This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deployment Service. By creating a directory junction, an attacker can abuse the service to delete the contents of a chosen directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
{"id": "ZDI-21-424", "vendorId": null, "type": "zdi", "bulletinFamily": "info", "title": "Microsoft Windows AppX Deployment Service Directory Junction Denial-of-Service Vulnerability", "description": "This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deployment Service. By creating a directory junction, an attacker can abuse the service to delete the contents of a chosen directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.", "published": "2021-04-21T00:00:00", "modified": "2021-04-21T00:00:00", "epss": [{"cve": "CVE-2021-28326", "epss": 0.00043, "percentile": 0.07682, "modified": "2023-05-27"}], "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 3.6}, "severity": "LOW", "exploitabilityScore": 3.9, "impactScore": 4.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 1.8, "impactScore": 4.2}, "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-424/", "reporter": "Abdelhamid Naceri (halov)", "references": ["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28326"], "cvelist": ["CVE-2021-28326"], "immutableFields": [], "lastseen": "2023-05-27T15:50:26", "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-28326"]}, {"type": "kaspersky", "idList": ["KLA12139"]}, {"type": "mscve", "idList": ["MS:CVE-2021-28326"]}, {"type": "nessus", "idList": ["SMB_NT_MS21_APR_5001330.NASL", "SMB_NT_MS21_APR_5001337.NASL", "SMB_NT_MS21_APR_5001339.NASL", "SMB_NT_MS21_APR_5001340.NASL", "SMB_NT_MS21_APR_5001342.NASL", "SMB_NT_MS21_APR_5001347.NASL"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:452CCDC1AEFFF7056148871E86A6FE26"]}], "rev": 4}, "score": {"value": 4.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-28326"]}, {"type": "kaspersky", "idList": ["KLA12139"]}, {"type": "mscve", "idList": ["MS:CVE-2021-28326"]}, {"type": "nessus", "idList": ["SMB_NT_MS21_APR_5001339.NASL"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:452CCDC1AEFFF7056148871E86A6FE26"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2021-28326", "epss": 0.00043, "percentile": 0.07647, "modified": "2023-05-07"}], "vulnersScore": 4.6}, "_state": {"dependencies": 1685209315, "score": 1685202640, "epss": 0}, "_internal": {"score_hash": "57b34cf03f24116fbc89b0975f07d3fb"}}
{"cve": [{"lastseen": "2023-05-27T14:35:17", "description": "Windows AppX Deployment Server Denial of Service Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2021-04-13T20:15:00", "type": "cve", "title": "CVE-2021-28326", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28326"], "modified": "2021-06-04T18:49:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004"], "id": "CVE-2021-28326", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28326", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*"]}], "mscve": [{"lastseen": "2023-05-27T14:47:20", "description": "Windows AppX Deployment Server Denial of Service Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2021-04-13T07:00:00", "type": "mscve", "title": "Windows AppX Deployment Server Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28326"], "modified": "2021-04-13T07:00:00", "id": "MS:CVE-2021-28326", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28326", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-18T15:27:59", "description": "The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094, CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351, CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28439)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28443)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-13T00:00:00", "type": "nessus", "title": "KB5001340: Windows 10 version 1507 LTS Security Update (Apr 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26413", "CVE-2021-26415", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27089", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28320", "CVE-2021-28323", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28447"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_APR_5001340.NASL", "href": "https://www.tenable.com/plugins/nessus/148486", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148486);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2021-26413\",\n \"CVE-2021-26415\",\n \"CVE-2021-27072\",\n \"CVE-2021-27079\",\n \"CVE-2021-27089\",\n \"CVE-2021-27093\",\n \"CVE-2021-27094\",\n \"CVE-2021-27095\",\n \"CVE-2021-27096\",\n \"CVE-2021-28309\",\n \"CVE-2021-28315\",\n \"CVE-2021-28316\",\n \"CVE-2021-28317\",\n \"CVE-2021-28318\",\n \"CVE-2021-28320\",\n \"CVE-2021-28323\",\n \"CVE-2021-28325\",\n \"CVE-2021-28326\",\n \"CVE-2021-28327\",\n \"CVE-2021-28328\",\n \"CVE-2021-28329\",\n \"CVE-2021-28330\",\n \"CVE-2021-28331\",\n \"CVE-2021-28332\",\n \"CVE-2021-28333\",\n \"CVE-2021-28334\",\n \"CVE-2021-28335\",\n \"CVE-2021-28336\",\n \"CVE-2021-28337\",\n \"CVE-2021-28338\",\n \"CVE-2021-28339\",\n \"CVE-2021-28340\",\n \"CVE-2021-28341\",\n \"CVE-2021-28342\",\n \"CVE-2021-28343\",\n \"CVE-2021-28344\",\n \"CVE-2021-28345\",\n \"CVE-2021-28346\",\n \"CVE-2021-28347\",\n \"CVE-2021-28348\",\n \"CVE-2021-28349\",\n \"CVE-2021-28350\",\n \"CVE-2021-28351\",\n \"CVE-2021-28352\",\n \"CVE-2021-28353\",\n \"CVE-2021-28354\",\n \"CVE-2021-28355\",\n \"CVE-2021-28356\",\n \"CVE-2021-28357\",\n \"CVE-2021-28358\",\n \"CVE-2021-28434\",\n \"CVE-2021-28435\",\n \"CVE-2021-28436\",\n \"CVE-2021-28437\",\n \"CVE-2021-28439\",\n \"CVE-2021-28440\",\n \"CVE-2021-28443\",\n \"CVE-2021-28444\",\n \"CVE-2021-28447\"\n );\n script_xref(name:\"MSKB\", value:\"5001340\");\n script_xref(name:\"IAVA\", value:\"2021-A-0168-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429-S\");\n script_xref(name:\"MSFT\", value:\"MS21-5001340\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0021\");\n\n script_name(english:\"KB5001340: Windows 10 version 1507 LTS Security Update (Apr 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094,\n CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329,\n CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335,\n CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341,\n CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352,\n CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358,\n CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351,\n CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28439)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28443)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5001340\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5001340 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27095\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-28434\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-04';\nkbs = make_list(\n '5001340'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'10240',\n rollup_date:'04_2021',\n bulletin:bulletin,\n rollup_kb_list:[5001340])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_warning();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:06", "description": "The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094, CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Hyper-V Denial of Service Vulnerability (CVE-2021-26416)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351, CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28439)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28443)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - N/A (CVE-2021-28445, CVE-2021-28446)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-13T00:00:00", "type": "nessus", "title": "KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26413", "CVE-2021-26415", "CVE-2021-26416", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27089", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28311", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28320", "CVE-2021-28323", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28445", "CVE-2021-28446", "CVE-2021-28447"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_APR_5001347.NASL", "href": "https://www.tenable.com/plugins/nessus/148465", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148465);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2021-26413\",\n \"CVE-2021-26415\",\n \"CVE-2021-26416\",\n \"CVE-2021-27072\",\n \"CVE-2021-27079\",\n \"CVE-2021-27089\",\n \"CVE-2021-27093\",\n \"CVE-2021-27094\",\n \"CVE-2021-27095\",\n \"CVE-2021-27096\",\n \"CVE-2021-28309\",\n \"CVE-2021-28311\",\n \"CVE-2021-28315\",\n \"CVE-2021-28316\",\n \"CVE-2021-28317\",\n \"CVE-2021-28318\",\n \"CVE-2021-28320\",\n \"CVE-2021-28323\",\n \"CVE-2021-28325\",\n \"CVE-2021-28326\",\n \"CVE-2021-28327\",\n \"CVE-2021-28328\",\n \"CVE-2021-28329\",\n \"CVE-2021-28330\",\n \"CVE-2021-28331\",\n \"CVE-2021-28332\",\n \"CVE-2021-28333\",\n \"CVE-2021-28334\",\n \"CVE-2021-28335\",\n \"CVE-2021-28336\",\n \"CVE-2021-28337\",\n \"CVE-2021-28338\",\n \"CVE-2021-28339\",\n \"CVE-2021-28340\",\n \"CVE-2021-28341\",\n \"CVE-2021-28342\",\n \"CVE-2021-28343\",\n \"CVE-2021-28344\",\n \"CVE-2021-28345\",\n \"CVE-2021-28346\",\n \"CVE-2021-28347\",\n \"CVE-2021-28348\",\n \"CVE-2021-28349\",\n \"CVE-2021-28350\",\n \"CVE-2021-28351\",\n \"CVE-2021-28352\",\n \"CVE-2021-28353\",\n \"CVE-2021-28354\",\n \"CVE-2021-28355\",\n \"CVE-2021-28356\",\n \"CVE-2021-28357\",\n \"CVE-2021-28358\",\n \"CVE-2021-28434\",\n \"CVE-2021-28435\",\n \"CVE-2021-28436\",\n \"CVE-2021-28437\",\n \"CVE-2021-28439\",\n \"CVE-2021-28440\",\n \"CVE-2021-28443\",\n \"CVE-2021-28444\",\n \"CVE-2021-28445\",\n \"CVE-2021-28446\",\n \"CVE-2021-28447\"\n );\n script_xref(name:\"MSKB\", value:\"5001347\");\n script_xref(name:\"MSFT\", value:\"MS21-5001347\");\n script_xref(name:\"IAVA\", value:\"2021-A-0171-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0168-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0021\");\n\n script_name(english:\"KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094,\n CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Hyper-V Denial of Service Vulnerability (CVE-2021-26416)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329,\n CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335,\n CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341,\n CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352,\n CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358,\n CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351,\n CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28439)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28443)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - N/A (CVE-2021-28445, CVE-2021-28446)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5001347\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5001347 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27095\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-28445\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-04';\nkbs = make_list(\n '5001347'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'14393',\n rollup_date:'04_2021',\n bulletin:bulletin,\n rollup_kb_list:[5001347])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_warning();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:16", "description": "The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Windows Event Tracing Elevation of Privilege Vulnerability (CVE-2021-27088)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094, CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability (CVE-2021-28313, CVE-2021-28321, CVE-2021-28322)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28319, CVE-2021-28439)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351, CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28438, CVE-2021-28443)\n\n - Windows TCP/IP Information Disclosure Vulnerability (CVE-2021-28442)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - Windows Services and Controller App Elevation of Privilege Vulnerability (CVE-2021-27086)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-13T00:00:00", "type": "nessus", "title": "KB5001339: Windows 10 version 1803 Security Update (April 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26413", "CVE-2021-26415", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27086", "CVE-2021-27088", "CVE-2021-27089", "CVE-2021-27092", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28310", "CVE-2021-28311", "CVE-2021-28313", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28319", "CVE-2021-28320", "CVE-2021-28321", "CVE-2021-28322", "CVE-2021-28323", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28438", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28442", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28447"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_APR_5001339.NASL", "href": "https://www.tenable.com/plugins/nessus/148468", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148468);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-26413\",\n \"CVE-2021-26415\",\n \"CVE-2021-27072\",\n \"CVE-2021-27079\",\n \"CVE-2021-27086\",\n \"CVE-2021-27088\",\n \"CVE-2021-27089\",\n \"CVE-2021-27092\",\n \"CVE-2021-27093\",\n \"CVE-2021-27094\",\n \"CVE-2021-27095\",\n \"CVE-2021-27096\",\n \"CVE-2021-28309\",\n \"CVE-2021-28310\",\n \"CVE-2021-28311\",\n \"CVE-2021-28313\",\n \"CVE-2021-28315\",\n \"CVE-2021-28316\",\n \"CVE-2021-28317\",\n \"CVE-2021-28318\",\n \"CVE-2021-28319\",\n \"CVE-2021-28320\",\n \"CVE-2021-28321\",\n \"CVE-2021-28322\",\n \"CVE-2021-28323\",\n \"CVE-2021-28325\",\n \"CVE-2021-28326\",\n \"CVE-2021-28327\",\n \"CVE-2021-28328\",\n \"CVE-2021-28329\",\n \"CVE-2021-28330\",\n \"CVE-2021-28331\",\n \"CVE-2021-28332\",\n \"CVE-2021-28333\",\n \"CVE-2021-28334\",\n \"CVE-2021-28335\",\n \"CVE-2021-28336\",\n \"CVE-2021-28337\",\n \"CVE-2021-28338\",\n \"CVE-2021-28339\",\n \"CVE-2021-28340\",\n \"CVE-2021-28341\",\n \"CVE-2021-28342\",\n \"CVE-2021-28343\",\n \"CVE-2021-28344\",\n \"CVE-2021-28345\",\n \"CVE-2021-28346\",\n \"CVE-2021-28347\",\n \"CVE-2021-28348\",\n \"CVE-2021-28349\",\n \"CVE-2021-28350\",\n \"CVE-2021-28351\",\n \"CVE-2021-28352\",\n \"CVE-2021-28353\",\n \"CVE-2021-28354\",\n \"CVE-2021-28355\",\n \"CVE-2021-28356\",\n \"CVE-2021-28357\",\n \"CVE-2021-28358\",\n \"CVE-2021-28434\",\n \"CVE-2021-28435\",\n \"CVE-2021-28436\",\n \"CVE-2021-28437\",\n \"CVE-2021-28438\",\n \"CVE-2021-28439\",\n \"CVE-2021-28440\",\n \"CVE-2021-28442\",\n \"CVE-2021-28443\",\n \"CVE-2021-28444\",\n \"CVE-2021-28447\"\n );\n script_xref(name:\"MSKB\", value:\"5001339\");\n script_xref(name:\"MSFT\", value:\"MS21-5001339\");\n script_xref(name:\"IAVA\", value:\"2021-A-0168-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0021\");\n\n script_name(english:\"KB5001339: Windows 10 version 1803 Security Update (April 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Windows Event Tracing Elevation of Privilege Vulnerability (CVE-2021-27088)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094,\n CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability (CVE-2021-28313,\n CVE-2021-28321, CVE-2021-28322)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28319, CVE-2021-28439)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329,\n CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335,\n CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341,\n CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352,\n CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358,\n CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351,\n CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28438, CVE-2021-28443)\n\n - Windows TCP/IP Information Disclosure Vulnerability (CVE-2021-28442)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - Windows Services and Controller App Elevation of Privilege Vulnerability (CVE-2021-27086)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5001339\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5001339 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27092\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-04';\nkbs = make_list(\n '5001339'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'17134',\n rollup_date:'04_2021',\n bulletin:bulletin,\n rollup_kb_list:[5001339])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:58", "description": "The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Windows Event Tracing Elevation of Privilege Vulnerability (CVE-2021-27088)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094, CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Hyper-V Denial of Service Vulnerability (CVE-2021-26416)\n\n - Windows Overlay Filter Information Disclosure Vulnerability (CVE-2021-26417)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Windows NTFS Denial of Service Vulnerability (CVE-2021-28312)\n\n - Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability (CVE-2021-28313, CVE-2021-28321, CVE-2021-28322)\n\n - Windows Hyper-V Elevation of Privilege Vulnerability (CVE-2021-28314)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28319, CVE-2021-28439)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351, CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28438, CVE-2021-28443)\n\n - Windows Hyper-V Information Disclosure Vulnerability (CVE-2021-28441)\n\n - Windows TCP/IP Information Disclosure Vulnerability (CVE-2021-28442)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - N/A (CVE-2021-28445, CVE-2021-28446)\n\n - Windows Services and Controller App Elevation of Privilege Vulnerability (CVE-2021-27086)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-13T00:00:00", "type": "nessus", "title": "KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26413", "CVE-2021-26415", "CVE-2021-26416", "CVE-2021-26417", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27086", "CVE-2021-27088", "CVE-2021-27089", "CVE-2021-27092", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28310", "CVE-2021-28311", "CVE-2021-28312", "CVE-2021-28313", "CVE-2021-28314", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28319", "CVE-2021-28320", "CVE-2021-28321", "CVE-2021-28322", "CVE-2021-28323", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28438", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28441", "CVE-2021-28442", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28445", "CVE-2021-28446", "CVE-2021-28447"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_APR_5001342.NASL", "href": "https://www.tenable.com/plugins/nessus/148473", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148473);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-26413\",\n \"CVE-2021-26415\",\n \"CVE-2021-26416\",\n \"CVE-2021-26417\",\n \"CVE-2021-27072\",\n \"CVE-2021-27079\",\n \"CVE-2021-27086\",\n \"CVE-2021-27088\",\n \"CVE-2021-27089\",\n \"CVE-2021-27092\",\n \"CVE-2021-27093\",\n \"CVE-2021-27094\",\n \"CVE-2021-27095\",\n \"CVE-2021-27096\",\n \"CVE-2021-28309\",\n \"CVE-2021-28310\",\n \"CVE-2021-28311\",\n \"CVE-2021-28312\",\n \"CVE-2021-28313\",\n \"CVE-2021-28314\",\n \"CVE-2021-28315\",\n \"CVE-2021-28316\",\n \"CVE-2021-28317\",\n \"CVE-2021-28318\",\n \"CVE-2021-28319\",\n \"CVE-2021-28320\",\n \"CVE-2021-28321\",\n \"CVE-2021-28322\",\n \"CVE-2021-28323\",\n \"CVE-2021-28325\",\n \"CVE-2021-28326\",\n \"CVE-2021-28327\",\n \"CVE-2021-28328\",\n \"CVE-2021-28329\",\n \"CVE-2021-28330\",\n \"CVE-2021-28331\",\n \"CVE-2021-28332\",\n \"CVE-2021-28333\",\n \"CVE-2021-28334\",\n \"CVE-2021-28335\",\n \"CVE-2021-28336\",\n \"CVE-2021-28337\",\n \"CVE-2021-28338\",\n \"CVE-2021-28339\",\n \"CVE-2021-28340\",\n \"CVE-2021-28341\",\n \"CVE-2021-28342\",\n \"CVE-2021-28343\",\n \"CVE-2021-28344\",\n \"CVE-2021-28345\",\n \"CVE-2021-28346\",\n \"CVE-2021-28347\",\n \"CVE-2021-28348\",\n \"CVE-2021-28349\",\n \"CVE-2021-28350\",\n \"CVE-2021-28351\",\n \"CVE-2021-28352\",\n \"CVE-2021-28353\",\n \"CVE-2021-28354\",\n \"CVE-2021-28355\",\n \"CVE-2021-28356\",\n \"CVE-2021-28357\",\n \"CVE-2021-28358\",\n \"CVE-2021-28434\",\n \"CVE-2021-28435\",\n \"CVE-2021-28436\",\n \"CVE-2021-28437\",\n \"CVE-2021-28438\",\n \"CVE-2021-28439\",\n \"CVE-2021-28440\",\n \"CVE-2021-28441\",\n \"CVE-2021-28442\",\n \"CVE-2021-28443\",\n \"CVE-2021-28444\",\n \"CVE-2021-28445\",\n \"CVE-2021-28446\",\n \"CVE-2021-28447\"\n );\n script_xref(name:\"MSKB\", value:\"5001342\");\n script_xref(name:\"MSFT\", value:\"MS21-5001342\");\n script_xref(name:\"IAVA\", value:\"2021-A-0171-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0168-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0021\");\n\n script_name(english:\"KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Windows Event Tracing Elevation of Privilege Vulnerability (CVE-2021-27088)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094,\n CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Hyper-V Denial of Service Vulnerability (CVE-2021-26416)\n\n - Windows Overlay Filter Information Disclosure Vulnerability (CVE-2021-26417)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Windows NTFS Denial of Service Vulnerability (CVE-2021-28312)\n\n - Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability (CVE-2021-28313,\n CVE-2021-28321, CVE-2021-28322)\n\n - Windows Hyper-V Elevation of Privilege Vulnerability (CVE-2021-28314)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28319, CVE-2021-28439)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329,\n CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335,\n CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341,\n CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352,\n CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358,\n CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351,\n CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28438, CVE-2021-28443)\n\n - Windows Hyper-V Information Disclosure Vulnerability (CVE-2021-28441)\n\n - Windows TCP/IP Information Disclosure Vulnerability (CVE-2021-28442)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - N/A (CVE-2021-28445, CVE-2021-28446)\n\n - Windows Services and Controller App Elevation of Privilege Vulnerability (CVE-2021-27086)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5001342\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5001342 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27092\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-04';\nkbs = make_list(\n '5001342'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'17763',\n rollup_date:'04_2021',\n bulletin:bulletin,\n rollup_kb_list:[5001342])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:19", "description": "The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Windows Event Tracing Elevation of Privilege Vulnerability (CVE-2021-27088)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094, CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Hyper-V Denial of Service Vulnerability (CVE-2021-26416)\n\n - Windows Overlay Filter Information Disclosure Vulnerability (CVE-2021-26417)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Windows NTFS Denial of Service Vulnerability (CVE-2021-28312)\n\n - Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability (CVE-2021-28313, CVE-2021-28321, CVE-2021-28322)\n\n - Windows Hyper-V Elevation of Privilege Vulnerability (CVE-2021-28314)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28319, CVE-2021-28439)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351, CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28438, CVE-2021-28443)\n\n - Windows Hyper-V Information Disclosure Vulnerability (CVE-2021-28441)\n\n - Windows TCP/IP Information Disclosure Vulnerability (CVE-2021-28442)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - Windows Network File System Remote Code Execution Vulnerability (CVE-2021-28445) \n - Windows Portmapping Information Disclosure Vulnerability (CVE-2021-28446)\n\n - Windows Services and Controller App Elevation of Privilege Vulnerability (CVE-2021-27086)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-13T00:00:00", "type": "nessus", "title": "KB5001337: Windows 10 version 1909 / Windows Server 1909 Security Update (Apr 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26413", "CVE-2021-26415", "CVE-2021-26416", "CVE-2021-26417", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27086", "CVE-2021-27088", "CVE-2021-27089", "CVE-2021-27092", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28310", "CVE-2021-28311", "CVE-2021-28312", "CVE-2021-28313", "CVE-2021-28314", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28319", "CVE-2021-28320", "CVE-2021-28321", "CVE-2021-28322", "CVE-2021-28323", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28438", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28441", "CVE-2021-28442", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28445", "CVE-2021-28446", "CVE-2021-28447"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_APR_5001337.NASL", "href": "https://www.tenable.com/plugins/nessus/148461", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148461);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-26413\",\n \"CVE-2021-26415\",\n \"CVE-2021-26416\",\n \"CVE-2021-26417\",\n \"CVE-2021-27072\",\n \"CVE-2021-27079\",\n \"CVE-2021-27086\",\n \"CVE-2021-27088\",\n \"CVE-2021-27089\",\n \"CVE-2021-27092\",\n \"CVE-2021-27093\",\n \"CVE-2021-27094\",\n \"CVE-2021-27095\",\n \"CVE-2021-27096\",\n \"CVE-2021-28309\",\n \"CVE-2021-28310\",\n \"CVE-2021-28311\",\n \"CVE-2021-28312\",\n \"CVE-2021-28313\",\n \"CVE-2021-28314\",\n \"CVE-2021-28315\",\n \"CVE-2021-28316\",\n \"CVE-2021-28317\",\n \"CVE-2021-28318\",\n \"CVE-2021-28319\",\n \"CVE-2021-28320\",\n \"CVE-2021-28321\",\n \"CVE-2021-28322\",\n \"CVE-2021-28323\",\n \"CVE-2021-28325\",\n \"CVE-2021-28326\",\n \"CVE-2021-28327\",\n \"CVE-2021-28328\",\n \"CVE-2021-28329\",\n \"CVE-2021-28330\",\n \"CVE-2021-28331\",\n \"CVE-2021-28332\",\n \"CVE-2021-28333\",\n \"CVE-2021-28334\",\n \"CVE-2021-28335\",\n \"CVE-2021-28336\",\n \"CVE-2021-28337\",\n \"CVE-2021-28338\",\n \"CVE-2021-28339\",\n \"CVE-2021-28340\",\n \"CVE-2021-28341\",\n \"CVE-2021-28342\",\n \"CVE-2021-28343\",\n \"CVE-2021-28344\",\n \"CVE-2021-28345\",\n \"CVE-2021-28346\",\n \"CVE-2021-28347\",\n \"CVE-2021-28348\",\n \"CVE-2021-28349\",\n \"CVE-2021-28350\",\n \"CVE-2021-28351\",\n \"CVE-2021-28352\",\n \"CVE-2021-28353\",\n \"CVE-2021-28354\",\n \"CVE-2021-28355\",\n \"CVE-2021-28356\",\n \"CVE-2021-28357\",\n \"CVE-2021-28358\",\n \"CVE-2021-28434\",\n \"CVE-2021-28435\",\n \"CVE-2021-28436\",\n \"CVE-2021-28437\",\n \"CVE-2021-28438\",\n \"CVE-2021-28439\",\n \"CVE-2021-28440\",\n \"CVE-2021-28441\",\n \"CVE-2021-28442\",\n \"CVE-2021-28443\",\n \"CVE-2021-28444\",\n \"CVE-2021-28445\",\n \"CVE-2021-28446\",\n \"CVE-2021-28447\"\n );\n script_xref(name:\"MSKB\", value:\"5001337\");\n script_xref(name:\"MSFT\", value:\"MS21-5001337\");\n script_xref(name:\"IAVA\", value:\"2021-A-0171-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0168-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0021\");\n\n