Description:

Microsoft has released security updates to address several vulnerabilities in the following products:

• Common Internet File System
• Dynamics Business Central Control
• Microsoft Bing
• Microsoft Dynamics
• Microsoft Exchange Server
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office Excel
• Microsoft Office SharePoint
• Microsoft Scripting Engine
• Microsoft Windows Codecs Library
• Microsoft Windows DNS
• Microsoft Windows Media Foundation
• OpenEnclave
• Power BI
• Role: DNS Server
• Role: Hyper-V
• Visual Studio Code
• Visual Studio Code - .NET Runtime
• Visual Studio Code - Maven for Java Extension
• Windows Active Directory
• Windows Address Book
• Windows AF_UNIX Socket Provider
• Windows AppContainer
• Windows AppX Deployment Extensions
• Windows Authenticode
• Windows Cloud Files Mini Filter Driver
• Windows Console Driver
• Windows Defender
• Windows Desktop Bridge
• Windows Event Tracing
• Windows File History Service
• Windows Hello
• Windows HTML Platform
• Windows Installer
• Windows Kernel
• Windows Key Distribution Center
• Windows Local Security Authority Subsystem Service
• Windows MSHTML Platform
• Windows Partition Management Driver
• Windows PFX Encryption
• Windows Print Spooler Components
• Windows Projected File System
• Windows Remote Access Connection Manager
• Windows Remote Assistance
• Windows Secure Kernel Mode
• Windows Security Account Manager
• Windows Shell
• Windows SMB
• Windows Storage Spaces Controller
• Windows TCP/IP
• Windows Win32K

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Sensitive information disclosure

Best practice and Recommendations:

The CERT team encourages users to review Microsoft security advisory and apply the necessary updates:

• https://msrc.microsoft.com/update-guide/releaseNote/2021-Jul