Top 10 IT Security Titles of 2021 — Redmondmag.com
Top 10 IT security titles of 2021: The vulnerabilities we’re worried about
Let’s take a look back at our year of vulnerability exposures, reactionary patches, and losing sleep over the security flaw that would emerge tomorrow.
10. April Microsoft Security Patch Released, Bringing More Critical Exchange Server Fixes (April 13)
Microsoft has released security updates for 114 common vulnerabilities and exposures (CVEs) in its software products, while issuing an additional note urging organizations to apply new “critical” April Exchange Server patches “as soon as possible” .
9. Microsoft Issues Security Advisory on “SeriousSAM” Elevation of Privilege Flaw in Windows Client Systems (July 21)
Microsoft has released a security advisory regarding an elevation of privilege vulnerability (CVE-2021-36934) in Windows 10 guest operating systems.
8. Another Windows Print Spooler vulnerability disclosed by Microsoft (August 13)
Microsoft has issued a “Security Update Guide” advisory on another Windows print spooler vulnerability, namely CVE-2021-36958. [Read here]
7. Microsoft and Security Researchers Describe Tips and Tools to Detect Exchange Server Hafnium Attacks (March 8)
Microsoft has updated its recommendations for organizations running Exchange Server, targeted in Hafnium nation-state attacks, by outlining some new resources. [Read here]
6. Microsoft’s June Windows Print Spool Patch Does Not Block Remote Code Execution Attacks (June 30)
An Important-rated Windows print spool vulnerability (CVE-2021-1675), patched by Microsoft through its June 8 security patch rollout, has more recently emerged as being under active attack. [Read here]
5. Microsoft Releases Hafnium Security Patches That Do Not Require Latest Exchange Server Cumulative Updates (March 9)
Microsoft’s Exchange team announced additional help for organizations having difficulty trying to quickly patch Exchange Server products in response to Hafnium attacks. [Read here]
4. “Millions” of Dell Windows PCs Contain “Critical” Driver Vulnerability (May 5)
Dell has published a support article describing a “critical” vulnerability in the Dell dbutil driver affecting most Dell computer users on Windows. [Read here]
3. Microsoft Releases Out-of-Band “PrintNightmare” Windows Print Spooler Patch (July 7)
Microsoft has announced the release of an “out of band” patch for a Windows print spooler vulnerability called “PrintNightmare”. [Read here]
2. Microsoft releases out-of-band security patches for Exchange Server (March 3)
Microsoft has released out-of-band security patches for Exchange Server to address several zero-day vulnerabilities currently being exploited in active attacks. [Read here]
1. Microsoft clarifies its opinion on the “PrintNightmare” patch (July 9)
Microsoft has released “clarified guidance” for organizations dealing with a zero-day Windows printer spooler vulnerability called “PrintNightmare”. [Read here]