script_name(english:\"KB5001337: Windows 10 version 1909 / Windows Server 1909 Security Update (Apr 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310)\n\n - Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079)\n\n - Windows Event Tracing Elevation of Privilege Vulnerability (CVE-2021-27088)\n\n - Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089)\n\n - Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092)\n\n - Windows Kernel Information Disclosure Vulnerability (CVE-2021-27093, CVE-2021-28309)\n\n - Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability (CVE-2021-27094,\n CVE-2021-28447)\n\n - Windows Media Video Decoder Remote Code Execution Vulnerability (CVE-2021-27095, CVE-2021-28315)\n\n - NTFS Elevation of Privilege Vulnerability (CVE-2021-27096)\n\n - Windows Installer Spoofing Vulnerability (CVE-2021-26413)\n\n - Windows Installer Elevation of Privilege Vulnerability (CVE-2021-26415, CVE-2021-28440)\n\n - Windows Hyper-V Denial of Service Vulnerability (CVE-2021-26416)\n\n - Windows Overlay Filter Information Disclosure Vulnerability (CVE-2021-26417)\n\n - Windows Application Compatibility Cache Denial of Service Vulnerability (CVE-2021-28311)\n\n - Windows NTFS Denial of Service Vulnerability (CVE-2021-28312)\n\n - Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability (CVE-2021-28313,\n CVE-2021-28321, CVE-2021-28322)\n\n - Windows Hyper-V Elevation of Privilege Vulnerability (CVE-2021-28314)\n\n - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability (CVE-2021-28316)\n\n - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2021-28317)\n\n - Windows GDI+ Information Disclosure Vulnerability (CVE-2021-28318)\n\n - Windows TCP/IP Driver Denial of Service Vulnerability (CVE-2021-28319, CVE-2021-28439)\n\n - Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability (CVE-2021-28320)\n\n - Windows DNS Information Disclosure Vulnerability (CVE-2021-28323, CVE-2021-28328)\n\n - Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)\n\n - Windows AppX Deployment Server Denial of Service Vulnerability (CVE-2021-28326)\n\n - Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2021-28327, CVE-2021-28329,\n CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335,\n CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341,\n CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352,\n CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358,\n CVE-2021-28434)\n\n - Windows Speech Runtime Elevation of Privilege Vulnerability (CVE-2021-28347, CVE-2021-28351,\n CVE-2021-28436)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2021-28348, CVE-2021-28349, CVE-2021-28350)\n\n - Windows Event Tracing Information Disclosure Vulnerability (CVE-2021-28435)\n\n - Windows Installer Information Disclosure Vulnerability (CVE-2021-28437)\n\n - Windows Console Driver Denial of Service Vulnerability (CVE-2021-28438, CVE-2021-28443)\n\n - Windows Hyper-V Information Disclosure Vulnerability (CVE-2021-28441)\n\n - Windows TCP/IP Information Disclosure Vulnerability (CVE-2021-28442)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2021-28444)\n\n - Windows Network File System Remote Code Execution Vulnerability (CVE-2021-28445)\n \n - Windows Portmapping Information Disclosure Vulnerability (CVE-2021-28446)\n\n - Windows Services and Controller App Elevation of Privilege Vulnerability (CVE-2021-27086)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5001337\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5001337 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27092\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-04';\nkbs = make_list(\n '5001337'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'18363',\n rollup_date:'04_2021',\n bulletin:bulletin,\n rollup_kb_list:[5001337])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:28:22", "description": "The remote Windows host is missing a security update. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-05T00:00:00", "type": "nessus", "title": "KB5001330: Windows 10 Version 2004 / Windows 10 Version 20H2 Security Update (April 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26413", "CVE-2021-26415", "CVE-2021-26416", "CVE-2021-26417", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27086", "CVE-2021-27088", "CVE-2021-27089", "CVE-2021-27090", "CVE-2021-27092", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28310", "CVE-2021-28311", "CVE-2021-28312", "CVE-2021-28313", "CVE-2021-28314", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28319", "CVE-2021-28320", "CVE-2021-28321", "CVE-2021-28322", "CVE-2021-28323", "CVE-2021-28324", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28438", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28441", "CVE-2021-28442", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28445", "CVE-2021-28446", "CVE-2021-28447"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_APR_5001330.NASL", "href": "https://www.tenable.com/plugins/nessus/149259", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149259);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-26413\",\n \"CVE-2021-26415\",\n \"CVE-2021-26416\",\n \"CVE-2021-26417\",\n \"CVE-2021-27072\",\n \"CVE-2021-27079\",\n \"CVE-2021-27086\",\n \"CVE-2021-27088\",\n \"CVE-2021-27089\",\n \"CVE-2021-27090\",\n \"CVE-2021-27092\",\n \"CVE-2021-27093\",\n \"CVE-2021-27094\",\n \"CVE-2021-27095\",\n \"CVE-2021-27096\",\n \"CVE-2021-28309\",\n \"CVE-2021-28310\",\n \"CVE-2021-28311\",\n \"CVE-2021-28312\",\n \"CVE-2021-28313\",\n \"CVE-2021-28314\",\n \"CVE-2021-28315\",\n \"CVE-2021-28316\",\n \"CVE-2021-28317\",\n \"CVE-2021-28318\",\n \"CVE-2021-28319\",\n \"CVE-2021-28320\",\n \"CVE-2021-28321\",\n \"CVE-2021-28322\",\n \"CVE-2021-28323\",\n \"CVE-2021-28324\",\n \"CVE-2021-28325\",\n \"CVE-2021-28326\",\n \"CVE-2021-28327\",\n \"CVE-2021-28328\",\n \"CVE-2021-28329\",\n \"CVE-2021-28330\",\n \"CVE-2021-28331\",\n \"CVE-2021-28332\",\n \"CVE-2021-28333\",\n \"CVE-2021-28334\",\n \"CVE-2021-28335\",\n \"CVE-2021-28336\",\n \"CVE-2021-28337\",\n \"CVE-2021-28338\",\n \"CVE-2021-28339\",\n \"CVE-2021-28340\",\n \"CVE-2021-28341\",\n \"CVE-2021-28342\",\n \"CVE-2021-28343\",\n \"CVE-2021-28344\",\n \"CVE-2021-28345\",\n \"CVE-2021-28346\",\n \"CVE-2021-28347\",\n \"CVE-2021-28348\",\n \"CVE-2021-28349\",\n \"CVE-2021-28350\",\n \"CVE-2021-28351\",\n \"CVE-2021-28352\",\n \"CVE-2021-28353\",\n \"CVE-2021-28354\",\n \"CVE-2021-28355\",\n \"CVE-2021-28356\",\n \"CVE-2021-28357\",\n \"CVE-2021-28358\",\n \"CVE-2021-28434\",\n \"CVE-2021-28435\",\n \"CVE-2021-28436\",\n \"CVE-2021-28437\",\n \"CVE-2021-28438\",\n \"CVE-2021-28439\",\n \"CVE-2021-28440\",\n \"CVE-2021-28441\",\n \"CVE-2021-28442\",\n \"CVE-2021-28443\",\n \"CVE-2021-28444\",\n \"CVE-2021-28445\",\n \"CVE-2021-28446\",\n \"CVE-2021-28447\"\n );\n script_xref(name:\"MSKB\", value:\"5001330\");\n script_xref(name:\"IAVA\", value:\"2021-A-0168-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429-S\");\n script_xref(name:\"MSFT\", value:\"MS21-5001330\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0021\");\n\n script_name(english:\"KB5001330: Windows 10 Version 2004 / Windows 10 Version 20H2 Security Update (April 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing a security update. Note that\nNessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5001330\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5001330 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27092\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nvar bulletin, kbs, share;\n\nbulletin = 'MS21-04';\nkbs = make_list(\n '5001330'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19041',\n rollup_date:'04_2021',\n bulletin:bulletin,\n rollup_kb_list:[5001330])\n||\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19042',\n rollup_date:'04_2021',\n bulletin:bulletin,\n rollup_kb_list:[5001330])\n)\n\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2023-05-27T15:01:39", "description": "### *Detect date*:\n04/13/2021\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 for 32-bit Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server, version 1909 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 10 for x64-based Systems \nMicrosoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6) \nWindows Server 2012 R2 \nMicrosoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nVP9 Video Extensions \nWindows 8.1 for x64-based systems \nRaw Image Extension \nMicrosoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) \nWindows 10 Version 1909 for x64-based Systems \nMicrosoft Visual Studio 2015 Update 3 \nWindows Server 2016 \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2019 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows RT 8.1 \nWindows 10 Version 1607 for 32-bit Systems \nWindows Server, version 2004 (Server Core installation) \nWindows 8.1 for 32-bit systems \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1803 for