KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)


The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310) - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079) - Windows Event Tracing Elevation of Privilege Vulnerability (CVE-2021-27088) - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089) - Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092) - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309) - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094, CVE-2021-28447) - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315) - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096) - Windows Installer Spoofing Vulnerability (CVE-2021-26413) - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440) - Windows Hyper-V Denial of Service Vulnerability (CVE-2021-26416) - Windows Overlay Filter Information Disclosure Vulnerability (CVE-2021-26417) - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311) - Windows NTFS Denial of Service Vulnerability (CVE-2021-28312) - Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability (CVE-2021-28313, CVE-2021-28321, CVE-2021-28322) - Windows Hyper-V Elevation of Privilege Vulnerability (CVE-2021-28314) - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316) - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317) - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318) - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28319, CVE-2021-28439) - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320) - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328) - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325) - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326) - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434) - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351, CVE-2021-28436) - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350) - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435) - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437) - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28438, CVE-2021-28443) - Windows Hyper-V Information Disclosure Vulnerability (CVE-2021-28441) - Windows TCP/IP Information Disclosure Vulnerability (CVE-2021-28442) - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444) - N/A (CVE-2021-28445, CVE-2021-28446) - Windows Services and Controller App Elevation of Privilege Vulnerability (CVE-2021-27086) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.