execution.
What can we anticipate from Patch Tuesday in September?
If you prefer to stay up to speed on everything that the Redmond-based software giant does during these Patch Tuesday events, you’ll recall the batch from last month.
In response to severe security concerns, Microsoft issued a slew of security updates aimed at addressing certain open-source vulnerabilities.
Redmond authorities provided a comprehensive solution that would prevent this threat by disabling the installation of all ActiveX components in Internet Explorer.
Keep an eye out for an update that resolves this vulnerability; if not, consider this mitigation to address the problem in the interim until a patch is issued. 8.8 is the CVSS 3.0 score.
Microsoft fixed the following zero-day vulnerabilities that were being actively exploited in August 2023:
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
Visual Studio and.NET Core | CVE-2021-34485 | Information Disclosure Vulnerability in.NET Core and Visual Studio | Important |
Visual Studio and.NET Core | CVE-2021-26423 | Vulnerability in.NET Core and Visual Studio for Denial of Service | Important |
Visual Studio and ASP.NET Core | CVE-2021-34532 | Information Disclosure Vulnerability in ASP.NET Core and Visual Studio | Important |
Azure | CVE-2021-36943 | Elevation of Privilege Vulnerability in Azure CycleCloud | Important |
Azure | CVE-2021-33762 | Elevation of Privilege Vulnerability in Azure CycleCloud | Important |
Sphere in Azure | CVE-2021-26428 | Vulnerability in Sphere in Azure Information Disclosure | Important |
Sphere in Azure | CVE-2021-26430 | Vulnerability in Azure Sphere that causes a denial of service | Important |
Azure Sphere | CVE-2021-26429 | Vulnerability in Azure Sphere Privilege Elevation | Important |
Connect to Microsoft Azure Active Directory | CVE-2021-36949 | Vulnerability in Microsoft Azure Active Directory Connect Authentication | Important |
Microsoft Dynamics is a software program that allows you to is a software program that allows you to is a software program that allows you to | CVE-2021-36946 | Vulnerability in Microsoft Dynamics Business Central’s Cross-Site Scripting | Important |
Microsoft Dynamics | CVE-2021-36950 | Cross-site Scripting Vulnerability in Microsoft Dynamics 365 (on-premises) | Important |
Microsoft Dynamics | CVE-2021-34524 | Microsoft Dynamics 365 is a cloud-based version of Microsoft Dynamics (on-premises) Vulnerability to Remote Code Execution | Important |
Microsoft Edge is a browser developed by Microsoft (Chromium-based) | CVE-2021-30591 | CVE-2021-30591 for chromium In the File System API, use after free. | Unknown |
Microsoft Edge is a browser developed by Microsoft (Chromium-based) | CVE-2021-30592 | CVE-2021-30592 for chromium Write in Tab Groups while you’re out of limits. | Unknown |
Microsoft Edge is a browser developed by Microsoft (Chromium-based) | CVE-2021-30597 | CVE-2021-30597 for chromium After that, you may use it for free in the browser UI. | Unknown |
Microsoft Edge is a browser developed by Microsoft (Chromium-based) | CVE-2021-30594 | CVE-2021-30594 for chromium After that, under the Page Info UI, you may use it for free. | Unknown |
Microsoft Edge is a browser developed by Microsoft (Chromium-based) | CVE-2021-30596 | CVE-2021-30596 chromium In Navigation, the security UI is incorrect. | Unknown |
Microsoft Edge is a browser developed by Microsoft (Chromium-based) | CVE-2021-30590 | CVE-2021-30590 CVE-2021-30590 CVE-2021-30590 CVE-2021-30590 C Bookmarks heap buffer overflow | Unknown |
Microsoft Edge is a browser developed by Microsoft (Chromium-based) | CVE-2021-30593 | CVE-2021-30593 Out of bounds read in Tab Strip in Chromium | Unknown |
Graphics Component from Microsoft | CVE-2021-34530 | Remote Code Execution Vulnerability in the Windows Graphics Component | Critical |
Graphics Component from Microsoft | CVE-2021-34533 | Remote Code Execution Vulnerability in the Windows Graphics Component Font Parsing | Important |
Microsoft Office is a program that allows you to create | CVE-2021-34478 | Remote Code Execution Vulnerability in Microsoft Office | Important |
SharePoint is a Microsoft Office product. | CVE-2021-36940 | Spoofing Vulnerability in Microsoft SharePoint Server | Important |
Microsoft Word is a word processing program. | CVE-2021-36941 | Remote Code Execution Vulnerability in Microsoft Word | Important |
Scripting Engine by Microsoft | CVE-2021-34480 | Memory Corruption Vulnerability in the Scripting Engine | Critical |
Microsoft Windows Codecs Library is a collection of codecs for Windows. | CVE-2021-36937 | Remote Code Execution Vulnerability in Windows Media Player is a program that allows you to MPEG-4 Video Decoder | Important |
