Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC: Microsoft May 2021 Patch Tuesday SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft May 2021 Patch Tuesday

This month we got patches for 55 vulnerabilities. Of these, 4 are critical, 3 were previously disclosed and none is being exploited according to Microsoft.

One of the critical vulnerabilities which requires special attention this month is a remote code execution (RCE) on HTTP Protocol Stack (CVE-2021-31166). An unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. This vulnerability requires no user authentication or interaction - thus, it is considered a wormable vulnerability. The vulnerability affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2 and has a CVSS score of 9.8.

A second critical vulnerabilities addressed this month is RCE affecing Hyper-V on virtually all supported Windows versions (CVE-2021-28476). Microsoft's advisory states that the issue a guest VM to force the Hyper-V host's kernel to read from an arbitrary, potentially invalid address. In most circumstances, this would result in a denial of service of the Hyper-V host due to reading an unmapped address, but it may also could lead to other types of compromise of the Hyper-V host's security. The CVSS for this vulnerability is 9.9

The other two critical vulnerabilities are a RCE on OLE Automation (CVE-2021-31194) associated with a CVSS of 7.50 and a Scripting Engine Memory Corruption Vulnerability (CVE-2021-26419) affecting Internet Explorer 11 with a CVSS of 6.40. None of four critical vulnerabilities was previously disclosed. 

See my dashboard for a more detailed breakout: (https://patchtuesdaydashboard.com).

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2021-31204 Yes No Less Likely Less Likely Important 7.3 6.4
Common Utilities Remote Code Execution Vulnerability
CVE-2021-31200 Yes No Less Likely Less Likely Important 7.2 6.7
Dynamics Finance and Operations Cross-site Scripting Vulnerability
CVE-2021-28461 No No Less Likely Less Likely Important 6.1 5.5
HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2021-31166 No No More Likely More Likely Critical 9.8 8.5
Hyper-V Remote Code Execution Vulnerability
CVE-2021-28476 No No Less Likely Less Likely Critical 9.9 8.6
Microsoft Accessibility Insights for Web Information Disclosure Vulnerability
CVE-2021-31936 No No Less Likely Less Likely Important 7.4 6.7
Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2021-31182 No No Less Likely Less Likely Important 7.1 6.2
Microsoft Excel Information Disclosure Vulnerability
CVE-2021-31174 No No Less Likely Less Likely Important 5.5 4.8
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-31195 No No Less Likely Less Likely Important 6.5 5.7
CVE-2021-31198 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Exchange Server Security Feature Bypass Vulnerability
CVE-2021-31207 Yes No Less Likely Less Likely Moderate 6.6 5.8
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-31209 No No Less Likely Less Likely Important 6.5 5.7
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2021-28455 No No Less Likely Less Likely Important 8.8 7.7
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31180 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Office Information Disclosure Vulnerability
CVE-2021-31178 No No Less Likely Less Likely Important 5.5 4.8
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31175 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31176 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31177 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31179 No No Less Likely Less Likely Important 7.8 6.8
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2021-31171 No No Less Likely Less Likely Important 4.1 3.6
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2021-31181 No No More Likely More Likely Important 8.8 7.7
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31173 No No Less Likely Less Likely Important 5.3 4.8
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-28474 No No More Likely More Likely Important 8.8 7.7
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-31172 No No Less Likely Less Likely Important 7.1 6.2
CVE-2021-28478 No No Less Likely Less Likely Important 7.6 6.6
CVE-2021-26418 No No Less Likely Less Likely Important 4.6 4.0
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
CVE-2021-31184 No No Less Likely Less Likely Important 5.5 4.8
OLE Automation Remote Code Execution Vulnerability
CVE-2021-31194 No No Less Likely Less Likely Critical 8.8 7.7
Scripting Engine Memory Corruption Vulnerability
CVE-2021-26419 No No More Likely More Likely Critical 6.4 5.8
Skype for Business and Lync Remote Code Execution Vulnerability
CVE-2021-26422 No No Less Likely Less Likely Important 7.2 6.3
Skype for Business and Lync Spoofing Vulnerability
CVE-2021-26421 No No Less Likely Less Likely Important 6.5 5.7
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-31211 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31214 No No Less Likely Less Likely Important 7.8 6.8
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
CVE-2021-31213 No No Less Likely Less Likely Important 7.8 6.8
Visual Studio Remote Code Execution Vulnerability
CVE-2021-27068 No No Less Likely Less Likely Important 8.8 7.7
Web Media Extensions Remote Code Execution Vulnerability
CVE-2021-28465 No No Less Likely Less Likely Important 7.8 6.8
Windows CSC Service Information Disclosure Vulnerability
CVE-2021-28479 No No Less Likely Less Likely Important 5.5 4.8
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
CVE-2021-31190 No No Less Likely Less Likely Important 7.8 6.8
Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-31165 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31167 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31168 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31169 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31208 No No Less Likely Less Likely Important 7.8 6.8
Windows Desktop Bridge Denial of Service Vulnerability
CVE-2021-31185 No No Less Likely Less Likely Important 5.5 4.8
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-31170 No No More Likely More Likely Important 7.8 6.8
CVE-2021-31188 No No More Likely More Likely Important 7.8 6.8
Windows Media Foundation Core Remote Code Execution Vulnerability
CVE-2021-31192 No No Less Likely Less Likely Important 7.3 6.4
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVE-2021-31191 No No Less Likely Less Likely Important 5.5 4.8
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2021-31186 No No Less Likely Less Likely Important 7.4 6.4
Windows SMB Client Security Feature Bypass Vulnerability
CVE-2021-31205 No No Less Likely Less Likely Important 4.3 3.8
Windows SSDP Service Elevation of Privilege Vulnerability
CVE-2021-31193 No No Less Likely Less Likely Important 7.8 6.8
Windows WalletService Elevation of Privilege Vulnerability
CVE-2021-31187 No No Less Likely Less Likely Important 7.8 6.8
Windows Wireless Networking Information Disclosure Vulnerability
CVE-2020-24587 No No Less Likely Less Likely Important 6.5 5.7
Windows Wireless Networking Spoofing Vulnerability
CVE-2020-24588 No No Less Likely Less Likely Important 6.5 5.7
CVE-2020-26144 No No Less Likely Less Likely Important 6.5 5.7

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Renato

66 Posts
ISC Handler
May 11th 2021

Sign Up for Free or Log In to start participating in the conversation!