Microsoft Patch Tuesday – April 2021

Microsoft-Patch-Tuesday-June-2021

Microsoft released updates and security patches to fix 108 security flaws within Windows and other products. From these flaws, 19 CVEs are rated critical, 88 important, and 1 moderate CVE. Most of the vulnerabilities involve Remote Code Execution (RCE), Elevation of Privilege (EoP), and Denial of Service (DoS) flaws.

⚡ TL;DR | Go Straight to the April 2021 Patch Tuesday Audit Report.

"This month's release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers."

Microsoft

Microsoft Exchange Server Vulnerability

The National Security Agency (NSA) discovered 4 Remote Code Execution (RCE) vulnerabilities (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483) within the Microsoft Exchange Server. Two of these RCE vulnerabilities (CVE-2021-28480 and CVE-2021-28481) have a 9.8 CVSSv3 rating because these code execution flaws are unauthenticated and get be used without user interaction.

However, there have been no reports of exploitation in the wild of these vulnerabilities but Microsoft urges everybody to patch their systems as soon as possible.

Product nameCVE CodeCVE Code Description
Microsoft Exchange Server CVE-2021-28481Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-28480Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-28482Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-28483Remote Code Execution Vulnerability

Remote Procedure Call (RPC) Runtime Remote Code Execution Vulnerability

There are 12 RCE vulnerabilities within the RPC Runtime in the Windows operating system. It was a member of the 360 Vulnerability Research Group, Yuki Chen, who reported these bugs. Microsoft highlighted these vulnerabilities as "Exploitation Less Likely" in the April 2021 Patch Tuesday release. With a CVSSv3 of 8.8. In order to successfully exploit it, you need network access and a low privileged account.

Product nameCVE CodeCVE Code Description
Remote Procedure Call Runtime CVE-2021-28329Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28330Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28331Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28332Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28333Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28334Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28335Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28336Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28337Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28338Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28339Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28343Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28327Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28340Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28341Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28342Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28344Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28345Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28346Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28352Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28353Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28354Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28355Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28356Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28357Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28358Remote Code Execution Vulnerability
Remote Procedure Call Runtime CVE-2021-28434Remote Code Execution Vulnerability

Get Started with Lansweeper

Discover assets you don't even know about and learn why Lansweeper is used by thousands of organizations worldwide.

Win32k Elevation of Privilege Vulnerability

This EoP vulnerability exists within the Desktop Windows Manager. It has been actively exploited and allows an attacker to escalate their privileges in order to run a custom made program on the targeted system. The attackers will need to log on to a system or trick a user into running the code. The vulnerability has a CVSSv3 score of 7.8 and is not exploited in the wild but it could be used in malware to target browser or PDF bugs.

Product nameCVE CodeCVE Code Description
Desktop Window Manager CVE-2021-28310Elevation of Privilege Vulnerability

Run the Patch Tuesday (April 2021) Audit Report

Our experts created a Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. It's color-coded to give you an easy and quick overview of which assets are already on the latest Windows update, and which ones still need to be patched. As always, all admins are advised to install these security updates as soon as possible to protect Windows from security risks.

Sample Patch Tuesday Report

If you haven't already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.

Receive the Latest Patch Tuesday Report for FREE Every Month

  • Hidden
  • This field is for validation purposes and should be left unchanged.
Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

You may also like...

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​