Malware Devil: Microsoft May 2021 Patch Tuesday, (Tue, May 11th)

This month we got patches for 55 vulnerabilities. Of these, 4 are critical, 3 were previously disclosed and none is being exploited according to Microsoft.

One of the critical vulnerabilities which requires special attention this month is a remote code execution (RCE) on HTTP Protocol Stack (CVE-2021-31166). An unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. This vulnerability requires no user authentication or interaction – thus, it is considered a wormable vulnerability. The vulnerability affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2 and has a CVSS score of 9.8.

A second critical vulnerabilities addressed this month is RCE affecing Hyper-V on virtually all supported Windows versions (CVE-2021-28476). Microsoft’s advisory states that the issue a guest VM to force the Hyper-V host’s kernel to read from an arbitrary, potentially invalid address. In most circumstances, this would result in a denial of service of the Hyper-V host due to reading an unmapped address, but it may also could lead to other types of compromise of the Hyper-V host’s security. The CVSS for this vulnerability is 9.9.

The other two critical vulnerabilities are a RCE on OLE Automation (CVE-2021-31194) associated with a CVSS of 7.50 and a Scripting Engine Memory Corruption Vulnerability (CVE-2021-26419) affecting Internet Explorer 11 with a CVSS of 6.40. None of four critical vulnerabilities was previously disclosed.

See my dashboard for a more detailed breakout: (https://patchtuesdaydashboard.com).

Description

CVE
Disclosed
Exploited
Exploitability (old versions)
current version
Severity
CVSS Base (AVG)
CVSS Temporal (AVG)

.NET and Visual Studio Elevation of Privilege Vulnerability

%%cve:2021-31204%%
Yes
No
Less Likely
Less Likely
Important
7.3
6.4

Common Utilities Remote Code Execution Vulnerability

%%cve:2021-31200%%
Yes
No
Less Likely
Less Likely
Important
7.2
6.7

Dynamics Finance and Operations Cross-site Scripting Vulnerability

%%cve:2021-28461%%
No
No
Less Likely
Less Likely
Important
6.1
5.5

HTTP Protocol Stack Remote Code Execution Vulnerability

%%cve:2021-31166%%
No
No
More Likely
More Likely
Critical
9.8
8.5

Hyper-V Remote Code Execution Vulnerability

%%cve:2021-28476%%
No
No
Less Likely
Less Likely
Critical
9.9
8.6

Microsoft Accessibility Insights for Web Information Disclosure Vulnerability

%%cve:2021-31936%%
No
No
Less Likely
Less Likely
Important
7.4
6.7

Microsoft Bluetooth Driver Spoofing Vulnerability

%%cve:2021-31182%%
No
No
Less Likely
Less Likely
Important
7.1
6.2

Microsoft Excel Information Disclosure Vulnerability

%%cve:2021-31174%%
No
No
Less Likely
Less Likely
Important
5.5
4.8

Microsoft Exchange Server Remote Code Execution Vulnerability

%%cve:2021-31195%%
No
No
Less Likely
Less Likely
Important
6.5
5.7

%%cve:2021-31198%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Microsoft Exchange Server Security Feature Bypass Vulnerability

%%cve:2021-31207%%
Yes
No
Less Likely
Less Likely
Moderate
6.6
5.8

Microsoft Exchange Server Spoofing Vulnerability

%%cve:2021-31209%%
No
No
Less Likely
Less Likely
Important
6.5
5.7

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability

%%cve:2021-28455%%
No
No
Less Likely
Less Likely
Important
8.8
7.7

Microsoft Office Graphics Remote Code Execution Vulnerability

%%cve:2021-31180%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Microsoft Office Information Disclosure Vulnerability

%%cve:2021-31178%%
No
No
Less Likely
Less Likely
Important
5.5
4.8

Microsoft Office Remote Code Execution Vulnerability

%%cve:2021-31175%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31176%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31177%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31179%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Microsoft SharePoint Information Disclosure Vulnerability

