Article

Microsoft Security Patch

Description

Microsoft has released August 2021 security updates to fix found vulnerabilities in their software products and features that include, but not limited to:

Microsoft Office
Windows TCP/IP
Remote Desktop Client
Windows Print Spooler
Windows Bluetooth Service
Microsoft Azure Active Directory Connect

Security Risks

If the identified vulnerabilities in Microsoft products are left unpatched, malicious actors can exploit them to gain control of user systems with elevated privileges. Among the found vulnerabilities include the following that have been rated as Critical in severity:

Windows TCP/IP Remote Code Execution vulnerability
Windows Print Spooler Remote Code Execution vulnerability
Remote Desktop Client Remote Code Execution vulnerability

For the full list of security patches released by Microsoft, please refer to August 2021 Security Updates.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends all users and system administrators to:

a. Apply the latest security patches as soon as possible to prevent malware and malicious actors from exploiting and gaining unauthorized control over unpatched systems.

To apply the latest security updates for Windows OS, select the Start button, go to Settings → Update & Security → Windows Update and click on Install Now;

b. remind all users not to visit untrusted websites or follow links provided by unknown or untrusted sources;

c. upgrade immediately to the latest supported version of installed Microsoft software in order to continue

The following Microsoft software has reached end of life:

Windows XP, Windows 8 and 8.1, Windows 7, Windows 10 version 1909,
Windows Server 2012, 2012 RE, 2008, 2008 RE and earlier versions,
Windows Exchange Server 2013, 2010 and earlier versions.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009

Reference

https://msrc.microsoft.com/update-guide/releaseNote/2021-Aug

13 August 2021

More updates

10 December 2024

NCSA conducts national cyberdrill to strengthen cybersecurity readiness

The cyberdrill aims to ensure national stakeholders can protect critical information infrastructure and minimize cyber incidents.

26 November 2024

100 Public Sector Data Protection Officers trained on ensuring Data Privacy

From November 26th - November 29th 2024, NCSA hosted a four-day training for 100 Data Protection Officers of public sector institutions.

21 October 2024

Rwanda Coding Academy students emerge winners of Cyberlympics

Cyberlympics is an online cyber-security and cyber-defence competition, which took place during the Africa Cyber Defence Forum.

15 October 2024

ACDF returns to Kigali to advance continental cyber resilience

The Africa Cyber Defense Forum is a continental platform which aims to safeguard Africa’s digital future through cooperation in cybersecurity.

	info@ncsa.gov.rw
	9009 / 0781813310
	‎+250 791 445 224

Description

Security Risks

Recommended Actions

Reference

Related Files