Microsoft Windows Security Updates August 2021 overview

Microsoft has released security updates and non-security updates for its Windows operating system on today's Patch Day. Updates are available for all client and server versions of Microsoft Windows, as well as other company products such as Microsoft Office or Azure.

The overview that you are reading includes information and resource links to get you started quickly. It begins with an executive summary, which lists important details. The operating system distribution and list of cumulative updates for all Windows versions follow.

Our guide lists known issues as confirmed by Microsoft, links to security advisories, non-security patches, download information, and more resource links at the bottom of the page.

Click here to open the July 2021 Patch Day overview published last month.

The Microsoft Windows Security Updates: August 2021

Click here to download an Excel spreadsheet that lists all released security updates: windows-updates-august-2021

Executive Summary

• Microsoft released security updates for all supported versions of Windows (client and server).
• Security updates are also available for Microsoft Office, Azure, Azure Sphere, ASP .NET, .NET Core & Visual Studio, Microsoft Dynamics, Remote Desktop Client and other products.
• The following Windows client and server versions have known issues: Windows 7 SP1, Windows 8.1, Windows 10 versions 1909, 2004, 20H2 and 21H1, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2019

Operating System Distribution

• Windows 7 (extended support only): 12 vulnerabilities: 4 critical and 8 important
  • Windows Print Spooler Remote Code Execution Vulnerability -- CVE-2021-36936
  • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2021-26424
  • Remote Desktop Client Remote Code Execution Vulnerability -- CVE-2021-34535
  • Scripting Engine Memory Corruption Vulnerability -- CVE-2021-34480
• Windows 8.1: 18 vulnerabilities: 5 critical and 13 important
  • Windows Print Spooler Remote Code Execution Vulnerability -- CVE-2021-36936
  • Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability -- CVE-2021-26432
  • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2021-26424
  • Remote Desktop Client Remote Code Execution Vulnerability -- CVE-2021-34535
  • Scripting Engine Memory Corruption Vulnerability -- CVE-2021-34480
• Windows 10 version 1903 and 1909: 23 vulnerabilities: 7 critical and 16 important
  • Remote Desktop Client Remote Code Execution Vulnerability -- CVE-2021-34535
  • Windows MSHTML Platform Remote Code Execution Vulnerability -- CVE-2021-34534
  • Scripting Engine Memory Corruption Vulnerability -- CVE-2021-34480
  • Windows Graphics Component Remote Code Execution Vulnerability -- CVE-2021-34530
  • Windows Print Spooler Remote Code Execution Vulnerability -- CVE-2021-36936
  • Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability -- CVE-2021-26432
  • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2021-26424
• Windows 10 version 2004, 20H2 and 21H1 : 24 vulnerabilities, 7 critical and 17 important
  • same as Windows 10 version 1909.

Windows Server products

• Windows Server 2008 R2 (extended support only): 13 vulnerabilities: 4 critical and 9 important
  • Windows Print Spooler Remote Code Execution Vulnerability -- CVE-2021-36936
  • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2021-26424
  • Remote Desktop Client Remote Code Execution Vulnerability -- CVE-2021-34535
  • Scripting Engine Memory Corruption Vulnerability -- CVE-2021-34480
• Windows Server 2012 R2: 19 vulnerabilities: 5 critical and 14 important
  • Windows Print Spooler Remote Code Execution Vulnerability -- CVE-2021-36936
  • Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability -- CVE-2021-26432
  • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2021-26424
  • Remote Desktop Client Remote Code Execution Vulnerability -- CVE-2021-34535
  • Scripting Engine Memory Corruption Vulnerability -- CVE-2021-34480
• Windows Server 2016: 23 vulnerabilities: 7 critical and 16 important
  • Windows Graphics Component Remote Code Execution Vulnerability -- CVE-2021-34530
  • Scripting Engine Memory Corruption Vulnerability -- CVE-2021-34480
  • Windows MSHTML Platform Remote Code Execution Vulnerability -- CVE-2021-34534
  • Remote Desktop Client Remote Code Execution Vulnerability -- CVE-2021-34535
  • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2021-26424
  • Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability -- CVE-2021-26432
  • Windows Print Spooler Remote Code Execution Vulnerability -- CVE-2021-36936
• Windows Server 2019: 25 vulnerabilities: 7 critical and 18 important
  • same as Windows Server 2016

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

• Monthly Rollup: KB5005088
• Security-Only: KB5005089

Updates and improvements:

• Administrative privileges are required to install printer drivers using Point and Print. More information is available here and here.
• Fixed an issue with Smart Card Authentication failures on non-RFC compliant printers and scanners. See here for more information.
• Security updates

Windows 8.1 and Windows Server 2012 R2

• Monthly Rollup: KB5005076 
• Security-only: KB5005106 

Updates and improvements:

• Administrative privileges are required to install printer drivers using Point and Print. More information is available here and here.
• Fixed an issue with Smart Card Authentication failures on non-RFC compliant printers and scanners. See here for more information.
• Security updates

Windows 10 version 1909

• Support Page: KB5005031

Updates and improvements:

• Administrative privileges are required to install printer drivers using Point and Print. More information is available here and here.

Windows 10 version 2004, 20H2 and 21H1

• Support Page: KB5005033

Updates and improvements:

• Administrative privileges are required to install printer drivers using Point and Print. More information is available here and here.

