Patch Tuesday - April 2021

Last updated at Wed, 14 Apr 2021 01:20:52 GMT

Patch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical by Microsoft. Let's dive in!

New Exchange Server Patches Available

If you were only going to patch one thing today, please let it be this. Exchange Server has been a hot topic since the vulnerabilities announced in the out-of-band advisory back at the beginning of March saw widespread exploitation. The vulnerabilities this month were reported to Microsoft via the NSA in the interest of national security. The Exchange team has also released a very helpful blog post with instructions on how to patch from any version to the latest secure version. While these have not been exploited in the wild at the time of writing it is only a matter of time before someone reverse engineers the patches and gets up to no good.

CVEs: CVE-2021-28310, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483

Windows RPC Runtime

Next up we have a relatively high number of patches in the Windows Remote Procedure Call Runtime. There were 27 remote code execution vulnerabilities fixed this month. Someone was busy finding bugs! The RPC Runtime is available on all versions of Windows so make sure both Servers and Clients get these updates. Many of these are critical (according to the CVSS3 vectors) requiring no user interaction and only network level access.

CVEs: CVE-2021-28329 to CVE-2021-28339 (please see the list below for a complete list)

Publicly Disclosed and Exploited

Lastly, we have a few vulnerabilities that have been disclosed publicly and one observed in the wild. A few of these are low severity but we rarely see vulnerabilities leveraged by themselves these days. Many attackers have shifted to using exploit chains in order to turn a few low severity bugs into a more complete compromise. Microsoft has also rated a few information disclosure vulnerabilities as "Exploitation More Likely" in SMB Server and the TCP/IP stack.

CVEs: CVE-2021-27091, CVE-2021-28310, CVE-2021-28312, CVE-2021-28437, CVE-2021-28458, CVE-2021-28324, CVE-2021-28442

Summary Tables

Here are this month's patched vulnerabilities split by the product family.

Azure Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-28458	Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability	No	Yes	7.8	No
CVE-2021-28460	Azure Sphere Unsigned Code Execution Vulnerability	No	No	8.1	Yes

Browser Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-21199	Chromium: CVE-2021-21199 Use Use after free in Aura	No	No	N/A	Yes
CVE-2021-21198	Chromium: CVE-2021-21198 Out of bounds read in IPC	No	No	N/A	Yes
CVE-2021-21197	Chromium: CVE-2021-21197 Heap buffer overflow in TabStrip	No	No	N/A	Yes
CVE-2021-21196	Chromium: CVE-2021-21196 Heap buffer overflow in TabStrip	No	No	N/A	Yes
CVE-2021-21195	Chromium: CVE-2021-21195 Use after free in V8	No	No	N/A	Yes
CVE-2021-21194	Chromium: CVE-2021-21194 Use after free in screen capture	No	No	N/A	Yes

Developer Tools Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-27064	Visual Studio Installer Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28457	Visual Studio Code Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28469	Visual Studio Code Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28475	Visual Studio Code Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28473	Visual Studio Code Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28477	Visual Studio Code Remote Code Execution Vulnerability	No	No	7	No
CVE-2021-28472	Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28448	Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28470	Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28471	Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-27067	Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-28459	Azure DevOps Server Spoofing Vulnerability	No	No	6.1	No

Exchange Server Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-28480	Microsoft Exchange Server Remote Code Execution Vulnerability	No	No	9.8	Yes
CVE-2021-28481	Microsoft Exchange Server Remote Code Execution Vulnerability	No	No	9.8	Yes
CVE-2021-28483	Microsoft Exchange Server Remote Code Execution Vulnerability	No	No	9	Yes
CVE-2021-28482	Microsoft Exchange Server Remote Code Execution Vulnerability	No	No	8.8	Yes

Microsoft Office Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-28453	Microsoft Word Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-28450	Microsoft SharePoint Denial of Service Update	No	No	5	No
CVE-2021-28452	Microsoft Outlook Memory Corruption Vulnerability	No	No	7.1	Yes
CVE-2021-28449	Microsoft Office Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-28451	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-28454	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-28456	Microsoft Excel Information Disclosure Vulnerability	No	No	5.5	Yes

