Article

Microsoft Security Patch

Description

Microsoft has released August 2021 security updates to fix found vulnerabilities in their software products and features that include, but not limited to:

Microsoft Office
Windows TCP/IP
Remote Desktop Client
Windows Print Spooler
Windows Bluetooth Service
Microsoft Azure Active Directory Connect

Security Risks

If the identified vulnerabilities in Microsoft products are left unpatched, malicious actors can exploit them to gain control of user systems with elevated privileges. Among the found vulnerabilities include the following that have been rated as Critical in severity:

Windows TCP/IP Remote Code Execution vulnerability
Windows Print Spooler Remote Code Execution vulnerability
Remote Desktop Client Remote Code Execution vulnerability

For the full list of security patches released by Microsoft, please refer to August 2021 Security Updates.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends all users and system administrators to:

a. Apply the latest security patches as soon as possible to prevent malware and malicious actors from exploiting and gaining unauthorized control over unpatched systems.

To apply the latest security updates for Windows OS, select the Start button, go to Settings → Update & Security → Windows Update and click on Install Now;

b. remind all users not to visit untrusted websites or follow links provided by unknown or untrusted sources;

c. upgrade immediately to the latest supported version of installed Microsoft software in order to continue

The following Microsoft software has reached end of life:

Windows XP, Windows 8 and 8.1, Windows 7, Windows 10 version 1909,
Windows Server 2012, 2012 RE, 2008, 2008 RE and earlier versions,
Windows Exchange Server 2013, 2010 and earlier versions.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009

Reference

https://msrc.microsoft.com/update-guide/releaseNote/2021-Aug

13 August 2021

More updates

05 June 2024

NCSA and Korea Internet & Security Agency sign MoU on Cybersecurity Collaboration

On June 5th, 2024, in Seoul, NCSA and KISA signed an MoU on collaboration in cybersecurity.

31 May 2024

NCSA and GIZ host stakeholder meeting on data protection and privacy

NCSA and GIZ host stakeholder meeting to discuss the use of AI to advance data protection and privacy.

24 February 2024

NCSA joins Internet Society Rwanda Chapter to celebrate Safer Internet Day

NCSA took part in the Safer Internet Day (SID) 2024 celebrations, organized by Internet Society (ISOC) Rwanda Chapter.

29 January 2024

Rwanda’s Data Protection Office host trainings for 250 Data Protection Officers

Data privacy week featured 3 data protection trainings which were delivered by global experts in data protection and privacy.

	info@ncsa.gov.rw
	9009 / 0781813310
	‎+250 791 445 224

Description

Security Risks

Recommended Actions

Reference

Related Files