Microsoft released patches on Patch Tuesday for 7 critical and 38 important bugs in its product portfolio. These critical vulnerabilities included one that Microsoft Threat Intelligence reported as actively exploited in the wild; CVE-2021-36948 is a privilege escalation bug in Windows Update Medic Service, which is designed to maintain the integrity of Windows Update components. No specifics or statistics were shared by Microsoft on how often this vulnerability has been exploited, but organizations are recommended to update as soon as feasible. In addition, Microsoft published intended patches for #PetitPotam (CVE-2021-36942) and #PrinterNightmare (CVE-2021-36936).
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased