14 DAY TRIAL // Microsoft rolled out a new monthly rollup and a security-only update for Windows 7 as part of the August 2021 Patch Tuesday cycle, and this time, the company has resolved a total of 12 vulnerabilities in the 2009 operating system.
Out of them, no less than 4 are rated as critical, so IT admins are recommended to deploy the patches as soon as possible.
Worth knowing, however, is that only systems that are enrolled in the ESU program are getting these updates, so if you’re a consumer still running Windows 7, you shouldn’t be getting any security patches.
The following flaws have been resolved in Windows 7 this month:
- Windows Print Spooler Remote Code Execution Vulnerability - CVE-2021-36936
- Windows TCP/IP Remote Code Execution Vulnerability - CVE-2021-26424
- Remote Desktop Client Remote Code Execution Vulnerability - CVE-2021-34535
- Scripting Engine Memory Corruption Vulnerability - CVE-2021-34480
The Windows 7 monthly rollup is KB5005088, while the security-only update lands as KB5005089.
Microsoft has also resolved the PrintNightmare bug in Windows 7 by changing the default privilege configuration, something that the company applied in Windows 10 as well.
“Changes the default privilege requirement for installing drivers when using Point and Print. After installing this update, you must have administrative privileges to install drivers. If you use Point and Print, see KB5005652, Point and Print Default Behavior Change, and CVE-2021-34481 for more information,” the company explains.
There are no new known issues in this update, though you should keep in mind that a computer that isn’t enrolled in the ESU program could end up failing to install the update with an error message reading “Failure to configure Windows updates. Reverting changes. Do not turn off your computer.”
Microsoft says whoever gets this error despite being part of the ESU program should check if all the other prerequisites are met.