Learn Search

Search across all Learn content

← Back to Security Research
Patch Tuesday: Microsoft Security Bulletin Summary for April 2021

Patch Tuesday: Microsoft Security Bulletin Summary for April 2021

Microsoft Security Bulletin April 2021 has released Patch Tuesday, security updates with a total of 108 vulnerabilities in the family of Windows operating systems and related products. In the release by Microsoft, 19 were rated as Critical and 89 as Important. Six Chromium Edge vulnerabilities relea...

Apr 13, 2021By Vishesh S4 min read

Microsoft Security Bulletin April 2021 has released Patch Tuesday, security updates with a total of 108 vulnerabilities in the family of Windows operating systems and related products. In the release by Microsoft, 19 were rated as Critical and 89 as Important. Six Chromium Edge vulnerabilities released earlier this month have not been included in these numbers. A good vulnerability management tool can prevent these attacks.

There were five zero-day reported this month with Patch Tuesday updates that were publicly disclosed, with one known to be used in active attacks. Microsoft has also fixed four critical vulnerabilities in Microsoft Exchange that were discovered by NSA. Vulnerability Management System can resolve these issues.

Zero-day vulnerabilities

Among the five zero-day bugs reported, one flaw is found to be used in active attacks.

Win32k Elevation of Privilege Vulnerability, CVE-2021-28310

Kaspersky believes that the BITTER APT group exploited the CVE-2021-28310 bug. In a blog, Kaspersky said

We believe this exploit is used in the wild, potentially by several threat actors. It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits to escape sandboxes or get system privileges for further access.

The other four zero-day flaws are,

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability, CVE-2021-27091

Windows NTFS Denial of Service Vulnerability, CVE-2021-28312

Windows Installer Information Disclosure Vulnerability, CVE-2021-28437

Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability, CVE-2021-28458

Interesting Vulnerabilities

Azure Sphere Unsigned Code Execution Vulnerability | CVE-2021-28460

A remote code execution vulnerability exists in Azure Sphere. Microsoft reported “Exploitation Less Likely” as the flaw exploitability is told to be difficult. At the time of writing the blog, there are neither technical details nor an exploit publicly available.

Microsoft Exchange Server Remote Code Execution Vulnerability | CVE-2021-28480

A remote code execution vulnerability exists in Microsoft Exchange Server. The flaw has been rated as critical with the CVSSv3 score of 9.8 by Microsoft. To exploit the flaw, an attacker does not require any privileges, i.e., a pre-authentication vulnerability. Microsoft reported the flaw to be as “Exploitation More Likely“.

Three more Microsoft Exchange Server flaws were addressed by the company, CVE-2021-28481CVE-2021-28482, and CVE-2021-28483.

Remote Procedure Call Runtime Remote Code Execution Vulnerability | CVE-2021-28329

A remote code execution vulnerability exists due to an error in remote procedure call runtime. The flaw allows remote authenticated attackers to execute arbitrary code on the affected system. Microsoft has assigned the flaw CVSSv3 score of 8.8.

Microsoft security bulletin summary for April 2021

  • Azure Sphere
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Visual Studio
  • Visual Studio Code

1)Product: Azure SphereCVEs/Advisory: CVE-2021-28460Impact: Remote Code ExecutionSeverity: Critical

2)Product: Microsoft Edge (Chromium-based)CVEs/Advisory:CVE-2021-21194, CVE-2021-21195, CVE-2021-21196, CVE-2021-21197, CVE-2021-21198, CVE-2021-21199

3)Product: Exchange ServerCVEs/Advisory: CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483Impact: Remote Code ExecutionSeverity: CriticalKBs: 5001779

4)Product: Microsoft Office ExcelCVEs/Advisory: CVE-2021-27053, CVE-2021-27054, CVE-2021-27057, CVE-2021-28449, CVE-2021-28451, CVE-2021-28454, CVE-2021-28456Impact: Remote Code ExecutionSeverity: ImportantKBs: 3017810, 4493233, 4493239, 4504707, 4504721, 4504735

5)Product: Microsoft Office OutlookCVEs/Advisory: CVE-2021-28452Impact: Remote Code ExecutionSeverity: ImportantKBs: 4493185, 4504712, 4504733

6)Product: Microsoft Office SharePointCVEs/Advisory: CVE-2021-28450, CVE-2021-28453Impact: Remote Code Execution, Denial of ServiceSeverity: ImportantKBs: 4493170, 4493201, 4504701, 4504709, 4504715, 4504716, 4504719, 4504723

7)Product: Microsoft Office WordCVEs/Advisory: CVE-2021-28453Impact: Remote Code ExecutionSeverity: ImportantKBs: 4493198, 4493208, 4493218

8)Product: Visual Studio and Visual Studio CodeCVEs/Advisory: CVE-2021-27064, CVE-2021-28313, CVE-2021-28321, CVE-2021-28322, CVE-2021-28448, CVE-2021-28457, CVE-2021-28469, CVE-2021-28470, CVE-2021-28471, CVE-2021-28472, CVE-2021-28473, CVE-2021-28475, CVE-2021-28477Impact: Remote Code Execution, Elevation of PrivilegeSeverity: ImportantKBs: 5001292

SanerNow detects these vulnerabilities and automatically fixes them by applying security updates. Use SanerNow and keep your systems updated and secure.

Patch Tuesday: Microsoft Security Bulletin Summary for April 2021 | SecPod