You are currently viewing Patch Tuesday: Microsoft Security Bulletin Summary for April 2021

Patch Tuesday: Microsoft Security Bulletin Summary for April 2021

Microsoft has released April Patch Tuesday, security updates with a total of 108 vulnerabilities in the family of Windows operating systems and related products. In the release by Microsoft, 19 were rated as Critical and 89 as Important. Six Chromium Edge vulnerabilities released earlier this month have not been included in these numbers.

There were five zero-day reported this month with Patch Tuesday updates that were publicly disclosed, with one known to be used in active attacks. Microsoft has also fixed four critical vulnerabilities in Microsoft Exchange that were discovered by NSA.


Zero-day vulnerabilities

Among the five zero-day bugs reported, one flaw is found to be used in active attacks.

Win32k Elevation of Privilege Vulnerability, CVE-2021-28310

Kaspersky believes that the BITTER APT group exploited the CVE-2021-28310 bug. In a blog, Kaspersky said

We believe this exploit is used in the wild, potentially by several threat actors. It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits to escape sandboxes or get system privileges for further access.

The other four zero-day flaws are,

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability, CVE-2021-27091

Windows NTFS Denial of Service Vulnerability, CVE-2021-28312

Windows Installer Information Disclosure Vulnerability, CVE-2021-28437

Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability, CVE-2021-28458


Interesting Vulnerabilities

Azure Sphere Unsigned Code Execution Vulnerability | CVE-2021-28460

A remote code execution vulnerability exists in Azure Sphere. Microsoft reported “Exploitation Less Likely” as the flaw exploitability is told to be difficult. At the time of writing the blog, there are neither technical details nor an exploit publicly available.

Microsoft Exchange Server Remote Code Execution Vulnerability | CVE-2021-28480

A remote code execution vulnerability exists in Microsoft Exchange Server. The flaw has been rated as critical with the CVSSv3 score of 9.8 by Microsoft. To exploit the flaw, an attacker does not require any privileges, i.e., a pre-authentication vulnerability. Microsoft reported the flaw to be as “Exploitation More Likely“.

Three more Microsoft Exchange Server flaws were addressed by the company, CVE-2021-28481CVE-2021-28482, and CVE-2021-28483.

Remote Procedure Call Runtime Remote Code Execution Vulnerability | CVE-2021-28329

A remote code execution vulnerability exists due to an error in remote procedure call runtime. The flaw allows remote authenticated attackers to execute arbitrary code on the affected system. Microsoft has assigned the flaw CVSSv3 score of 8.8.


Microsoft security bulletin summary for April 2021

  • Azure Sphere
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Visual Studio
  • Visual Studio Code

Product: Azure Sphere
CVEs/Advisory: CVE-2021-28460
Impact: Remote Code Execution
Severity: Critical


Product: Microsoft Edge (Chromium-based)
CVEs/Advisory: CVE-2021-21194, CVE-2021-21195, CVE-2021-21196, CVE-2021-21197, CVE-2021-21198, CVE-2021-21199


Product: Exchange Server
CVEs/Advisory: CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483
Impact: Remote Code Execution
Severity: Critical
KBs: 5001779


Product: Microsoft Office Excel
CVEs/Advisory: CVE-2021-27053, CVE-2021-27054, CVE-2021-27057, CVE-2021-28449, CVE-2021-28451, CVE-2021-28454, CVE-2021-28456
Impact: Remote Code Execution
Severity: Important
KBs: 3017810, 4493233, 4493239, 4504707, 4504721, 4504735


Product: Microsoft Office Outlook
CVEs/Advisory: CVE-2021-28452
Impact: Remote Code Execution
Severity: Important
KBs: 4493185, 4504712, 4504733


Product: Microsoft Office SharePoint
CVEs/Advisory: CVE-2021-28450, CVE-2021-28453
Impact: Remote Code Execution, Denial of Service
Severity: Important
KBs: 4493170, 4493201, 4504701, 4504709, 4504715, 4504716, 4504719, 4504723


Product: Microsoft Office Word
CVEs/Advisory: CVE-2021-28453
Impact: Remote Code Execution
Severity: Important
KBs: 4493198, 4493208, 4493218


Product: Visual Studio and Visual Studio Code
CVEs/Advisory: CVE-2021-27064, CVE-2021-28313, CVE-2021-28321, CVE-2021-28322, CVE-2021-28448, CVE-2021-28457, CVE-2021-28469, CVE-2021-28470, CVE-2021-28471, CVE-2021-28472, CVE-2021-28473, CVE-2021-28475, CVE-2021-28477
Impact: Remote Code Execution, Elevation of Privilege
Severity: Important
KBs: 5001292


SanerNow detects these vulnerabilities and automatically fixes them by applying security updates. Use SanerNow and keep your systems updated and secure.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments