Microsoft May 2021 Patch Tuesday

Published: 2021-05-11. Last Updated: 2021-05-11 23:25:31 UTC
by Renato Marinho (Version: 1)

This month we got patches for 55 vulnerabilities. Of these, 4 are critical, 3 were previously disclosed and none is being exploited according to Microsoft.

One of the critical vulnerabilities which requires special attention this month is a remote code execution (RCE) on HTTP Protocol Stack (CVE-2021-31166). An unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. This vulnerability requires no user authentication or interaction - thus, it is considered a wormable vulnerability. The vulnerability affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2 and has a CVSS score of 9.8.

A second critical vulnerabilities addressed this month is RCE affecing Hyper-V on virtually all supported Windows versions (CVE-2021-28476). Microsoft's advisory states that the issue a guest VM to force the Hyper-V host's kernel to read from an arbitrary, potentially invalid address. In most circumstances, this would result in a denial of service of the Hyper-V host due to reading an unmapped address, but it may also could lead to other types of compromise of the Hyper-V host's security. The CVSS for this vulnerability is 9.9.

The other two critical vulnerabilities are a RCE on OLE Automation (CVE-2021-31194) associated with a CVSS of 7.50 and a Scripting Engine Memory Corruption Vulnerability (CVE-2021-26419) affecting Internet Explorer 11 with a CVSS of 6.40. None of four critical vulnerabilities was previously disclosed.

See my dashboard for a more detailed breakout: (https://patchtuesdaydashboard.com).

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2021-31204	Yes	No	Less Likely	Less Likely	Important	7.3	6.4
Common Utilities Remote Code Execution Vulnerability
CVE-2021-31200	Yes	No	Less Likely	Less Likely	Important	7.2	6.7
Dynamics Finance and Operations Cross-site Scripting Vulnerability
CVE-2021-28461	No	No	Less Likely	Less Likely	Important	6.1	5.5
HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2021-31166	No	No	More Likely	More Likely	Critical	9.8	8.5
Hyper-V Remote Code Execution Vulnerability
CVE-2021-28476	No	No	Less Likely	Less Likely	Critical	9.9	8.6
Microsoft Accessibility Insights for Web Information Disclosure Vulnerability
CVE-2021-31936	No	No	Less Likely	Less Likely	Important	7.4	6.7
Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2021-31182	No	No	Less Likely	Less Likely	Important	7.1	6.2
Microsoft Excel Information Disclosure Vulnerability
CVE-2021-31174	No	No	Less Likely	Less Likely	Important	5.5	4.8
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-31195	No	No	Less Likely	Less Likely	Important	6.5	5.7
CVE-2021-31198	No	No	Less Likely	Less Likely	Important	7.8	6.8
Microsoft Exchange Server Security Feature Bypass Vulnerability
CVE-2021-31207	Yes	No	Less Likely	Less Likely	Moderate	6.6	5.8
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-31209	No	No	Less Likely	Less Likely	Important	6.5	5.7
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2021-28455	No	No	Less Likely	Less Likely	Important	8.8	7.7
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31180	No	No	Less Likely	Less Likely	Important	7.8	6.8
Microsoft Office Information Disclosure Vulnerability
CVE-2021-31178	No	No	Less Likely	Less Likely	Important	5.5	4.8
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31175	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31176	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31177	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31179	No	No	Less Likely	Less Likely	Important	7.8	6.8
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2021-31171	No	No	Less Likely	Less Likely	Important	4.1	3.6
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2021-31181	No	No	More Likely	More Likely	Important	8.8	7.7
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31173	No	No	Less Likely	Less Likely	Important	5.3	4.8
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-28474	No	No	More Likely	More Likely	Important	8.8	7.7
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-31172	No	No	Less Likely	Less Likely	Important	7.1	6.2
CVE-2021-28478	No	No	Less Likely	Less Likely	Important	7.6	6.6
CVE-2021-26418	No	No	Less Likely	Less Likely	Important	4.6	4.0
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
CVE-2021-31184	No	No	Less Likely	Less Likely	Important	5.5	4.8
OLE Automation Remote Code Execution Vulnerability
CVE-2021-31194	No	No	Less Likely	Less Likely	Critical	8.8	7.7
Scripting Engine Memory Corruption Vulnerability
CVE-2021-26419	No	No	More Likely	More Likely	Critical	6.4	5.8
Skype for Business and Lync Remote Code Execution Vulnerability
CVE-2021-26422	No	No	Less Likely	Less Likely	Important	7.2	6.3
Skype for Business and Lync Spoofing Vulnerability
CVE-2021-26421	No	No	Less Likely	Less Likely	Important	6.5	5.7
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-31211	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31214	No	No	Less Likely	Less Likely	Important	7.8	6.8
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
CVE-2021-31213	No	No	Less Likely	Less Likely	Important	7.8	6.8
Visual Studio Remote Code Execution Vulnerability
CVE-2021-27068	No	No	Less Likely	Less Likely	Important	8.8	7.7
Web Media Extensions Remote Code Execution Vulnerability
CVE-2021-28465	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows CSC Service Information Disclosure Vulnerability
CVE-2021-28479	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
CVE-2021-31190	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-31165	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31167	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31168	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31169	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-31208	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Desktop Bridge Denial of Service Vulnerability
CVE-2021-31185	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-31170	No	No	More Likely	More Likely	Important	7.8	6.8
CVE-2021-31188	No	No	More Likely	More Likely	Important	7.8	6.8
Windows Media Foundation Core Remote Code Execution Vulnerability
CVE-2021-31192	No	No	Less Likely	Less Likely	Important	7.3	6.4
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVE-2021-31191	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2021-31186	No	No	Less Likely	Less Likely	Important	7.4	6.4
Windows SMB Client Security Feature Bypass Vulnerability
CVE-2021-31205	No	No	Less Likely	Less Likely	Important	4.3	3.8
Windows SSDP Service Elevation of Privilege Vulnerability
CVE-2021-31193	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows WalletService Elevation of Privilege Vulnerability
CVE-2021-31187	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Wireless Networking Information Disclosure Vulnerability
CVE-2020-24587	No	No	Less Likely	Less Likely	Important	6.5	5.7
Windows Wireless Networking Spoofing Vulnerability
CVE-2020-24588	No	No	Less Likely	Less Likely	Important	6.5	5.7
CVE-2020-26144	No	No	Less Likely	Less Likely	Important	6.5	5.7

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:

0 comment(s)

Internet Storm Center

Microsoft May 2021 Patch Tuesday

Comments