%%cve:2021-31171%%
No
No
Less Likely
Less Likely
Important
4.1
3.6

Microsoft SharePoint Remote Code Execution Vulnerability

%%cve:2021-31181%%
No
No
More Likely
More Likely
Important
8.8
7.7

Microsoft SharePoint Server Information Disclosure Vulnerability

%%cve:2021-31173%%
No
No
Less Likely
Less Likely
Important
5.3
4.8

Microsoft SharePoint Server Remote Code Execution Vulnerability

%%cve:2021-28474%%
No
No
More Likely
More Likely
Important
8.8
7.7

Microsoft SharePoint Spoofing Vulnerability

%%cve:2021-31172%%
No
No
Less Likely
Less Likely
Important
7.1
6.2

%%cve:2021-28478%%
No
No
Less Likely
Less Likely
Important
7.6
6.6

%%cve:2021-26418%%
No
No
Less Likely
Less Likely
Important
4.6
4.0

Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability

%%cve:2021-31184%%
No
No
Less Likely
Less Likely
Important
5.5
4.8

OLE Automation Remote Code Execution Vulnerability

%%cve:2021-31194%%
No
No
Less Likely
Less Likely
Critical
8.8
7.7

Scripting Engine Memory Corruption Vulnerability

%%cve:2021-26419%%
No
No
More Likely
More Likely
Critical
6.4
5.8

Skype for Business and Lync Remote Code Execution Vulnerability

%%cve:2021-26422%%
No
No
Less Likely
Less Likely
Important
7.2
6.3

Skype for Business and Lync Spoofing Vulnerability

%%cve:2021-26421%%
No
No
Less Likely
Less Likely
Important
6.5
5.7

Visual Studio Code Remote Code Execution Vulnerability

%%cve:2021-31211%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31214%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability

%%cve:2021-31213%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Visual Studio Remote Code Execution Vulnerability

%%cve:2021-27068%%
No
No
Less Likely
Less Likely
Important
8.8
7.7

Web Media Extensions Remote Code Execution Vulnerability

%%cve:2021-28465%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Windows CSC Service Information Disclosure Vulnerability

%%cve:2021-28479%%
No
No
Less Likely
Less Likely
Important
5.5
4.8

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

%%cve:2021-31190%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Windows Container Manager Service Elevation of Privilege Vulnerability

%%cve:2021-31165%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31167%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31168%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31169%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

%%cve:2021-31208%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Windows Desktop Bridge Denial of Service Vulnerability

%%cve:2021-31185%%
No
No
Less Likely
Less Likely
Important
5.5
4.8

Windows Graphics Component Elevation of Privilege Vulnerability

%%cve:2021-31170%%
No
No
More Likely
More Likely
Important
7.8
6.8

%%cve:2021-31188%%
No
No
More Likely
More Likely
Important
7.8
6.8

Windows Media Foundation Core Remote Code Execution Vulnerability

%%cve:2021-31192%%
No
No
Less Likely
Less Likely
Important
7.3
6.4

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability

%%cve:2021-31191%%
No
No
Less Likely
Less Likely
Important
5.5
4.8

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

%%cve:2021-31186%%
No
No
Less Likely
Less Likely
Important
7.4
6.4

Windows SMB Client Security Feature Bypass Vulnerability

%%cve:2021-31205%%
No
No
Less Likely
Less Likely
Important
4.3
3.8

Windows SSDP Service Elevation of Privilege Vulnerability

%%cve:2021-31193%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Windows WalletService Elevation of Privilege Vulnerability

%%cve:2021-31187%%
No
No
Less Likely
Less Likely
Important
7.8
6.8

Windows Wireless Networking Information Disclosure Vulnerability

%%cve:2020-24587%%
No
No
Less Likely
Less Likely
Important
6.5
5.7

Windows Wireless Networking Spoofing Vulnerability

%%cve:2020-24588%%
No
No
Less Likely
Less Likely
Important
6.5
5.7

%%cve:2020-26144%%
No
No
Less Likely
Less Likely
Important
6.5
5.7

—
Renato Marinho
Morphus Labs| LinkedIn|Twitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post Microsoft May 2021 Patch Tuesday, (Tue, May 11th) appeared first on Malware Devil.

https://malwaredevil.com/2021/05/11/microsoft-may-2021-patch-tuesday-tue-may-11th/?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-may-2021-patch-tuesday-tue-may-11th

Malware Devil

Malware Devil

Tuesday, May 11, 2021

Microsoft May 2021 Patch Tuesday, (Tue, May 11th)

No comments:

Post a Comment

Barbary Pirates and Russian Cybercrime

Blog Archive

About Me