x64-based Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server, version 20H2 (Server Core Installation) \nWindows 10 Version 1809 for 32-bit Systems \nWindows Server 2012 \nWindows 10 Version 20H2 for x64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows Server 2012 R2 (Server Core installation) \nMicrosoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-28435](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28435>) \n[CVE-2021-28447](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28447>) \n[CVE-2021-27096](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27096>) \n[CVE-2021-28330](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28330>) \n[CVE-2021-28338](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28338>) \n[CVE-2021-27092](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27092>) \n[CVE-2021-28329](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28329>) \n[CVE-2021-28468](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28468>) \n[CVE-2021-28438](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28438>) \n[CVE-2021-26417](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26417>) \n[CVE-2021-28332](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28332>) \n[CVE-2021-28309](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28309>) \n[CVE-2021-28342](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28342>) \n[CVE-2021-27095](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27095>) \n[CVE-2021-28334](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28334>) \n[CVE-2021-26413](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26413>) \n[CVE-2021-27089](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27089>) \n[CVE-2021-27094](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27094>) \n[CVE-2021-28358](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28358>) \n[CVE-2021-28444](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28444>) \n[CVE-2021-28336](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28336>) \n[CVE-2021-28440](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28440>) \n[CVE-2021-27091](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27091>) \n[CVE-2021-28325](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28325>) \n[CVE-2021-28441](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28441>) \n[CVE-2021-28320](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28320>) \n[CVE-2021-28322](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28322>) \n[CVE-2021-28350](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28350>) \n[CVE-2021-28335](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28335>) \n[CVE-2021-28352](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28352>) \n[CVE-2021-27086](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27086>) \n[CVE-2021-27079](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27079>) \n[CVE-2021-28340](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28340>) \n[CVE-2021-28318](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28318>) \n[CVE-2021-28312](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28312>) \n[CVE-2021-28446](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28446>) \n[CVE-2021-27072](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27072>) \n[CVE-2021-28331](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28331>) \n[CVE-2021-27088](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27088>) \n[CVE-2021-28319](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28319>) \n[CVE-2021-28311](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28311>) \n[CVE-2021-28466](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28466>) \n[CVE-2021-28356](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28356>) \n[CVE-2021-28328](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28328>) \n[CVE-2021-28349](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28349>) \n[CVE-2021-28439](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28439>) \n[CVE-2021-28313](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28313>) \n[CVE-2021-28315](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28315>) \n[CVE-2021-28344](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28344>) \n[CVE-2021-27090](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27090>) \n[CVE-2021-28355](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28355>) \n[CVE-2021-28339](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28339>) \n[CVE-2021-28351](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28351>) \n[CVE-2021-28347](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28347>) \n[CVE-2021-27093](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27093>) \n[CVE-2021-28317](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28317>) \n[CVE-2021-28345](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28345>) \n[CVE-2021-28314](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28314>) \n[CVE-2021-28464](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28464>) \n[CVE-2021-28333](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28333>) \n[CVE-2021-28323](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28323>) \n[CVE-2021-28434](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28434>) \n[CVE-2021-28437](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28437>) \n[CVE-2021-26416](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26416>) \n[CVE-2021-28316](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28316>) \n[CVE-2021-28341](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28341>) \n[CVE-2021-28321](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28321>) \n[CVE-2021-28436](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28436>) \n[CVE-2021-28337](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28337>) \n[CVE-2021-28357](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28357>) \n[CVE-2021-28310](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28310>) \n[CVE-2021-28324](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28324>) \n[CVE-2021-28326](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28326>) \n[CVE-2021-28445](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28445>) \n[CVE-2021-28346](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28346>) \n[CVE-2021-28327](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28327>) \n[CVE-2021-28353](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28353>) \n[CVE-2021-26415](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26415>) \n[CVE-2021-28443](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28443>) \n[CVE-2021-28442](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28442>) \n[CVE-2021-28348](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28348>) \n[CVE-2021-28354](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28354>) \n[CVE-2021-28343](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28343>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Visual Studio](<https://threats.kaspersky.com/en/product/Microsoft-Visual-Studio/>)\n\n### *CVE-IDS*:\n[CVE-2021-28435](<https://vulners.com/cve/CVE-2021-28435>)2.1Warning \n[CVE-2021-28447](<https://vulners.com/cve/CVE-2021-28447>)2.1Warning \n[CVE-2021-27096](<https://vulners.com/cve/CVE-2021-27096>)4.6Warning \n[CVE-2021-28330](<https://vulners.com/cve/CVE-2021-28330>)6.5High \n[CVE-2021-28338](<https://vulners.com/cve/CVE-2021-28338>)6.5High \n[CVE-2021-27092](<https://vulners.com/cve/CVE-2021-27092>)7.5Critical \n[CVE-2021-28329](<https://vulners.com/cve/CVE-2021-28329>)6.5High \n[CVE-2021-28468](<https://vulners.com/cve/CVE-2021-28468>)6.8High \n[CVE-2021-28438](<https://vulners.com/cve/CVE-2021-28438>)2.1Warning \n[CVE-2021-26417](<https://vulners.com/cve/CVE-2021-26417>)2.1Warning \n[CVE-2021-28332](<https://vulners.com/cve/CVE-2021-28332>)6.5High \n[CVE-2021-28309](<https://vulners.com/cve/CVE-2021-28309>)2.1Warning \n[CVE-2021-28342](<https://vulners.com/cve/CVE-2021-28342>)6.5High \n[CVE-2021-27095](<https://vulners.com/cve/CVE-2021-27095>)6.8High \n[CVE-2021-28334](<https://vulners.com/cve/CVE-2021-28334>)6.5High \n[CVE-2021-26413](<https://vulners.com/cve/CVE-2021-26413>)2.1Warning \n[CVE-2021-27089](<https://vulners.com/cve/CVE-2021-27089>)6.8High \n[CVE-2021-27094](<https://vulners.com/cve/CVE-2021-27094>)2.1Warning \n[CVE-2021-28358](<https://vulners.com/cve/CVE-2021-28358>)6.5High \n[CVE-2021-28444](<https://vulners.com/cve/CVE-2021-28444>)4.0Warning \n[CVE-2021-28336](<https://vulners.com/cve/CVE-2021-28336>)6.5High \n[CVE-2021-28440](<https://vulners.com/cve/CVE-2021-28440>)4.6Warning \n[CVE-2021-27091](<https://vulners.com/cve/CVE-2021-27091>)4.6Warning \n[CVE-2021-28325](<https://vulners.com/cve/CVE-2021-28325>)4.0Warning \n[CVE-2021-28441](<https://vulners.com/cve/CVE-2021-28441>)2.1Warning \n[CVE-2021-28320](<https://vulners.com/cve/CVE-2021-28320>)4.6Warning \n[CVE-2021-28322](<https://vulners.com/cve/CVE-2021-28322>)4.6Warning \n[CVE-2021-28350](<https://vulners.com/cve/CVE-2021-28350>)4.6Warning \n[CVE-2021-28335](<https://vulners.com/cve/CVE-2021-28335>)6.5High \n[CVE-2021-28352](<https://vulners.com/cve/CVE-2021-28352>)6.5High \n[CVE-2021-27086](<https://vulners.com/cve/CVE-2021-27086>)4.6Warning \n[CVE-2021-27079](<https://vulners.com/cve/CVE-2021-27079>)6.3High \n[CVE-2021-28340](<https://vulners.com/cve/CVE-2021-28340>)6.5High \n[CVE-2021-28318](<https://vulners.com/cve/CVE-2021-28318>)2.1Warning \n[CVE-2021-28312](<https://vulners.com/cve/CVE-2021-28312>)4.3Warning \n[CVE-2021-28446](<https://vulners.com/cve/CVE-2021-28446>)2.1Warning \n[CVE-2021-27072](<https://vulners.com/cve/CVE-2021-27072>)4.6Warning \n[CVE-2021-28331](<https://vulners.com/cve/CVE-2021-28331>)6.5High \n[CVE-2021-27088](<https://vulners.com/cve/CVE-2021-27088>)4.6Warning \n[CVE-2021-28319](<https://vulners.com/cve/CVE-2021-28319>)5.0Critical \n[CVE-2021-28311](<https://vulners.com/cve/CVE-2021-28311>)4.3Warning \n[CVE-2021-28466](<https://vulners.com/cve/CVE-2021-28466>)6.8High \n[CVE-2021-28356](<https://vulners.com/cve/CVE-2021-28356>)6.5High \n[CVE-2021-28328](<https://vulners.com/cve/CVE-2021-28328>)4.0Warning \n[CVE-2021-28349](<https://vulners.com/cve/CVE-2021-28349>)4.6Warning \n[CVE-2021-28439](<https://vulners.com/cve/CVE-2021-28439>)5.0Critical \n[CVE-2021-28313](<https://vulners.com/cve/CVE-2021-28313>)4.6Warning \n[CVE-2021-28315](<https://vulners.com/cve/CVE-2021-28315>)4.6Warning \n[CVE-2021-28344](<https://vulners.com/cve/CVE-2021-28344>)6.5High \n[CVE-2021-27090](<https://vulners.com/cve/CVE-2021-27090>)4.6Warning \n[CVE-2021-28355](<https://vulners.com/cve/CVE-2021-28355>)6.5High \n[CVE-2021-28339](<https://vulners.com/cve/CVE-2021-28339>)6.5High \n[CVE-2021-28351](<https://vulners.com/cve/CVE-2021-28351>)4.6Warning \n[CVE-2021-28347](<https://vulners.com/cve/CVE-2021-28347>)4.6Warning \n[CVE-2021-27093](<https://vulners.com/cve/CVE-2021-27093>)2.1Warning \n[CVE-2021-28317](<https://vulners.com/cve/CVE-2021-28317>)2.1Warning \n[CVE-2021-28345](<https://vulners.com/cve/CVE-2021-28345>)6.5High \n[CVE-2021-28314](<https://vulners.com/cve/CVE-2021-28314>)4.6Warning \n[CVE-2021-28464](<https://vulners.com/cve/CVE-2021-28464>)6.8High \n[CVE-2021-28333](<https://vulners.com/cve/CVE-2021-28333>)6.5High \n[CVE-2021-28323](<https://vulners.com/cve/CVE-2021-28323>)4.0Warning \n[CVE-2021-28434](<https://vulners.com/cve/CVE-2021-28434>)6.5High \n[CVE-2021-28437](<https://vulners.com/cve/CVE-2021-28437>)2.1Warning \n[CVE-2021-26416](<https://vulners.com/cve/CVE-2021-26416>)7.8Critical \n[CVE-2021-28316](<https://vulners.com/cve/CVE-2021-28316>)2.1Warning \n[CVE-2021-28341](<https://vulners.com/cve/CVE-2021-28341>)6.5High \n[CVE-2021-28321](<https://vulners.com/cve/CVE-2021-28321>)4.6Warning \n[CVE-2021-28436](<https://vulners.com/cve/CVE-2021-28436>)4.6Warning \n[CVE-2021-28337](<https://vulners.com/cve/CVE-2021-28337>)6.5High \n[CVE-2021-28357](<https://vulners.com/cve/CVE-2021-28357>)6.5High \n[CVE-2021-28310](<https://vulners.com/cve/CVE-2021-28310>)4.6Warning \n[CVE-2021-28324](<https://vulners.com/cve/CVE-2021-28324>)5.0Critical \n[CVE-2021-28326](<https://vulners.com/cve/CVE-2021-28326>)3.6Warning \n[CVE-2021-28445](<https://vulners.com/cve/CVE-2021-28445>)6.5High \n[CVE-2021-28346](<https://vulners.com/cve/CVE-2021-28346>)6.5High \n[CVE-2021-28327](<https://vulners.com/cve/CVE-2021-28327>)6.5High \n[CVE-2021-28353](<https://vulners.com/cve/CVE-2021-28353>)6.5High \n[CVE-2021-26415](<https://vulners.com/cve/CVE-2021-26415>)4.6Warning \n[CVE-2021-28443](<https://vulners.com/cve/CVE-2021-28443>)2.1Warning \n[CVE-2021-28442](<https://vulners.com/cve/CVE-2021-28442>)4.0Warning \n[CVE-2021-28348](<https://vulners.com/cve/CVE-2021-28348>)4.6Warning \n[CVE-2021-28354](<https://vulners.com/cve/CVE-2021-28354>)6.5High \n[CVE-2021-28343](<https://vulners.com/cve/CVE-2021-28343>)6.5High\n\n### *KB list*:\n[5001347](<http://support.microsoft.com/kb/5001347>) \n[5001330](<http://support.microsoft.com/kb/5001330>) \n[5001337](<http://support.microsoft.com/kb/5001337>) \n[5001383](<http://support.microsoft.com/kb/5001383>) \n[5001387](<http://support.microsoft.com/kb/5001387>) \n[5001393](<http://support.microsoft.com/kb/5001393>) \n[5001342](<http://support.microsoft.com/kb/5001342>) \n[5001382](<http://support.microsoft.com/kb/5001382>) \n[5001339](<http://support.microsoft.com/kb/5001339>) \n[5001340](<http://support.microsoft.com/kb/5001340>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T00:00:00", "type": "kaspersky", "title": "KLA12139 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26413", "CVE-2021-26415", "CVE-2021-26416", "CVE-2021-26417", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27086", "CVE-2021-27088", "CVE-2021-27089", "CVE-2021-27090", "CVE-2021-27091", "CVE-2021-27092", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28310", "CVE-2021-28311", "CVE-2021-28312", "CVE-2021-28313", "CVE-2021-28314", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28319", "CVE-2021-28320", "CVE-2021-28321", "CVE-2021-28322", "CVE-2021-28323", "CVE-2021-28324", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28438", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28441", "CVE-2021-28442", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28445", "CVE-2021-28446", "CVE-2021-28447", "CVE-2021-28464", "CVE-2021-28466", "CVE-2021-28468"], "modified": "2021-04-22T00:00:00", "id": "KLA12139", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12139/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "rapid7blog": [{"lastseen": "2021-04-15T10:50:55", "description": "\n\nPatch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical by Microsoft. Let's dive in!\n\n## New Exchange Server Patches Available\n\nIf you were only going to patch one thing today, please let it be this. Exchange Server has been a hot topic since the vulnerabilities announced in the out-of-band advisory back at the beginning of March saw widespread exploitation. The vulnerabilities this month were reported to Microsoft via the NSA in the interest of national security. The Exchange team has [also released a very helpful blog post with instructions](<https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617 >) on how to patch from any version to the latest secure version. While these have not been exploited in the wild at the time of writing it is only a matter of time before someone reverse engineers the patches and gets up to no good.\n\nCVEs: [CVE-2021-28310](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28310>), [CVE-2021-28481](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28481>), [CVE-2021-28482](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28482>), [CVE-2021-28483](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28483>)\n\n## Windows RPC Runtime\n\nNext up we have a relatively high number of patches in the Windows Remote Procedure Call Runtime. There were 27 remote code execution vulnerabilities fixed this month. Someone was busy finding bugs! The RPC Runtime is available on all versions of Windows so make sure both Servers and Clients get these updates. Many of these are critical (according to the CVSS3 vectors) requiring no user interaction and only network level access. \n\nCVEs: [CVE-2021-28329](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28329>) to [CVE-2021-28339](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28339>) (please see the list below for a complete list)\n\n## Publicly Disclosed and Exploited\n\nLastly, we have a few vulnerabilities that have been disclosed publicly and one observed in the wild. A few of these are low severity but we rarely see vulnerabilities leveraged by themselves these days. Many attackers have shifted to using exploit chains in order to turn a few low severity bugs into a more complete compromise. Microsoft has also rated a few information disclosure vulnerabilities as \"Exploitation More Likely\" in SMB Server and the TCP/IP stack.\n\nCVEs: [CVE-2021-27091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27091>), [CVE-2021-28310](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28310>), [CVE-2021-28312](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28312>), [CVE-2021-28437](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28437>), [CVE-2021-28458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28458>), [CVE-2021-28324](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28324>), [CVE-2021-28442](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28442>)\n\n## Summary Tables\n\nHere are this month's patched vulnerabilities split by the product family.