Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rapid7blogAdam BunnRAPID7BLOG:05A653A5E863B78EDD56FD74F059E02E
HistoryMay 11, 2021 - 11:44 p.m.

Patch Tuesday - May 2021

2021-05-1123:44:00
Adam Bunn
blog.rapid7.com
146
JSON

Patch Tuesday - May 2021

Here we are again with another installment of Patch Tuesday. When compared to the past few months this one feels a bit light both in severity and number of vulnerabilities addressed. Microsoft has only released patches for 55 CVEs this month, less than half of the usual volume, with only 4 of them being scored as critical. Let’s dive into the details.

HTTP Protocol Stack Remote Code Execution Vulnerability - [[CVE-2021-31166](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166&gt;)](<https://blog.rapid7.com/p/a0284057-0a58-48f2-89f5-a9b1d04661c3/CVE-2021-31166&gt;)

The hottest vulnerability this month is in the HTTP.sys library. If an attacker has network access to a webserver running on an unpatched asset they may be able to send a specially crafted packet which could result in RCE. This was found internally by Microsoft and has not yet been observed in the wild. However, it is only a matter of time before someone figures out how to craft that special packet and we start to see widespread use against Windows 10 and Windows Server machines. Rated at 9.8, this potentially wormable vulnerability should be a high priority for remediation.

Hyper-V Remote Code Execution - CVE-2021-28476

There is some debate whether this vulnerability deserves its assigned 9.9 severity score. The limited details indicate that the most likely use of this bug is to cause a DoS on the Hyper-V host. This can cause a good amount of trouble for anyone running virtual machines but is not as damaging as the theoretical RCE this vulnerability could provide. In either case this is a good patch to put at the top of the todo-list.

Exchange Server Security Feature Bypass - CVE-2021-31207

Not to be outdone, Exchange Server is back again with yet another patch. This one is not nearly as high profile as the recent vulnerability which saw widespread use, but still an important patch to apply given that Exchange Servers are almost always exposed to the internet. There are a few other less severe vulnerabilities this month for Exchange which were disclosed at Pwn2Own in April. We expect to see a continued focus on Exchange Server in the months to come.

Summary Tables

Azure Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-31936 Microsoft Accessibility Insights for Web Information Disclosure Vulnerability No No 7.4 Yes

Browser ESU Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-26419 Scripting Engine Memory Corruption Vulnerability No No 7.5 Yes

Developer Tools Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-27068 Visual Studio Remote Code Execution Vulnerability No No 8.8 No
CVE-2021-31213 Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31211 Visual Studio Code Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31214 Visual Studio Code Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31204 .NET and Visual Studio Elevation of Privilege Vulnerability No Yes 7.3 No

Exchange Server Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-31209 Microsoft Exchange Server Spoofing Vulnerability No No 6.5 Yes
CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability No Yes 6.6 Yes
CVE-2021-31198 Microsoft Exchange Server Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-31195 Microsoft Exchange Server Remote Code Execution Vulnerability No No 6.5 No

Microsoft Dynamics Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-28461 Dynamics Finance and Operations Cross-site Scripting Vulnerability No No 6.1 No

Microsoft Office Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-26421 Skype for Business and Lync Spoofing Vulnerability No No 6.5 No
CVE-2021-26422 Skype for Business and Lync Remote Code Execution Vulnerability No No 7.2 No
CVE-2021-28478 Microsoft SharePoint Spoofing Vulnerability No No 7.6 No
CVE-2021-31172 Microsoft SharePoint Spoofing Vulnerability No No 7.1 No
CVE-2021-26418 Microsoft SharePoint Spoofing Vulnerability No No 4.6 No
CVE-2021-28474 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-31173 Microsoft SharePoint Server Information Disclosure Vulnerability No No 5.3 Yes
CVE-2021-31181 Microsoft SharePoint Remote Code Execution Vulnerability No No 8.8 No
CVE-2021-31171 Microsoft SharePoint Information Disclosure Vulnerability No No 4.1 Yes
CVE-2021-31175 Microsoft Office Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31176 Microsoft Office Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31177 Microsoft Office Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31179 Microsoft Office Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31178 Microsoft Office Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-31180 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31174 Microsoft Excel Information Disclosure Vulnerability No No 5.5 Yes

