Microsoft has released May 2021 Patch Tuesday security updates with a total of 55 vulnerabilities in the family of Windows and Mac operating systems and related products. In the release by Microsoft, 4 vulnerabilities were rated as Critical, 50 as Important, and 1 as Moderate. Therefore, a good vulnerability management system can prevent these attacks and ensures the safety of your organization.
There were three zero-day reports this month with Patch Tuesday updates publicly disclosed, but none of them are known to be used in active attacks. Hence, a Vulnerability Management Tool can be a good defensive tool in your cyber security arsenal.
Zero-day vulnerabilities
CVE-2021-31204 impacts .NET and Visual Studio and could allow an authenticated user to escalate privileges in the system.
CVE-2021-31207 affects Microsoft Exchange Server bypassing its security feature. Moreover, this flaw has been disclosed in PWN2OWN 2021 competition.
CVE-2021-31200 is found in Common Utilities leading to Remote Code Execution. Hence, the exploitation needs successive levels of authentication.
Although the above zero-day vulnerabilities are not known to be inactive exploitation, they should be patched earlier.
Critical vulnerabilities of Microsoft patch Tuesday, May 2021
CVE-2021-31166 – HTTP Protocol Stack Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack to therefore, exploit this vulnerability.
CVE-2021-26419 – Scripting Engine Memory Corruption Vulnerability. A remote attacker can trick a victim into visiting a malicious website, triggering memory corruption and executing arbitrary code on the target system. Moreover, Successful exploitation of the vulnerability could allow an attacker to take complete control of the system.
CVE-2021-28476 – Remote Code Execution in Microsoft Hyper-V. The flaw exists due to improper input validation in the Microsoft Hyper-V. An attacker can get complete access to the vulnerable system on successful exploitation of the vulnerability.
CVE-2021-31194 – Remote Code Execution in Microsoft OLE Automation. The vulnerability exists because OLE Automation is using improper input validation. Once a malicious user exploits this vulnerability, he can completely compromise the affected system.
Microsoft security bulletin summary for May 2021
- Internet Explorer
- Microsoft Exchange Server
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Office Access
- Visual Studio
- Visual Studio Code
- .NET Core & Visual Studio
- Microsoft Dynamics Finance & Operations
- Microsoft Windows Codecs Library
- Skype for Business and Microsoft Lync
- Windows SMB
- Windows SSDP Service
1)Product: Internet Explorer
CVEs/Advisory: CVE-2021-26419
Impact: Remote Code Execution
Severity: Critical
KBs: 5003165, 5003169, 5003171, 5003172, 5003173, 5003174, 5003197, 5003208, 5003209, 5003233, 5003165, 5003210
2)Product: Microsoft Exchange Server
CVEs/Advisory: CVE-2021-31195, CVE-2021-31198, CVE-2021-31207, CVE-2021-31209
Impact: Remote Code Execution, Security Feature Bypass, Spoofing
Severity: Important
KBs: 5003435
3)Product: Microsoft Office
CVEs/Advisory: CVE-2021-28455, CVE-2021-31174, CVE-2021-31175, CVE-2021-31176, CVE-2021-31177, CVE-2021-31178, CVE-2021-31179, CVE-2021-31180
Impact: Remote Code Execution, Information Disclosure
Severity: Important
KBs: 4493206, 4493197, 5001927, 5001923, 5001914, 5001928, 5001925, 5001920, 4464542
4)Product: Microsoft Excel
CVEs/Advisory: CVE-2021-31174, CVE-2021-31175, CVE-2021-31177, CVE-2021-31178, CVE-2021-31179
Impact: Remote Code Execution, Information Disclosure
Severity: Important
5)Product: Microsoft SharePoint
CVEs/Advisory: CVE-2021-26418, CVE-2021-28474, CVE-2021-28478, CVE-2021-31171, CVE-2021-31172, CVE-2021-31173, CVE-2021-31181
Impact: Remote Code Execution, Information Disclosure, Spoofing
Severity: Important
KBs: 5001917, 5001935, 5001916
6)Product: Microsoft Word
CVEs/Advisory: CVE-2021-31180
Impact: Remote Code Execution
Severity: Important
7)Product: Visual Studio and Visual Studio Code
CVEs/Advisory: CVE-2021-27068, CVE-2021-31204, CVE-2021-31211, CVE-2021-31213, CVE-2021-31214
Impact: Remote Code Execution, Elevation of Privilege
Severity: Important
8)Product: Microsoft Dynamics Finance & Operations
CVEs/Advisory: CVE-2021-28461
Impact: Spoofing
Severity: Important
9)Product: Skype for Business and Microsoft Lync
CVEs/Advisory: CVE-2021-26421, CVE-2021-26422
Impact: Remote Code Execution, Spoofing
Severity: Important
KBs: 5003729
SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.