As with all the other Patch Tuesday updates of previous months, these bring a host of changes, fixes, and improvements to all supported versions of the Windows OS. Microsoft announced the presence of CVE-2021-40444 on Wednesday, a vulnerability that is reported both as Publicly Disclosed and Known Exploited. This particular vulnerability allows for remote code execution via MSHTML, a component used by Internet Explorer and Office.

What can we expect from the September Patch Tuesday?

If you like to keep yourself up to date with everything that the Redmond-based tech company does during these Patch Tuesday events, you surely remember last month’s batch. Pressed by serious security concerns, Microsoft released a huge number of security fixes, meant to sort out some exploits that were going on in the wild. Redmond officials included a detailed workaround to disable the installation of all ActiveX controls in Internet Explorer which will mitigate this attack. Watch for an update that addresses this vulnerability otherwise you will need to consider this mitigation to address the issue in the short term until a fix is released. The CVSS 3.0 score is 8.8. SPONSORED The zero-day vulnerabilities that Microsoft has tracked as being actively exploited were patched in August 2021, as follows:  However, this month we can expect a limited number of CVEs addressed across all the operating systems as Microsoft comes back from final summer vacation. We’re now past the halfway point for the Extended Security Updates (ESUs) for Windows 7 and Server 2008/2008 R2 so anyone running these operating systems should be working on an upgrade scheme. Also, with CVE-2021-40444 announced, we should definitely see an Internet Explorer update. If you were wondering about Adobe Acrobat and Reader, know that they will be updated, as Adobe provided a Prenotification Security Advisory APSB21-55. So this should be a fairly easy September Patch Tuesday but enjoy it while it lasts because this is actually the calm before the storm. As we know, software updates typically pick up in October and November prior to the end-of-year holidays and we also need to factor in adding support for the release of all these new operating systems.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