Microsoft May 2021 Patch Tuesday
This month we got patches for 55 vulnerabilities. Of these, 4 are critical, 3 were previously disclosed and none is being exploited according to Microsoft.
One of the critical vulnerabilities which requires special attention this month is a remote code execution (RCE) on HTTP Protocol Stack (CVE-2021-31166). An unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. This vulnerability requires no user authentication or interaction - thus, it is considered a wormable vulnerability. The vulnerability affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2 and has a CVSS score of 9.8.
A second critical vulnerabilities addressed this month is RCE affecing Hyper-V on virtually all supported Windows versions (CVE-2021-28476). Microsoft's advisory states that the issue a guest VM to force the Hyper-V host's kernel to read from an arbitrary, potentially invalid address. In most circumstances, this would result in a denial of service of the Hyper-V host due to reading an unmapped address, but it may also could lead to other types of compromise of the Hyper-V host's security. The CVSS for this vulnerability is 9.9.
The other two critical vulnerabilities are a RCE on OLE Automation (CVE-2021-31194) associated with a CVSS of 7.50 and a Scripting Engine Memory Corruption Vulnerability (CVE-2021-26419) affecting Internet Explorer 11 with a CVSS of 6.40. None of four critical vulnerabilities was previously disclosed.
See my dashboard for a more detailed breakout: (https://patchtuesdaydashboard.com).
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET and Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2021-31204 | Yes | No | Less Likely | Less Likely | Important | 7.3 | 6.4 |
Common Utilities Remote Code Execution Vulnerability | |||||||
CVE-2021-31200 | Yes | No | Less Likely | Less Likely | Important | 7.2 | 6.7 |
Dynamics Finance and Operations Cross-site Scripting Vulnerability | |||||||
CVE-2021-28461 | No | No | Less Likely | Less Likely | Important | 6.1 | 5.5 |
HTTP Protocol Stack Remote Code Execution Vulnerability | |||||||
CVE-2021-31166 | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2021-28476 | No | No | Less Likely | Less Likely | Critical | 9.9 | 8.6 |
Microsoft Accessibility Insights for Web Information Disclosure Vulnerability | |||||||
CVE-2021-31936 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.7 |
Microsoft Bluetooth Driver Spoofing Vulnerability | |||||||
CVE-2021-31182 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
Microsoft Excel Information Disclosure Vulnerability | |||||||
CVE-2021-31174 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Microsoft Exchange Server Remote Code Execution Vulnerability | |||||||
CVE-2021-31195 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2021-31198 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Exchange Server Security Feature Bypass Vulnerability | |||||||
CVE-2021-31207 | Yes | No | Less Likely | Less Likely | Moderate | 6.6 | 5.8 |
Microsoft Exchange Server Spoofing Vulnerability | |||||||
CVE-2021-31209 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability | |||||||
CVE-2021-28455 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Microsoft Office Graphics Remote Code Execution Vulnerability | |||||||
CVE-2021-31180 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Office Information Disclosure Vulnerability | |||||||
CVE-2021-31178 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Microsoft Office Remote Code Execution Vulnerability | |||||||
CVE-2021-31175 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31176 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31177 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31179 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft SharePoint Information Disclosure Vulnerability | |||||||
CVE-2021-31171 | No | No | Less Likely | Less Likely | Important | 4.1 | 3.6 |
Microsoft SharePoint Remote Code Execution Vulnerability | |||||||
CVE-2021-31181 | No | No | More Likely | More Likely | Important | 8.8 | 7.7 |
Microsoft SharePoint Server Information Disclosure Vulnerability | |||||||
CVE-2021-31173 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2021-28474 | No | No | More Likely | More Likely | Important | 8.8 | 7.7 |
Microsoft SharePoint Spoofing Vulnerability | |||||||
CVE-2021-31172 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
CVE-2021-28478 | No | No | Less Likely | Less Likely | Important | 7.6 | 6.6 |
CVE-2021-26418 | No | No | Less Likely | Less Likely | Important | 4.6 | 4.0 |
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability | |||||||
CVE-2021-31184 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
OLE Automation Remote Code Execution Vulnerability | |||||||
CVE-2021-31194 | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2021-26419 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
Skype for Business and Lync Remote Code Execution Vulnerability | |||||||
CVE-2021-26422 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
Skype for Business and Lync Spoofing Vulnerability | |||||||
CVE-2021-26421 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Visual Studio Code Remote Code Execution Vulnerability | |||||||
CVE-2021-31211 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31214 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability | |||||||
CVE-2021-31213 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2021-27068 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Web Media Extensions Remote Code Execution Vulnerability | |||||||
CVE-2021-28465 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows CSC Service Information Disclosure Vulnerability | |||||||
CVE-2021-28479 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | |||||||
CVE-2021-31190 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Container Manager Service Elevation of Privilege Vulnerability | |||||||
CVE-2021-31165 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31167 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31168 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31169 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-31208 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Desktop Bridge Denial of Service Vulnerability | |||||||
CVE-2021-31185 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||||
CVE-2021-31170 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
CVE-2021-31188 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Media Foundation Core Remote Code Execution Vulnerability | |||||||
CVE-2021-31192 | No | No | Less Likely | Less Likely | Important | 7.3 | 6.4 |
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability | |||||||
CVE-2021-31191 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||||
CVE-2021-31186 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.4 |
Windows SMB Client Security Feature Bypass Vulnerability | |||||||
CVE-2021-31205 | No | No | Less Likely | Less Likely | Important | 4.3 | 3.8 |
Windows SSDP Service Elevation of Privilege Vulnerability | |||||||
CVE-2021-31193 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows WalletService Elevation of Privilege Vulnerability | |||||||
CVE-2021-31187 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Wireless Networking Information Disclosure Vulnerability | |||||||
CVE-2020-24587 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows Wireless Networking Spoofing Vulnerability | |||||||
CVE-2020-24588 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2020-26144 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Comments
www
Nov 17th 2022
4 months ago
EEW
Nov 17th 2022
4 months ago
qwq
Nov 17th 2022
4 months ago
mashood
Nov 17th 2022
4 months ago
isc.sans.edu
Nov 23rd 2022
3 months ago
isc.sans.edu
Nov 23rd 2022
3 months ago
isc.sans.edu
Dec 3rd 2022
3 months ago
isc.sans.edu
Dec 3rd 2022
3 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
2 months ago
isc.sans.edu
Dec 26th 2022
2 months ago