Client for Remote Desktop | CVE-2021-34535 | Remote Code Execution Vulnerability in the Remote Desktop Client | Critical |
Bluetooth Service in Windows | CVE-2021-34537 | Vulnerability in the Windows Bluetooth Driver’s Privilege Escalation | Important |
Cryptographic Services for Windows | CVE-2021-36938 | Information Disclosure Vulnerability in the Windows Cryptographic Primitives Library | Important |
Windows Defender is a program that protects your computer | CVE-2021-34471 | Elevation of Privilege Vulnerability in Microsoft Windows Defender | Important |
Event tracing on Windows | CVE-2021-34486 | Elevation of Privilege Vulnerability in Event tracing on Windows | Important |
Event tracing on Windows | CVE-2021-34487 | Elevation of Privilege Vulnerability in Windows Event Tracing | Important |
Windows Event Tracing | CVE-2021-26425 | Elevation of Privilege Vulnerability in Windows Event Tracing | Important |
Windows Media | CVE-2021-36927 | Elevation of Privilege Vulnerability in the Windows Digital TV Tuner Device Registration Application | Important |
MSHTML Platform for Windows | CVE-2021-34534 | Remote Code Execution Vulnerability in the Windows MSHTML Platform | Critical |
NTLM is a security protocol used by Windows. | CVE-2021-36942 | Vulnerability in Windows LSA Spoofing | Important |
Components of the Windows Print Spooler | CVE-2021-34483 | Elevation of Privilege Vulnerability in Windows Print Spooler | Important |
Components of the Windows Print Spooler | CVE-2021-36947 | Remote Code Execution Vulnerability in Windows Print Spooler | Important |
Components of the Windows Print Spooler | CVE-2021-36936 | Remote Code Execution Vulnerability in Windows Print Spooler | Critical |
NFS ONCRPC XDR Driver Windows Services | CVE-2021-36933 | Vulnerability in NFS ONCRPC XDR Driver Windows Services Information Disclosure | Important |
NFS ONCRPC XDR Driver Windows Services | CVE-2021-26433 | Information Disclosure for NFS ONCRPC XDR Driver Windows Servicess Vulnerability | Important |
NFS ONCRPC XDR Driver Windows Services | CVE-2021-36932 | Information Disclosure for Windows Services for NFS ONCRPC XDR Drivers Vulnerability | Important |
Windows Services for NFS ONCRPC XDR Driver | CVE-2021-26432 | Remote Code Execution Vulnerability in Windows Services for NFS ONCRPC XDR Driver | Critical |
Windows Services for NFS ONCRPC XDR Driver | CVE-2021-36926 | Information Disclosure for Windows Services for NFS ONCRPC XDR Drivers Vulnerability | Important |
Storage Spaces Manager in Windows | CVE-2021-34536 | Elevation of Privilege Vulnerability in Storage Spaces Controller | Important |
TCP/IP on Windows | CVE-2021-26424 | Remote Code Execution Vulnerability in Windows TCP/IP | Critical |
Updates for Windows | CVE-2021-36948 | Elevation of Privilege Vulnerability in the Windows Update Medic Service | Important |
Windows Update Assistant is a program that helps you keep your computer is a program that helps you keep your computer | CVE-2021-36945 | Elevation of Privilege Vulnerability in Windows 10 Update Assistant | Important |
Windows Update Assistant | CVE-2021-26431 | Vulnerability in the Windows Recovery Environment Agent’s Privilege Escalation | Important |
User Profile Service in Windows | CVE-2021-34484 | User Profile Service in Windows Privilege Vulnerability Increases | Important |
User Profile Service in Windows | CVE-2021-26426 | Picture of a Windows User Account Profile Privilege Vulnerability Increases | Important |
As Microsoft returns from its last summer vacation, we may anticipate a limited number of CVEs to be handled across all OS systems this month.
Extended Security Updates (ESUs) for Windows 7 and Server 2008/2008 R2 are now halfway complete, so anybody using these operating systems should be planning an upgrading strategy.
Also, with the announcement of CVE-2021-40444, we should expect an Internet Explorer upgrade.
If you’re concerned about Adobe Acrobat and Reader, you may rest certain that they’ll be updated soon, according to Adobe’s Prenotification Security Advisory APSB21-55.
So, although this should be a relatively simple September Patch Tuesday, take advantage of it while it lasts since this is the quiet before the storm.
As we all know, software upgrades ramp up around October and November, just before the holidays, and we also have to account for providing support for all of these new operating systems.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Related Tags
- latest windows 10 update problems 2023
- microsoft patch tuesday july 2023
- patch tuesday june 2023
- windows update july 2023 problems
- 2021-07 cumulative update for windows 10 version 21h1 for x64-based systems