Today is Microsoft's July 2021 Patch Tuesday, and with it comes fixes for nine zero-day vulnerabilities and a total of 117 flaws, so Windows admins will be pulling their hair out as they scramble to get devices patched and secured.
Microsoft has fixed 117 vulnerabilities with today's update, with 13 classified as Critical, 1 Moderate, and 103 as Important.
Of the 117 vulnerabilities, 44 are remote code execution, 32 are for elevation of privilege, 14 are information disclosure, 12 are Denial of Service, 8 are security feature bypass, and seven are spoofing vulnerabilities.
For information about the non-security Windows updates, you can read about today's Windows 10 KB5004237 & KB5004245 cumulative updates.
Microsoft Patch Tuesday, July 2021 Edition
https://krebsonsecurity.com/2021/07/microsoft-patch-tuesday-july-2021-edition/
Microsoft fixes Windows Hello authentication bypass vulnerability
Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system.According to Microsft, the number of Windows 10 customers using Windows Hello to sign in to their devices instead of a password grew from 69.4% to 84.7% during 2019.
Microsoft Windows Security Updates July 2021 overview
It is the second Tuesday of the month and that means it is Microsoft Patch Day. Microsoft released security and non-security updates for all supported client and server versions of its Windows operating system as well as for other company products such as Microsoft Office.
https://www.ghacks.net/2021/07/13/microsoft-windows-security-updates-july-2021-overview/