Microsoft Patch Tuesday – May 2021 - Hexafusion Blog | Hexafusion
  • Contact Us At

    Vancouver: 604-757-2010

         Toronto: 416-236-6300

  • E-Mail Us @

     

Hexafusion Blog

Microsoft Patch Tuesday – May 2021

Microsoft-Patch-Tuesday-May-2021

Microsoft released its Patch Tuesday, May 2021 with updates and security patches to fix 55 security flaws within Windows and other products. From these flaws, 4 are rated as critical and 3 are zero-day vulnerabilities.

3 Zero-Day Vulnerabilities Fixed

In their Patch Tuesday of May 2021, three publicly-disclosed zero-day vulnerabilities were patched:

  • CVE-2021-31204 - .NET and Visual Studio Elevation of Privilege vulnerability
  • CVE-2021-31207 - Exchange Server Security Bypass Feature Vulnerability
  • CVE-2021-31200 - Common Utilities Remote Code Execution vulnerability.

Windows 10 End of Service

Windows 10 Version 1803 & Version 1809

Microsoft just released the last update for version 1803 of Windows 10 named KB5003174. This contains the new Microsoft Edge, updates to improve Windows OLE security, and updates for Bluetooth drivers. Version 1809 received the update KB5003171 which improves security when Windows performs basic operations, updates to improve the Windows OLE security, and updates for the Bluetooth drivers.

These updates remove the Edge Legacy desktop application (which is out of support) and install the new Edge. There are also security updates for Windows App Platform and Framework, Microsoft Scripting Engine, Windows Silicon Platform, and Windows Cryptography.

Remember that this is the latest security update for this version, start updating all your Windows 10 installations.

Windows 10 Version 1909

Version 1909 of Windows also received the last update (KB5003169) for the Home and Pro editions which updates an issue that might cause scroll bar controls to appear blank and not function. This issue affects 32-bit applications running on 64-bit Windows 10.

Other Vulnerability CVE Codes & Description

CVE Number CVE Title
CVE-2021-31936 Microsoft Accessibility Insights for Web Information Disclosure Vulnerability
CVE-2021-31214 Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-31213 Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
CVE-2021-31211 Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-31209 Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-31208 Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability
CVE-2021-31205 Windows SMB Client Security Feature Bypass Vulnerability
CVE-2021-31204 .NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2021-31200 Common Utilities Remote Code Execution Vulnerability
CVE-2021-31198 Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-31195 Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-31194 OLE Automation Remote Code Execution Vulnerability
CVE-2021-31193 Windows SSDP Service Elevation of Privilege Vulnerability
CVE-2021-31192 Windows Media Foundation Core Remote Code Execution Vulnerability
CVE-2021-31191 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVE-2021-31190 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
CVE-2021-31188 Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-31187 Windows WalletService Elevation of Privilege Vulnerability
CVE-2021-31186 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2021-31185 Windows Desktop Bridge Denial of Service Vulnerability
CVE-2021-31184 Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
CVE-2021-31182 Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2021-31181 Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2021-31180 Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31179 Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31178 Microsoft Office Information Disclosure Vulnerability
CVE-2021-31177 Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31176 Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31175 Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31174 Microsoft Excel Information Disclosure Vulnerability
CVE-2021-31173 Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31172 Microsoft SharePoint Spoofing Vulnerability
CVE-2021-31171 Microsoft SharePoint Information Disclosure Vulnerability
CVE-2021-31170 Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-31169 Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-31168 Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-31167 Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-31166 HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2021-31165 Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-28479 Windows CSC Service Information Disclosure Vulnerability
CVE-2021-28478 Microsoft SharePoint Spoofing Vulnerability
CVE-2021-28476 Hyper-V Remote Code Execution Vulnerability
CVE-2021-28474 Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-28465 Web Media Extensions Remote Code Execution Vulnerability
CVE-2021-28461 Dynamics Finance and Operations Cross-site Scripting Vulnerability
CVE-2021-28455 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2021-27068 Visual Studio Remote Code Execution Vulnerability
CVE-2021-26422 Skype for Business and Lync Remote Code Execution Vulnerability
CVE-2021-26421 Skype for Business and Lync Spoofing Vulnerability
CVE-2021-26419 Scripting Engine Memory Corruption Vulnerability
CVE-2021-26418 Microsoft SharePoint Spoofing Vulnerability
CVE-2020-26144 Windows Wireless Networking Spoofing Vulnerability
CVE-2020-24588 Windows Wireless Networking Spoofing Vulnerability
CVE-2020-24587 Windows Wireless Networking Information Disclosure Vulnerability
ADV990001 Latest Servicing Stack Updates
Internet Explorer 11 (IE11) desktop application re...
New Spectre Flaws in Intel and AMD CPUs Affect Bil...

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/

Customer Login

Contact us

Learn more about what Hexafusion can do for your business.

Vancouver:  604-757-2010
Toronto:  416-236-6300
 

Hexafusion
250 - 997 Seymour Street
Vancouver, British Columbia V6B 3M1