Windows Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-28442	Windows TCP/IP Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-28319	Windows TCP/IP Driver Denial of Service Vulnerability	No	No	7.5	No
CVE-2021-28347	Windows Speech Runtime Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28351	Windows Speech Runtime Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28436	Windows Speech Runtime Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-27086	Windows Services and Controller App Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-27090	Windows Secure Kernel Mode Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28324	Windows SMB Information Disclosure Vulnerability	No	No	7.5	Yes
CVE-2021-28325	Windows SMB Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-28320	Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-26417	Windows Overlay Filter Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-28312	Windows NTFS Denial of Service Vulnerability	No	Yes	3.3	No
CVE-2021-27079	Windows Media Photo Codec Information Disclosure Vulnerability	No	No	5.7	Yes
CVE-2021-28444	Windows Hyper-V Security Feature Bypass Vulnerability	No	No	5.7	Yes
CVE-2021-28441	Windows Hyper-V Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-28314	Windows Hyper-V Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-26416	Windows Hyper-V Denial of Service Vulnerability	No	No	7.7	Yes
CVE-2021-28435	Windows Event Tracing Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-27088	Windows Event Tracing Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-27094	Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability	No	No	4.4	No
CVE-2021-28447	Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability	No	No	4.4	No
CVE-2021-28438	Windows Console Driver Denial of Service Vulnerability	No	No	5.5	No
CVE-2021-28311	Windows Application Compatibility Cache Denial of Service Vulnerability	No	No	6.5	No
CVE-2021-28326	Windows AppX Deployment Server Denial of Service Vulnerability	No	No	5.5	No
CVE-2021-28310	Win32k Elevation of Privilege Vulnerability	Yes	No	7.8	No
CVE-2021-27072	Win32k Elevation of Privilege Vulnerability	No	No	7	No
CVE-2021-28464	VP9 Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-28466	Raw Image Extension Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-28468	Raw Image Extension Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-27092	Azure AD Web Sign-in Security Feature Bypass Vulnerability	No	No	6.8	No

Windows Developer Tools Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-28313	Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28321	Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28322	Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability	No	No	7.8	No

Windows ESU Vulnerabilities

CVE	Vulnerability Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-28316	Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability	No	No	4.2	No
CVE-2021-28439	Windows TCP/IP Driver Denial of Service Vulnerability	No	No	7.5	No
CVE-2021-28446	Windows Portmapping Information Disclosure Vulnerability	No	No	7.1	Yes
CVE-2021-28445	Windows Network File System Remote Code Execution Vulnerability	No	No	8.1	No
CVE-2021-27095	Windows Media Video Decoder Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-28315	Windows Media Video Decoder Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-27093	Windows Kernel Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-28309	Windows Kernel Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-26413	Windows Installer Spoofing Vulnerability	No	No	6.2	No
CVE-2021-28437	Windows Installer Information Disclosure Vulnerability	No	Yes	5.5	Yes
CVE-2021-26415	Windows Installer Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28440	Windows Installer Elevation of Privilege Vulnerability	No	No	7	No
CVE-2021-28348	Windows GDI+ Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28349	Windows GDI+ Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28350	Windows GDI+ Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-28318	Windows GDI+ Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-28323	Windows DNS Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-28328	Windows DNS Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-28443	Windows Console Driver Denial of Service Vulnerability	No	No	5.5	No
CVE-2021-28329	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28330	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28331	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28332	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28333	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28334	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28335	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28336	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28337	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28338	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28339	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28343	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28327	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28340	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28341	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28342	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28344	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28345	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28346	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28352	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28353	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28354	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28355	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28356	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28357	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28358	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-28434	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-27091	RPC Endpoint Mapper Service Elevation of Privilege Vulnerability	No	Yes	7.8	No
CVE-2021-27096	NTFS Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-28317	Microsoft Windows Codecs Library Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-27089	Microsoft Internet Messaging API Remote Code Execution Vulnerability	No	No	7.8	No

Summary Graphs

Patch Tuesday - April 2021

New Exchange Server Patches Available

Windows RPC Runtime

Publicly Disclosed and Exploited

Summary Tables

Azure Vulnerabilities

Browser Vulnerabilities

Developer Tools Vulnerabilities

Exchange Server Vulnerabilities

Windows Vulnerabilities

Windows Developer Tools Vulnerabilities

Windows ESU Vulnerabilities

Summary Graphs

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Related Posts

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Patch Tuesday - April 2021

New Exchange Server Patches Available

Windows RPC Runtime

Publicly Disclosed and Exploited

Summary Tables

Azure Vulnerabilities

Browser Vulnerabilities

Developer Tools Vulnerabilities

Exchange Server Vulnerabilities

Windows Vulnerabilities

Windows Developer Tools Vulnerabilities

Windows ESU Vulnerabilities

Summary Graphs

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Related Posts

Related Posts

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Never miss a blog