May Patch Tuesday 2021 Fixes 55 Vulnerabilities

May Patch Tuesday 2021 Fixes 55 Vulnerabilities

Patch Tuesday Addresses 55 New Flaws, Including Public Aware Threats

There are 2 Critical, 50 Important and 1 Moderate fixes this month for Microsoft Windows, .NET Core and Visual Studio, Internet Explorer (IE), Microsoft Office, SharePoint Server, Open-Source Software, Hyper-V, Skype for Business and Microsoft Lync, and Exchange Server.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, a shadow of what was released last month.

  1. Windows 7 – 1 Critical and 10 Important vulnerabilities fixed
  2. Windows 2008 R2 – 1 Critical and 9 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “May sees almost half the updates fixed over April. This is great news as deployment payload could be as low as 1GB per device (or less). Adobe released just 10 fixes less than Microsoft this month, so this is the month to ensure you are prioritizing both Microsoft and Adobe to protect your devices. This month also sees the last supported patches for Feature Update 1809.”

Top May 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible.

1. CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation in HTTP Protocol Stack. A remote attacker can execute arbitrary code on the target system. Microsoft recommends prioritizing this patch because it could become wormable.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponised: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-28476: Hyper-V Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation in the Hyper-V on most Microsoft operating systems. A remote authenticated attacker can execute arbitrary code on the target system. This is particularly dangerous as an exploit may compromise the entire system, and with a Scope (Jump Point) of yes, it is possible to jump from Hyper-V to another technology on the system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.9
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

3. CVE-2021-31204: .NET Core and Visual Studio Elevation of Privilege Vulnerability

With many staff around the world still working from home, it is likely they have a Visual Studio system on their home system. The vulnerability exists due to application does not properly impose security restrictions in .NET and Visual Studio, which leads to security restrictions bypass and privilege escalation.

Although this vulnerability requires local access and user interaction, a user can become a victim if they access a specially designed website which tricks the end user into clicking the link.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.3
  • Weaponized: No
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: Required
  • Scope (Jump Point): No

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

Reference Description Vendor Severity CVSS Score Publicly Aware Weaponised Countermeasure Syxsense Recommended
CVE-2021-31204 .NET Core and Visual Studio Elevation of Privilege Vulnerability Important 7.3 Yes No No Yes
CVE-2021-31200 Common Utilities Remote Code Execution Vulnerability Important 7.2 Yes No No Yes
CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability Moderate 6.6 Yes No No Yes
CVE-2021-28476 Hyper-V Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2021-31166 HTTP Protocol Stack Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-31194 OLE Automation Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-26419 Scripting Engine Memory Corruption Vulnerability Critical 6.4 No No No Yes
CVE-2021-28455 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-31181 Microsoft SharePoint Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28474 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-27068 Visual Studio Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-31198 Microsoft Exchange Server Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31180 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31175 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31176 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31177 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31179 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31214 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31211 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31213 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28465 Web Media Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31190 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31165 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31167 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31168 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31169 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31208 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31170 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31188 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31192 Windows Media Foundation Core Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31193 Windows SSDP Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31187 Windows WalletService Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28478 Microsoft SharePoint Spoofing Vulnerability Important 7.6 No No No
CVE-2021-31936 Microsoft Accessibility Insights for Web Information Disclosure Vulnerability Important 7.4 No No No
CVE-2021-31186 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 7.4 No No No
CVE-2021-26422 Skype for Business and Lync Remote Code Execution Vulnerability Important 7.2 No No No
CVE-2021-31182 Microsoft Bluetooth Driver Spoofing Vulnerability Important 7.1 No No No
CVE-2021-31172 Microsoft SharePoint Spoofing Vulnerability Important 7.1 No No No
CVE-2021-31195 Microsoft Exchange Server Remote Code Execution Vulnerability Important 6.5 No No No
CVE-2021-31209 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-26421 Skype for Business and Lync Spoofing Vulnerability Important 6.5 No No No
CVE-2020-24587 Windows Wireless Networking Information Disclosure Vulnerability Important 6.5 No No No
CVE-2020-24588 Windows Wireless Networking Spoofing Vulnerability Important 6.5 No No No
CVE-2020-26144 Windows Wireless Networking Spoofing Vulnerability Important 6.5 No No No
CVE-2021-28461 Dynamics Finance and Operations Cross-site Scripting Vulnerability Important 6.1 No No No
CVE-2021-31174 Microsoft Excel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31178 Microsoft Office Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31184 Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-28479 Windows CSC Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31185 Windows Desktop Bridge Denial of Service Vulnerability Important 5.5 No No No
CVE-2021-31191 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31173 Microsoft SharePoint Server Information Disclosure Vulnerability Important 5.3 No No No
CVE-2021-26418 Microsoft SharePoint Spoofing Vulnerability Important 4.6 No No No
CVE-2021-31205 Windows SMB Client Security Feature Bypass Vulnerability Important 4.3 No No No
CVE-2021-31171 Microsoft SharePoint Information Disclosure Vulnerability Important 4.1 No No No

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.