Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
qualysblogAnand PaturiQUALYSBLOG:A8EE36FB3E891C73934CB1C60E3B3D41
HistoryMay 11, 2021 - 9:53 p.m.

Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical

2021-05-1121:53:37
Anand Paturi
blog.qualys.com
325

0.973 High

EPSS

Percentile

99.9%

JSON

Microsoft Patch Tuesday – May 2021

Microsoft patched 55 CVEs in their May 2021 Patch Tuesday release, of which 4 are rated as critical severity. Three 0-day vulnerability patches were included in the release. As of this publication date, none have been exploited.

Qualys released 12 QIDs on the same day, providing vulnerability detection and patch management coverage (where applicable) for all 55 CVEs and the related KBs.

Critical Microsoft vulnerabilities patched:

CVE-2021-31181- SharePoint Remote Code Execution Vulnerability

Microsoft released patches addressing a critical RCE vulnerability in SharePoint (CVE-2021-31181). This CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 8.8 by the vendor.

CVE-2021-31166- HTTP Protocol Stack Remote Code Execution Vulnerability

Microsoft released patches addressing a critical RCE vulnerability in Windows. This vulnerability allows an unauthenticated attacker to remotely execute code as kernel. This is a wormable vulnerability where an attacker can simply send a malicious crafted packet to the target impacted web-server. CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 9.8 by the vendor.

CVE-2021-28476 - Hyper-V Remote Code Execution Vulnerability

Microsoft released patches addressing a critical RCE in Windows Server that impacts Hyper-V. Though the exploitation of this vulnerability is less likely (according to Microsoft), this should be prioritized for patching since adversaries can abuse this vulnerability and cause Denial of Service (DoS) in the form of a bug check. This CVE is assigned a CVSSv3 base score of 9.9 by the vendor.

Three 0-day vulnerabilities patched:

  • CVE-2021-31204 - .NET and Visual Studio Elevation of Privilege Vulnerability
  • CVE-2021-31207 - Microsoft Exchange Server Security Feature Bypass Vulnerability
  • CVE-2021-31200 - Common Utilities Remote Code Execution Vulnerability

Qualys QIDs Providing Coverage

QID Title Severity CVE ID
100415 Microsoft Internet Explorer Security Update for May 2021 Medium CVE-2021-26419
91762 Microsoft SharePoint Enterprise Server Multiple Vulnerabilities May 2021 High CVE-2021-31181
CVE-2021-31173
CVE-2021-31172
CVE-2021-31171
CVE-2021-26418
CVE-2021-28478
CVE-2021-28474
110381 Microsoft Office and Microsoft Office Services and Web Apps Security Update May 2021 High CVE-2021-31180
CVE-2021-31179
CVE-2021-31178
CVE-2021-31177
CVE-2021-31176
CVE-2021-31175
CVE-2021-31174
CVE-2021-28455
110382 Microsoft Skype for Business Server Security and Lync Server Update for May 2021 High CVE-2021-26421
CVE-2021-26422
375556 Visual Studio Code Remote Code Execution Vulnerability High CVE-2021-31214
CVE-2021-31211
375557 Visual Studio Code Remote Development for Containers Extension Remote Code Execution Vulnerability Medium CVE-2021-31213
50111 Microsoft Exchange Server Multiple Vulnerabilities - May 2021 High CVE-2021-31209
CVE-2021-31207
CVE-2021-31198
CVE-2021-31195
91762 Microsoft Windows Security Update for May 2021 Critical CVE-2021-31192
CVE-2021-31188
CVE-2021-31170
CVE-2021-28476
CVE-2021-31184
CVE-2021-31190
CVE-2021-31167
CVE-2021-31168
CVE-2021-31208
CVE-2021-31169
CVE-2021-31165
CVE-2021-1720
CVE-2021-28479
CVE-2021-31185
CVE-2021-31194
CVE-2021-31191
CVE-2021-31186
CVE-2021-31205
CVE-2021-31193
CVE-2021-31187
CVE-2020-26144
CVE-2020-24587
CVE-2020-24588
91763 Microsoft Visual Studio Security Update for May 2021 High CVE-2021-27068
CVE-2021-31204
91764 Microsoft Windows Web Media Extensions Remote Code Execution Vulnerability High CVE-2021-28465
91766 Microsoft .NET Core Security Update May 2021 Medium CVE-2021-31204
91767 Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability - May 2021 Critical CVE-2021-31166

Adobe Patch Tuesday – May 2021

Adobe addressed 46 CVEs this Patch Tuesday, of which 26 are rated as critical severity, including one critical 0-day (CVE-2021-28550) impacting Adobe Acrobat and Reader product.

Adobe products patches include the following: Experience Manager, InDesign, Illustrator, InCopy, Genuine Service, Acrobat and Reader, Magento, Creative Cloud Desktop Application, Media Encoder, After Effects, Medium, and Animate products.

Qualys released 5 QIDs on the same day, providing vulnerability detection for 30 of the 46 CVEs, including 8 rated as critical.