\n\n## Azure Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-28458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28458>) | Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2021-28460](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28460>) | Azure Sphere Unsigned Code Execution Vulnerability | No | No | 8.1 | Yes \n \n## Browser Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-21199](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21199>) | Chromium: CVE-2021-21199 Use Use after free in Aura | No | No | N/A | Yes \n[CVE-2021-21198](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21198>) | Chromium: CVE-2021-21198 Out of bounds read in IPC | No | No | N/A | Yes \n[CVE-2021-21197](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21197>) | Chromium: CVE-2021-21197 Heap buffer overflow in TabStrip | No | No | N/A | Yes \n[CVE-2021-21196](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21196>) | Chromium: CVE-2021-21196 Heap buffer overflow in TabStrip | No | No | N/A | Yes \n[CVE-2021-21195](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21195>) | Chromium: CVE-2021-21195 Use after free in V8 | No | No | N/A | Yes \n[CVE-2021-21194](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21194>) | Chromium: CVE-2021-21194 Use after free in screen capture | No | No | N/A | Yes \n \n## Developer Tools Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-27064](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064>) | Visual Studio Installer Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28457](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28457>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28469](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28469>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28475](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28475>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28473](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28473>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28477](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28477>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7 | No \n[CVE-2021-28472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28472>) | Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28448](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28448>) | Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28470](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28470>) | Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28471>) | Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-27067](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27067>) | Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-28459](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28459>) | Azure DevOps Server Spoofing Vulnerability | No | No | 6.1 | No \n \n## Exchange Server Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-28480](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28480>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-28481](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28481>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-28483](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28483>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 9 | Yes \n[CVE-2021-28482](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28482>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n \nMicrosoft Office Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-28453](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28453>) | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-28450](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28450>) | Microsoft SharePoint Denial of Service Update | No | No | 5 | No \n[CVE-2021-28452](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28452>) | Microsoft Outlook Memory Corruption Vulnerability | No | No | 7.1 | Yes \n[CVE-2021-28449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28449>) | Microsoft Office Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-28451](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28451>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-28454](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28454>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-28456](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28456>) | Microsoft Excel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n \n## Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-28442](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28442>) | Windows TCP/IP Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-28319](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28319>) | Windows TCP/IP Driver Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2021-28347](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28347>) | Windows Speech Runtime Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28351](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28351>) | Windows Speech Runtime Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28436](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28436>) | Windows Speech Runtime Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-27086](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27086>) | Windows Services and Controller App Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-27090](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27090>) | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28324](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28324>) | Windows SMB Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-28325](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28325>) | Windows SMB Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-28320](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28320>) | Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-26417](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26417>) | Windows Overlay Filter Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-28312](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28312>) | Windows NTFS Denial of Service Vulnerability | No | Yes | 3.3 | No \n[CVE-2021-27079](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27079>) | Windows Media Photo Codec Information Disclosure Vulnerability | No | No | 5.7 | Yes \n[CVE-2021-28444](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28444>) | Windows Hyper-V Security Feature Bypass Vulnerability | No | No | 5.7 | Yes \n[CVE-2021-28441](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28441>) | Windows Hyper-V Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-28314](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28314>) | Windows Hyper-V Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-26416](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26416>) | Windows Hyper-V Denial of Service Vulnerability | No | No | 7.7 | Yes \n[CVE-2021-28435](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28435>) | Windows Event Tracing Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-27088](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27088>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-27094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27094>) | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability | No | No | 4.4 | No \n[CVE-2021-28447](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28447>) | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability | No | No | 4.4 | No \n[CVE-2021-28438](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28438>) | Windows Console Driver Denial of Service Vulnerability | No | No | 5.5 | No \n[CVE-2021-28311](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28311>) | Windows Application Compatibility Cache Denial of Service Vulnerability | No | No | 6.5 | No \n[CVE-2021-28326](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28326>) | Windows AppX Deployment Server Denial of Service Vulnerability | No | No | 5.5 | No \n[CVE-2021-28310](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28310>) | Win32k Elevation of Privilege Vulnerability | Yes | No | 7.8 | No \n[CVE-2021-27072](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27072>) | Win32k Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-28464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28464>) | VP9 Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-28466](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28466>) | Raw Image Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-28468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28468>) | Raw Image Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-27092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27092>) | Azure AD Web Sign-in Security Feature Bypass Vulnerability | No | No | 6.8 | No \n \n## Windows Developer Tools Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-28313](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28313>) | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28321](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28321>) | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28322](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28322>) | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | No | No | 7.8 | No \n \n## Windows