Other security updates

2021-08 Cumulative Security Update for Internet Explorer (KB5005036)

2021-08 Security Monthly Quality Rollup for Windows Server 2008 (KB5005090)

2021-08 Security Only Quality Update for Windows Server 2008 (KB5005095)

2021-08 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5005094)

2021-08 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5005099)

2021-08 Cumulative Update for Windows 10 version 1507 (KB5005040)

2021-08 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5005043)

2021-08 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5005030)

2021-08 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5005039)

Servicing Stack Updates

2021-08 Servicing Stack Update for Windows Server 2019 and Windows 10 Version 1809 (KB5005112)

2021-08 Servicing Stack Update for Windows 10 Version 1909 (KB5005412)

2021-08 Servicing Stack Update for Windows Server, version 20H2, Windows 10 Version 20H2, Windows Server, version 2004, Windows 10 Version 2004, Windows 10 Version 1909, and Windows 10 Version 1903 (KB5005260)

Known Issues

Windows 7 SP1 and Windows Server 2008 R2

• After installing this update, the Elastic File System (EFS) API OpenEncryptedFileRaw(A/W), often used in backup software, will not work when you back up to or from a Windows Server 2008 SP2 device.
  • Expected behavior according to Microsoft. See CVE-2021-36942.
• Certain operations will fail on Cluster Shared Volumes.
  • Perform the task from a process with elevated rights.
  • Perform the task from a node that does not have CSV ownership.
• Updates will be uninstalled if the device does not support ESU.
  • Expected behavior.

Windows 8.1 and Server 2012 R2

• After installing this update, the Elastic File System (EFS) API OpenEncryptedFileRaw(A/W), often used in backup software, will not work when you back up to or from a Windows Server 2008 SP2 device.
  • Expected behavior according to Microsoft. See CVE-2021-36942.
• Certain operations will fail on Cluster Shared Volumes.
  • Perform the task from a process with elevated rights.
  • Perform the task from a node that does not have CSV ownership.

Windows 10 version 1909

• After installing this update, the Elastic File System (EFS) API OpenEncryptedFileRaw(A/W), often used in backup software, will not work when you back up to or from a Windows Server 2008 SP2 device.
  • Expected behavior according to Microsoft. See CVE-2021-36942.

Windows 10 versions 2004, 20H2 and 21H1

• After installing this update, the Elastic File System (EFS) API OpenEncryptedFileRaw(A/W), often used in backup software, will not work when you back up to or from a Windows Server 2008 SP2 device.
  • Expected behavior according to Microsoft. See CVE-2021-36942.
• Some devices will receive the error "PSFX_E_MATCHING_BINARY_MISSING" when trying to install updates after the KB5003690 update released in June.
  • See here for a workaround.
• If Windows was installed from custom ISO images or custom offline media, the new Microsoft Edge may not be installed.
  • See the support article for a workaround.
• Character input issues with the Japanese Input Method Editor.
  • No workaround or solution yet.

Security advisories and updates

ADV 990001 -- Latest Servicing Stack Updates

Other updates

2021-08 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5004753)

2021-08 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5004754)

2021-08 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5004755)

2021-08 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5004757)

2021-08 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5004758)

2021-08 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5004759)

2021-08 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5004871)

2021-08 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5004872)

2021-08 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5004873)

2021-08 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for ARM64 (KB5004330)

2021-08 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2, Windows 10 Version 20H2, Windows Server, version 2004, Windows 10 Version 2004, Windows 10 Version 1909, and Windows 10 Version 1903 (KB5004331)

2021-08 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5004332)

2021-08 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 (KB5004333)

2021-08 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5004335)

2021-08 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5004752)

2021-08 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5004870)

2021-08 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 and 4.6.2 for Windows Server 2008 (KB5004874)

Microsoft Office Updates

You find Office update information here.

How to download and install the August 2021 security updates

Security updates are installed automatically on most home systems. Some home administrators have disabled automatic updates; these may download and install updates from Microsoft's Update Catalog website to install them manually on Windows PCs.

System administrators who manage systems using update management systems such as WSUS may install updates to managed systems using the updating tools.

You may run a manual check for updates on Home systems in the following way:

1. Select Start, type Windows Update and load the Windows Update item that is displayed.
2. Select check for updates to run a manual check for updates.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 7 and Server 2008 R2

• KB5005088 -- 2021-08 Security Monthly Quality Rollup for Windows 7
• KB5005089 -- 2021-08 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB5005076 -- 2021-08 Security Monthly Quality Rollup for Windows 8.1
• KB5005106 -- 2021-08 Security Only Quality Update for Windows 8.1

Windows 10 (version 1909)

• KB5005031 -- 2021-08 Cumulative Update for Windows 10 Version 1909

Windows 10 (version 2004)

• KB5005033 -- 2021-08 Cumulative Update for Windows 10 Version 2004

Windows 10 (version 20H2)

• KB5005033 -- 2021-08 Cumulative Update for Windows 10 Version 20H2

Windows 10 (version 21H1)

• KB5005033 -- 2021-08 Cumulative Update for Windows 10 Version 21H1

Additional resources

• August 2021 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates August 2021 overview appeared first on gHacks Technology News.