One 0-day vulnerability patched:

CVE-2021-28550

This is a Remote Code Execution vulnerability impacting Adobe Acrobat and Reader and is being actively exploited in the wild on Windows devices. Adversaries are able to execute arbitrary code in windows, including installing malicious applications and gaining complete access to target machines.

Adobe Security Bulletin QID Severity CVE ID
APSB21-22 Security updates available for Adobe InDesign 375549 Critical
Critical
Critical CVE-2021-21098
CVE-2021-21099
CVE-2021-21043
APSB21-24 Security update available for Adobe Illustrator 375551 Critical
Critical
Critical
Critical
Critical CVE-2021-21101
CVE-2021-21103
CVE-2021-21104
CVE-2021-21105
CVE-2021-21102
APSB21-29 Security update available for Adobe Acrobat and Reader 375547 Important
Critical
Important
Critical
Important
Critical
Critical
Critical
Critical
Critical
Important
Critical
Critical
Critical CVE-2021-28561
CVE-2021-28560
CVE-2021-28558
CVE-2021-28557
CVE-2021-28555
CVE-2021-28565
CVE-2021-28564
CVE-2021-21044
CVE-2021-21038
CVE-2021-21086
CVE-2021-28559
CVE-2021-28562
CVE-2021-28550
CVE-2021-28553
APSB21-32 Security update available for Adobe Media Encoder 375550 Important CVE-2021-28569
APSB21-35 Security update available for Adobe Animate7 375553 Important
Important
Important
Important
Important
Critical
Critical CVE-2021-28572
CVE-2021-28573
CVE-2021-28574
CVE-2021-28575
CVE-2021-28576
CVE-2021-28578
CVE-2021-28577

Discover Patch Tuesday Vulnerabilities in VMDR

Qualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).

You can see all your impacted hosts by these vulnerabilities using the following QQL query:

vulnerabilities.vulnerability:(qid:50111 OR qid:91762 OR qid:91763 OR qid:91764 OR qid:91766 OR qid:91767 OR qid:100415 OR qid:110380 OR qid:110381 OR qid:110382 OR qid:375547 OR qid:375549 OR qid:375550 OR qid:375551 OR qid:375553 OR qid:375556 OR qid:375557)

Respond by Patching

VMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the “Missing” patches to identify and deploy the applicable, available patches in one go.

The following QQL will return the missing patches pertaining to this Patch Tuesday.

qid:50111 OR qid:91762 OR qid:91763 OR qid:91764 OR qid:91766 OR qid:91767 OR qid:100415 OR qid:110380 OR qid:110381 OR qid:110382 OR qid:375547 OR qid:375549 OR qid:375550 OR qid:375551 OR qid:375553 OR qid:375556 OR qid:375557``

Patch Tuesday Dashboard

The current updated Patch Tuesday dashboards are available in Dashboard Toolbox: 2021 Patch Tuesday Dashboard.

Webinar Series: This Month in Patches

To help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is hosting a monthly webinar series This Month in Patches.

We discuss some of the key vulnerabilities disclosed in the past month and how to patch them:

  • 21Nails Exim Mail Server Multiple Vulnerabilities
  • Pulse Connect Secure Remote Code Execution Vulnerability (CVE-2021-22893)
  • Microsoft Patch Tuesday, May 2021

Join us live or watch on demand!

About Patch Tuesday

Patch Tuesday QIDs are published at Security Alerts, typically late in the evening of Patch Tuesday, followed shortly after by PT dashboards.