ESU Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-28316](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28316>) | Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability | No | No | 4.2 | No \n[CVE-2021-28439](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28439>) | Windows TCP/IP Driver Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2021-28446](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28446>) | Windows Portmapping Information Disclosure Vulnerability | No | No | 7.1 | Yes \n[CVE-2021-28445](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28445>) | Windows Network File System Remote Code Execution Vulnerability | No | No | 8.1 | No \n[CVE-2021-27095](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27095>) | Windows Media Video Decoder Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-28315](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28315>) | Windows Media Video Decoder Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-27093](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27093>) | Windows Kernel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-28309](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28309>) | Windows Kernel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-26413](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26413>) | Windows Installer Spoofing Vulnerability | No | No | 6.2 | No \n[CVE-2021-28437](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28437>) | Windows Installer Information Disclosure Vulnerability | No | Yes | 5.5 | Yes \n[CVE-2021-26415](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26415>) | Windows Installer Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28440](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28440>) | Windows Installer Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-28348](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28348>) | Windows GDI+ Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28349](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28349>) | Windows GDI+ Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28350](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28350>) | Windows GDI+ Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-28318](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28318>) | Windows GDI+ Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-28323](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28323>) | Windows DNS Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-28328](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28328>) | Windows DNS Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-28443](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28443>) | Windows Console Driver Denial of Service Vulnerability | No | No | 5.5 | No \n[CVE-2021-28329](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28329>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28330](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28330>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28331](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28331>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28332](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28332>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28333](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28333>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28334](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28334>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28335](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28335>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28336](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28336>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28337](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28337>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28338](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28338>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28339](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28339>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28343](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28343>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28327](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28327>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28340](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28340>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28341](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28341>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28342](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28342>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28344](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28344>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28345](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28345>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28346](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28346>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28352](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28352>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28353](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28353>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28354](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28354>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28355](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28355>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28356](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28356>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28357](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28357>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28358](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28358>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-28434](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28434>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-27091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27091>) | RPC Endpoint Mapper Service Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2021-27096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27096>) | NTFS Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-28317](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28317>) | Microsoft Windows Codecs Library Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-27089](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27089>) | Microsoft Internet Messaging API Remote Code Execution Vulnerability | No | No | 7.8 | No \n \n## Summary Graphs\n\n", "cvss3": {}, "published": "2021-04-13T17:37:00", "type": "rapid7blog", "title": "Patch Tuesday - April 2021", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-21194", "CVE-2021-21195", "CVE-2021-21196", "CVE-2021-21197", "CVE-2021-21198", "CVE-2021-21199", "CVE-2021-26413", "CVE-2021-26415", "CVE-2021-26416", "CVE-2021-26417", "CVE-2021-27064", "CVE-2021-27067", "CVE-2021-27072", "CVE-2021-27079", "CVE-2021-27086", "CVE-2021-27088", "CVE-2021-27089", "CVE-2021-27090", "CVE-2021-27091", "CVE-2021-27092", "CVE-2021-27093", "CVE-2021-27094", "CVE-2021-27095", "CVE-2021-27096", "CVE-2021-28309", "CVE-2021-28310", "CVE-2021-28311", "CVE-2021-28312", "CVE-2021-28313", "CVE-2021-28314", "CVE-2021-28315", "CVE-2021-28316", "CVE-2021-28317", "CVE-2021-28318", "CVE-2021-28319", "CVE-2021-28320", "CVE-2021-28321", "CVE-2021-28322", "CVE-2021-28323", "CVE-2021-28324", "CVE-2021-28325", "CVE-2021-28326", "CVE-2021-28327", "CVE-2021-28328", "CVE-2021-28329", "CVE-2021-28330", "CVE-2021-28331", "CVE-2021-28332", "CVE-2021-28333", "CVE-2021-28334", "CVE-2021-28335", "CVE-2021-28336", "CVE-2021-28337", "CVE-2021-28338", "CVE-2021-28339", "CVE-2021-28340", "CVE-2021-28341", "CVE-2021-28342", "CVE-2021-28343", "CVE-2021-28344", "CVE-2021-28345", "CVE-2021-28346", "CVE-2021-28347", "CVE-2021-28348", "CVE-2021-28349", "CVE-2021-28350", "CVE-2021-28351", "CVE-2021-28352", "CVE-2021-28353", "CVE-2021-28354", "CVE-2021-28355", "CVE-2021-28356", "CVE-2021-28357", "CVE-2021-28358", "CVE-2021-28434", "CVE-2021-28435", "CVE-2021-28436", "CVE-2021-28437", "CVE-2021-28438", "CVE-2021-28439", "CVE-2021-28440", "CVE-2021-28441", "CVE-2021-28442", "CVE-2021-28443", "CVE-2021-28444", "CVE-2021-28445", "CVE-2021-28446", "CVE-2021-28447", "CVE-2021-28448", "CVE-2021-28449", "CVE-2021-28450", "CVE-2021-28451", "CVE-2021-28452", "CVE-2021-28453", "CVE-2021-28454", "CVE-2021-28456", "CVE-2021-28457", "CVE-2021-28458", "CVE-2021-28459", "CVE-2021-28460", "CVE-2021-28464", "CVE-2021-28466", "CVE-2021-28468", "CVE-2021-28469", "CVE-2021-28470", "CVE-2021-28471", "CVE-2021-28472", "CVE-2021-28473", "CVE-2021-28475", "CVE-2021-28477", "CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-13T17:37:00", "id": "RAPID7BLOG:452CCDC1AEFFF7056148871E86A6FE26", "href": "https://blog.rapid7.com/2021/04/13/patch-tuesday-april-2021/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
Microsoft Windows AppX Deployment Service Directory Junction Denial-of-Service Vulnerability