Open Source Software Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-31200 Common Utilities Remote Code Execution Vulnerability No Yes 7.2 Yes

Windows Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-31187 Windows WalletService Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31205 Windows SMB Client Security Feature Bypass Vulnerability No No 4.3 Yes
CVE-2021-31191 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-31192 Windows Media Foundation Core Remote Code Execution Vulnerability No No 7.3 No
CVE-2021-31170 Windows Graphics Component Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31185 Windows Desktop Bridge Denial of Service Vulnerability No No 5.5 No
CVE-2021-31165 Windows Container Manager Service Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31167 Windows Container Manager Service Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31168 Windows Container Manager Service Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31169 Windows Container Manager Service Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31208 Windows Container Manager Service Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31190 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-28479 Windows CSC Service Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-28465 Web Media Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-31166 HTTP Protocol Stack Remote Code Execution Vulnerability No No 9.8 Yes

Windows ESU Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2020-24588 Windows Wireless Networking Spoofing Vulnerability No No 6.5 No
CVE-2020-26144 Windows Wireless Networking Spoofing Vulnerability No No 6.5 No
CVE-2020-24587 Windows Wireless Networking Information Disclosure Vulnerability No No 6.5 Yes
CVE-2021-31193 Windows SSDP Service Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31186 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability No No 7.4 Yes
CVE-2021-31188 Windows Graphics Component Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-31194 OLE Automation Remote Code Execution Vulnerability No No 8.8 No
CVE-2021-31184 Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-31182 Microsoft Bluetooth Driver Spoofing Vulnerability No No 7.1 No
CVE-2021-28476 Hyper-V Remote Code Execution Vulnerability No No 9.9 Yes

Windows Microsoft Office ESU Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-28455 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability No No 8.8 Yes

Summary Graphs

Patch Tuesday - May 2021Patch Tuesday - May 2021Patch Tuesday - May 2021Patch Tuesday - May 2021

