As expected, Microsoft started rolling out the July 2021 Patch Tuesday updates today. Using this batch of updates, the Redmond giant focuses on improving the overall functionality of the OS, while also fixing existing bugs.
Microsoft rolls out different Patch Tuesday updates for all the Windows 10 versions currently supported. For more information on the latest updates, check out our Windows 10 Patch Tuesday update history page.
Since each cumulative update is different for each version of Windows 10, it would be wrong to talk about a singular changelog, and that is why this article exists.
Not only will we be providing you with a detailed changelog of all the modifications brought to each major version of Windows 10, but we will also be providing you with direct download links from the Windows Update catalog.
What are the main changes in the July Patch Tuesday updates?
Microsoft’s July security updates feature approximately 40 security updates for Windows-specific issues.
July’s Patch Tuesday also includes several fixes for CVE-2021-34527, which address the Windows Print Spooler Remote Code Execution (RCE) vulnerability, a print service bug that has been exploited for the past two months.
The fix for the infamous CVE-2021-34527 is, without a doubt, the highlight of July’s Patch Tuesday.
After it was first discovered, then rediscovered, patched, but not fully, the print spooler bug had users on the edge, especially after the POC’s publication.
Now, this vulnerability appears to be fixed on Microsoft’s Security Update guide, complete with additional workarounds for users who have yet to apply the latest essential patches.
You can download each individual cumulative update by using the direct links we have provided for you.
Patch Tuesday list of CVEs
CVE-2021-34473 – This Remote Code Execution for Microsoft Exchange is rated as a 9.1, requires no user interaction, has a low complexity, and does not need user interaction. That seems to cover just about all of the worst case scenarios for an exploit. That is before we mention that this is one that is already publicly disclosed. If you run exchange on-prem this should have you running to get it patched ASAP.
CVE-2021-34448 – This exploit is already being used out in the wild, and per the MSRC site it can cause a total of integrity and confidentiality. Meaning they can get all information or modify all files from the impacted component. The only ray of sunshine here is that it does require user interaction, but that can be as simple as getting them to visit a corrupted site or click on a bad link. Thank goodness your end-user training has been thorough and has been adopted by everyone!
CVE-2021-34494 – Anytime there is a threat to DNS it is worth highlighting. On the bright side you don’t need to patch every machine with this one, only machines that are DNS servers. On the dark side, it requires minimal permissions and no user interaction to exploit. This is not one that is already publicly known or exploited, so at least patching should get you ahead of it.
These are the critical vulnerabilities fixed in the July 2021 Patch Tuesday
|Windows Server 2012 R2||Critical||CVE-2021-34493|
|Windows Server 2012 R2||Critical||CVE-2021-34523|
|Windows 10 Version 1607 for 32-bit Systems||Critical||CVE-2021-33767|
|Windows 10 for x64-based Systems||Critical||CVE-2021-34522|
|Windows 10 for 32-bit Systems||Critical||CVE-2021-34521|
|Windows 10 Version 20H2 for ARM64-based Systems||Critical||CVE-2021-34474|
|Windows 10 Version 20H2 for 32-bit Systems||Critical||CVE-2021-34528|
|Windows 10 Version 20H2 for x64-based Systems||Critical||CVE-2021-34451|
|Windows 10 Version 2004 for x64-based Systems||Critical||CVE-2021-34470|
|Windows 10 Version 2004 for ARM64-based Systems||Critical||CVE-2021-34469|
|Windows 10 Version 1809 for 32-bit Systems||Critical||CVE-2021-34520|
|Windows Server 2016||Critical||CVE-2021-33779|
|Windows Server, version 20H2 (Server Core Installation)||Critical||CVE-2021-33778|
|Windows Server 2019 (Server Core installation)||Critical||CVE-2021-33765|
|Windows Server 2019||Critical||CVE-2021-33764|