Related

rapid7blog 1
openvas 28
mskb 26
kaspersky 7
nessus 34
threatpost 2
adobe 4
thn 3
krebs 1
malwarebytes 1
archlinux 1
attackerkb 1
freebsd 1
freebsd_advisory 1
mscve 10
lenovo 2
hp 1
intel 1
cve 17
nvd 15
huntr 1
prion 16
cvelist 15
ics 1
srcincite 1
cnvd 3
zdi 4
talos 1
rapid7blog
rapid7blog
Patch Tuesday - May 2021
2021-05-11 23:44:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5003173)
2021-05-12 00:00:00
Adobe Reader 2017 Security Update (APSB21-29) - Mac OS X
2022-03-29 00:00:00
Adobe Acrobat Classic 2020 Security Update (APSB21-29) - Mac OS X
2022-03-29 00:00:00
mskb
mskb
May 11, 2021—KB5003173 (OS Builds 19041.985, 19042.985, and 19043.985)
2021-05-11 07:00:00
May 11, 2021—KB5003169 (OS Build 18363.1556)
2021-05-11 07:00:00
May 11, 2021—KB5003171 (OS Build 17763.1935)
2021-05-11 07:00:00
kaspersky
kaspersky
KLA12174 Multiple vulnerabilities in Microsoft Windows
2021-05-11 00:00:00
KLA12175 Multiple vulnerabilities in Microsoft Office
2021-05-11 00:00:00
KLA12187 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
2021-05-11 00:00:00
nessus
nessus
Adobe Reader <= 2017.011.30194 / 2020.001.30020 / 2021.001.20150 Multiple Vulnerabilities (APSB21-29)
2021-05-11 00:00:00
KB5003173: Windows 10 version 2004 / Windows 10 version 20H2 Security Update (May 2021)
2021-05-11 00:00:00
Adobe Acrobat <= 2017.011.30194 / 2020.001.30020 / 2021.001.20150 Multiple Vulnerabilities (APSB21-29) (macOS)
2021-05-11 00:00:00
threatpost
threatpost
Wormable Windows Bug Opens Door to DoS, RCE
2021-05-11 20:05:44
Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
2021-05-11 18:38:36
adobe
adobe
APSB21-29 Security update available for Adobe Acrobat and Reader
2021-05-11 00:00:00
APSB21-35 Security update available for Adobe Animate
2021-05-11 00:00:00
APSB21-24 Security update available for Adobe Illustrator
2021-05-11 00:00:00
thn
thn
Latest Microsoft Windows Updates Patch Dozens of Security Flaws
2021-05-12 09:15:00
Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild
2021-05-12 05:41:00
New UAF Vulnerability Affecting Microsoft Office to be Patched Today
2021-06-08 10:31:00
krebs
krebs
Microsoft Patch Tuesday, May 2021 Edition
2021-05-11 20:28:19
malwarebytes
malwarebytes
Get patching! Wormable Windows flaw headlines Patch Tuesday
2021-05-12 12:46:09
archlinux
archlinux
[ASA-202107-34] code: arbitrary code execution
2021-07-20 00:00:00
attackerkb
attackerkb
CVE-2021-31195
2021-05-11 00:00:00
freebsd
freebsd
FreeBSD-kernel -- Multiple WiFi issues
2022-03-15 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:02.wifi
2022-03-15 00:00:00
mscve
mscve
Windows Container Manager Service Elevation of Privilege Vulnerability
2021-05-11 07:00:00
Windows Desktop Bridge Denial of Service Vulnerability
2021-05-11 07:00:00
Microsoft Office Graphics Remote Code Execution Vulnerability
2021-05-11 07:00:00
lenovo
lenovo
Intel® PROSet and Wireless WiFi, Intel vPro® CSME WiFi, and Intel® Killer™ WiFi Advisory - Lenovo Support NL
2021-05-11 20:39:26
Aggregation and Fragmentation Attacks against Wi-Fi (FragAttacks) Vulnerabilities - Lenovo Support NL
2021-06-07 20:37:01
hp
hp
Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi May 2021 Security Updates
2021-05-14 00:00:00
intel
intel
Intel® PROSet/Wireless WiFi , Intel vPro® CSME WiFi and Killer™ WiFi Advisory Advisory
2021-05-11 00:00:00
cve
cve
CVE-2021-28574
2021-06-28 14:15:10
CVE-2021-31200
2021-05-11 19:15:10
CVE-2021-31172
2021-05-11 19:15:09
nvd
nvd
CVE-2021-31165
2021-05-11 19:15:09
CVE-2021-28555
2021-09-02 17:15:08
CVE-2021-28478
2021-05-11 19:15:09
huntr
huntr
Code Injection in microsoft/nni
2020-12-21 00:00:00
prion
prion
Remote code execution
2021-05-11 19:15:00
Privilege escalation
2021-05-11 19:15:00
Memory corruption
2021-09-08 17:15:00
cvelist
cvelist
CVE-2021-31200 Common Utilities Remote Code Execution Vulnerability
2021-05-11 19:11:39
CVE-2021-31211 Visual Studio Code Remote Code Execution Vulnerability
2021-05-11 19:11:43
CVE-2021-28573 Adobe Animate out-of-bounds read vulnerability could lead to information exposure
2021-05-11 00:00:00
ics
ics
Mitsubishi Electric GT25-WLAN (Update A)
2022-05-12 12:00:00
srcincite
srcincite
SRC-2021-0018 : Microsoft SharePoint Server OAuth Authorization Code Leak Elevation of Privilege Vulnerability
2020-10-29 00:00:00
cnvd
cnvd
Microsoft SharePoint Spoofing Vulnerability
2021-05-12 00:00:00
Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-66099)
2021-05-12 00:00:00
Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-66100)
2021-05-12 00:00:00
zdi
zdi
(Pwn2Own) Microsoft Exchange Server Missing Check of Message Integrity Vulnerability
2021-05-26 00:00:00
Microsoft Windows Groove Music FLAC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-05-13 00:00:00
(Pwn2Own) Microsoft Exchange Server OAB Arbitrary File Write Remote Code Execution Vulnerability
2021-07-22 00:00:00
talos
talos
Adobe Acrobat Reader DC JavaScript search query code execution vulnerability
2021-05-11 00:00:00

0.973 High

EPSS

Percentile

99.9%

JSON
Related for QUALYSBLOG:A8EE36FB3E891C73934CB1C60E3B3D41
rapid7blog1openvas28mskb26kaspersky7nessus34threatpost2adobe4thn3krebs1malwarebytes1archlinux1attackerkb1freebsd1freebsd_advisory1mscve10lenovo2hp1intel1cve17nvd15huntr1prion16cvelist15ics1srcincite1cnvd3zdi4talos1