Related

mskb 30
kaspersky 8
nessus 29
threatpost 1
thn 2
qualysblog 1
krebs 1
malwarebytes 1
archlinux 1
attackerkb 2
lenovo 2
hp 1
freebsd_advisory 1
intel 1
freebsd 1
osv 3
prion 30
cnvd 11
huntr 1
cve 27
mscve 27
ics 1
zdi 8
avleonov 1
srcincite 1
nuclei 1
githubexploit 1
seebug 3
metasploit 1
checkpoint_advisories 1
mskb
mskb
May 11, 2021—KB5003173 (OS Builds 19041.985, 19042.985, and 19043.985)
2021-05-11 07:00:00
May 11, 2021—KB5003174 (OS Build 17134.2208)
2021-05-11 07:00:00
May 11, 2021—KB5003169 (OS Build 18363.1556)
2021-05-11 07:00:00
kaspersky
kaspersky
KLA12174 Multiple vulnerabilities in Microsoft Windows
2021-05-11 00:00:00
KLA12175 Multiple vulnerabilities in Microsoft Office
2021-05-11 00:00:00
KLA12167 Multiple vulnerabilities in Microsoft Products (ESU)
2021-05-11 00:00:00
nessus
nessus
KB5003173: Windows 10 version 2004 / Windows 10 version 20H2 Security Update (May 2021)
2021-05-11 00:00:00
KB5003197: Windows 10 1607 / Windows Server 2016 Security Update (May 2021)
2021-05-11 00:00:00
KB5003169: Windows 10 version 1909 Security Update (May 2021)
2021-05-11 00:00:00
threatpost
threatpost
Wormable Windows Bug Opens Door to DoS, RCE
2021-05-11 20:05:44
thn
thn
Latest Microsoft Windows Updates Patch Dozens of Security Flaws
2021-05-12 09:15:00
New UAF Vulnerability Affecting Microsoft Office to be Patched Today
2021-06-08 10:31:00
qualysblog
qualysblog
Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical
2021-05-11 21:53:37
krebs
krebs
Microsoft Patch Tuesday, May 2021 Edition
2021-05-11 20:28:19
malwarebytes
malwarebytes
Get patching! Wormable Windows flaw headlines Patch Tuesday
2021-05-12 12:46:09
archlinux
archlinux
[ASA-202107-34] code: arbitrary code execution
2021-07-20 00:00:00
attackerkb
attackerkb
CVE-2021-31195
2021-05-11 00:00:00
CVE-2021-31167
2021-05-11 00:00:00
lenovo
lenovo
Intel® PROSet and Wireless WiFi, Intel vPro® CSME WiFi, and Intel® Killer™ WiFi Advisory - Lenovo Support NL
2021-05-11 20:39:26
Aggregation and Fragmentation Attacks against Wi-Fi (FragAttacks) Vulnerabilities - Lenovo Support NL
2021-06-07 20:37:01
hp
hp
Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi May 2021 Security Updates
2021-05-14 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:02.wifi
2022-03-15 00:00:00
intel
intel
Intel® PROSet/Wireless WiFi , Intel vPro® CSME WiFi and Killer™ WiFi Advisory Advisory
2021-05-11 00:00:00
freebsd
freebsd
FreeBSD-kernel -- Multiple WiFi issues
2022-03-15 00:00:00
osv
osv
CVE-2021-31936
2021-05-11 19:15:10
CVE-2021-31211
2021-05-11 19:15:10
CVE-2021-31200
2021-05-11 19:15:10
prion
prion
Remote code execution
2021-05-11 19:15:00
Privilege escalation
2021-05-11 19:15:00
Privilege escalation
2021-05-11 19:15:00
cnvd
cnvd
Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-66100)
2021-05-12 00:00:00
Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-66099)
2021-05-12 00:00:00
Microsoft SharePoint Spoofing Vulnerability
2021-05-12 00:00:00
huntr
huntr
Code Injection in microsoft/nni
2020-12-21 00:00:00
cve
cve
CVE-2021-31200
2021-05-11 19:15:00
CVE-2021-31936
2021-05-11 19:15:00
CVE-2021-31198
2021-05-11 19:15:00
mscve
mscve
Windows Container Manager Service Elevation of Privilege Vulnerability
2021-05-11 07:00:00
Microsoft SharePoint Information Disclosure Vulnerability
2021-05-11 07:00:00
Common Utilities Remote Code Execution Vulnerability
2021-05-11 07:00:00
ics
ics
Mitsubishi Electric GT25-WLAN (Update A)
2022-05-12 12:00:00
zdi
zdi
Microsoft Windows Groove Music FLAC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-05-13 00:00:00
Microsoft Windows Groove Music FLAC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-05-13 00:00:00
(Pwn2Own) Microsoft Exchange Server Missing Check of Message Integrity Vulnerability
2021-05-26 00:00:00
avleonov
avleonov
Vulristics: Microsoft Patch Tuesdays Q2 2021
2021-07-10 00:14:59
srcincite
srcincite
SRC-2021-0018 : Microsoft SharePoint Server OAuth Authorization Code Leak Elevation of Privilege Vulnerability
2020-10-29 00:00:00
nuclei
nuclei
Microsoft Exchange Server - Cross-Site Scripting
2021-08-17 08:25:38
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2021-05-31 18:02:39
seebug
seebug
Microsoft Hyper-V 远程代码执行漏洞(CVE-2021-28476)
2021-06-01 00:00:00
Microsoft SharePoint Server 远程代码执行漏洞(CVE-2021-28474)
2021-07-12 00:00:00
Microsoft SharePoint远程代码执行漏洞(CVE-2021-31181)
2021-06-03 00:00:00
metasploit
metasploit
Microsoft SharePoint Unsafe Control and ViewState RCE
2021-06-07 17:37:28
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Graphics Component Elevation of Privilege (CVE-2021-31170)
2021-05-11 00:00:00
JSON
Related for RAPID7BLOG:05A653A5E863B78EDD56FD74F059E02E
mskb30kaspersky8nessus29threatpost1thn2qualysblog1krebs1malwarebytes1archlinux1attackerkb2lenovo2hp1freebsd_advisory1intel1freebsd1osv3prion30cnvd11huntr1cve27mscve27ics1zdi8avleonov1srcincite1nuclei1githubexploit1seebug3metasploit1checkpoint_advisories1