Microsoft released updates and security patches to fix 108 security flaws within Windows and other products. From these flaws, 19 CVEs are rated critical, 88 important, and 1 moderate CVE. Most of the vulnerabilities involve Remote Code Execution (RCE), Elevation of Privilege (EoP), and Denial of Service (DoS) flaws.
⚡ TL;DR | Go Straight to the April 2021 Patch Tuesday Audit Report.
“This month’s release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers.”
Microsoft
Microsoft Exchange Server Vulnerability
The National Security Agency (NSA) discovered 4 Remote Code Execution (RCE) vulnerabilities (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483) within the Microsoft Exchange Server. Two of these RCE vulnerabilities (CVE-2021-28480 and CVE-2021-28481) have a 9.8 CVSSv3 rating because these code execution flaws are unauthenticated and get be used without user interaction.
However, there have been no reports of exploitation in the wild of these vulnerabilities but Microsoft urges everybody to patch their systems as soon as possible.
| Product name | CVE Code | CVE Code Description |
|---|---|---|
| Microsoft Exchange Server | CVE-2021-28481 | Remote Code Execution Vulnerability |
| Microsoft Exchange Server | CVE-2021-28480 | Remote Code Execution Vulnerability |
| Microsoft Exchange Server | CVE-2021-28482 | Remote Code Execution Vulnerability |
| Microsoft Exchange Server | CVE-2021-28483 | Remote Code Execution Vulnerability |
Remote Procedure Call (RPC) Runtime Remote Code Execution Vulnerability
There are 12 RCE vulnerabilities within the RPC Runtime in the Windows operating system. It was a member of the 360 Vulnerability Research Group, Yuki Chen, who reported these bugs. Microsoft highlighted these vulnerabilities as “Exploitation Less Likely” in the April 2021 Patch Tuesday release. With a CVSSv3 of 8.8. In order to successfully exploit it, you need network access and a low privileged account.
| Product name | CVE Code | CVE Code Description |
|---|---|---|
| Remote Procedure Call Runtime | CVE-2021-28329 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28330 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28331 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28332 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28333 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28334 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28335 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28336 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28337 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28338 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28339 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28343 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28327 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28340 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28341 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28342 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28344 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28345 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28346 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28352 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28353 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28354 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28355 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28356 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28357 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28358 | Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime | CVE-2021-28434 | Remote Code Execution Vulnerability |
Get Started with Lansweeper
Discover assets you don’t even know about and learn why Lansweeper is used by thousands of organizations worldwide.
TRY NOWWin32k Elevation of Privilege Vulnerability
This EoP vulnerability exists within the Desktop Windows Manager. It has been actively exploited and allows an attacker to escalate their privileges in order to run a custom made program on the targeted system. The attackers will need to log on to a system or trick a user into running the code. The vulnerability has a CVSSv3 score of 7.8 and is not exploited in the wild but it could be used in malware to target browser or PDF bugs.
| Product name | CVE Code | CVE Code Description |
|---|---|---|
| Desktop Window Manager | CVE-2021-28310 | Elevation of Privilege Vulnerability |
Run the Patch Tuesday (April 2021) Audit Report
Our experts created a Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. It’s color-coded to give you an easy and quick overview of which assets are already on the latest Windows update, and which ones still need to be patched. As always, all admins are advised to install these security updates as soon as possible to protect Windows from security risks.
If you haven’t already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.
Receive the Latest Patch Tuesday Report for FREE Every Month
"*" indicates required fields
