Microsoft has released fixes for as many as 117 vulnerabilities under its July 2021 Patch Tuesday. The latest release consists of security updates for a range of Microsoft products and features, including Microsoft Office, Windows Defender, Windows Hello, and Microsoft Exchange Server, among others. It also includes fixes specifically for four vulnerabilities that are being exploited in the wild. Microsoft usually releases a package of security updates for its software on the second Tuesday of every month, which is dubbed Patch Tuesday.
The list of the fresh security updates released by Microsoft includes fixes for various remote code execution, spoofing, information disclosure, and memory corruption issues. Of the total vulnerabilities fixed, 13 are rated critical and nine are zero-days (the flaws that were exploited by hackers before they came into notice by the developers).
Microsoft has also included fixes for four flaws that are still under active exploitation and could impact end-users. These include the PrintNightmare vulnerability that came into notice a few days back.
Seventeen of the total flaws fixed by Microsoft were reported by software vulnerability programme Zero Day Initiative. The global initiative says that the volume of the fixes is more than the last two months combined and on par with the monthly totals from 2020.
Microsoft patched 50 security flaws in its last Patch Tuesday package in June. Those included seven zero-day flaws.
In addition to the vulnerabilities reported by the Zero Day Initiative team, the latest Patch Tuesday fixes flaws that were brought into notice by researchers from Checkmarx, Google Security, and Fortinet’s FortiGuard Lab. There are also fixes for the issues reported by the Microsoft Threat Intelligence Center. Additionally, a remote code execution vulnerability in Microsoft Exchange Server that has now received a patch was discovered by the researchers participating in this year’s Pwn2Own contest.
Users are recommended to download the newest software versions of Microsoft offerings on their systems to protect them from the known vulnerabilities. The new releases are available through the Microsoft Update Catalog. Particularly for Windows fixes, the Redmond, Washington-based company includes them under its monthly security releases.