Microsoft Patch Tuesday, May 2021 Edition

Microsoft Fixes were released today to fill at least 55 vulnerabilities in the Windows Operating systems and other software. Malware and content can exploit four of these vulnerabilities to take full remote control of vulnerable systems without the help of users. On deck this month, there are fixes to quell a viable worm flaw, a crawling radio bug, and another cause of Microsoft’s death. Internet navigator (IE) web browser.

While May brings about half the normal volume of Microsoft updates, there are some notable weaknesses that deserve immediate attention, particularly from businesses. By all accounts, this month’s most urgent priority is CVE-2021-31166, a flaw in Windows 10 and Windows Server that allows an unauthenticated attacker to remotely execute malicious code at the operating system level. With this vulnerability, an attacker can compromise a host simply by sending a specially prepared data packet.

He said: “This makes this bug vulnerable to viruses, even if Microsoft calls it in its writings.” Dustin Childs, With ZDI de Trend Micro A program. “Before leaving this aside, Windows 10 can also be configured as a web server, so it is affected as well. Definitely put this at the top of the test and deployment list. “

Kevin Breen from Immersive labs He said that the fact that this is only 0.2 points from an ideal CVSS score of 10 should be enough to determine how important the correction is.

“For ransomware operators, this type of vulnerability is a primary target for exploitation,” Breen said. “Helminthic exploits should always have a high priority, especially if they are for services that are designed to be publicly friendly. Since this specific exploit does not require any authentication, it is more attractive to attackers and any organization using the HTTP.sys protocol package should prioritize this fix. “

See also  SF9 Chan-hee, 'Unfortunate Power' with mature acting skills, added a lovely bad luck character Pilmo with 'Jinx'

Brian also drew attention to CVE-2021-26419 – a loophole in Internet Explorer 11 – Demonstrate why IE should represent “Internet Explorer”. To trigger this vulnerability, a user must visit a site that the attacker controls, although Microsoft also understands that it can be triggered by embedding ActiveX controls in Office documents.

Breen said, “I need to die, and I’m not the only one who thinks that.” “If you are an organization that has to provide IE11 to support legacy applications, consider enforcing a user policy that restricts the domains IE11 can access only for those legacy applications. The rest of the web browsing must be done with a compatible browser ”.

Another strange bug fixed this month is CVE-2020-24587, described as “a security vulnerability in the disclosure of information on Windows wireless networks.” ZDI’s Childs said it has the potential to be very harmful.

“This patch fixes a security flaw that could allow an attacker to detect the content of encrypted wireless packets on an affected system,” he said. “It is not clear how far away such an attack could be, but you have to assume that some proximity is needed. You’ll also notice that this CVE is from 2020, which may indicate that Microsoft has been working on this fix for quite some time. “”

Microsoft has also patched four other vulnerabilities. Exchange server The company’s email platform, which was recently surrounded by attacks on four other flaws in Bursa, zero-day As a result, hundreds of thousands of servers were hacked around the world. Thanks to one of the errors Tsai naranja From the DEVCORE Research Team, Responsible for Detecting the Exchange Server ProxyLogon Vulnerability Fixed Out of Range Release in March.

Researcher Orange Tsai commented that no one has guessed that the distant Zero Day reported on January 5, 2021 to Microsoft was on the Exchange Server.

“Although none of these flaws are considered critical in nature, it is a reminder that researchers and attackers are still looking closely at Exchange Server for additional security vulnerabilities, so organizations that have not yet upgraded their systems should do it asap. ” Satnam narang, Personnel Research Engineer at Can be defended.

See also  Valve is sued for abusing Steam to keep prices high on its games.

As always, it’s good for Windows users to get into the habit of updating at least once a month, but for regular users (read: non-business), it’s safe to wait a few days until patches are released, which is why Microsoft has time to resolve any kinks in the new’s shield.

But before the update, Please Make sure to back up your system and / or important files. It is not uncommon for a Windows update package to hide or prevent the system from starting properly, and some updates have been known to delete or corrupt files.

So do yourself a favor and make a backup before installing any patches. Windows 10 has some built-in Tools to help you do this, either by file / folder or by making a full bootable copy of your hard drive in one go.

And if you want to make sure Windows is set to pause the update so that you can back up your files and / or system before the operating system decides to reboot and install patches on its own schedule, see this guide.

If you find any vulnerabilities or problems installing any of these patches this month, please consider leaving a comment on this topic below; There are more chances that other readers have even tried the same and can respond here with some helpful tips.

Leave a Comment