Loading...
Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Patch Tuesday, April 2021

April's Patch Tuesday is upon us and it is showering us with patches for a total of 108 CVEs. This includes 20 CVEs rated a "Critical", 87 rated as "Important", and one single CVE rated as "Moderate".

More than half of the list of Critical CVEs affect Microsoft's Remote Procedure Call (RPC) Runtime. Twelve vulnerabilities in total affect the RPC software and could result in the remote execution of arbitrary code on an affected system. Microsoft Exchange server is also back in the Critical list with four RCE CVEs affecting that server software. After the “Hafnium” zero-day vulnerabilities exploited for MS Exchange earlier this year, these will bring a lot of attention despite there being no “in the wild” exploitation at this point.

On the list of CVEs rated as "Important" add an additional 16 patches for RCE vulnerabilities in RPC. Multiple Hyper-V, Azure, and Visual Studio vulnerabilities are also patched on that list. There are also multiple Denial of Service vulnerabilities including two in the TCP/IP protocol stack and a couple of dozen Privilege Escalation vulnerabilities including one in the NTFS filesystem driver.

Luckily this release doesn't include any public exploits for these vulnerabilities, so get patching as soon as you can and stay ahead of the criminals.

Critical

Azure Sphere Unsigned Code Execution Vulnerability
CVE-2021-28460
Remote Code Execution

Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483
Remote Code Execution

Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28343
Remote Code Execution

Windows Media Video Decoder Remote Code Execution Vulnerability
CVE-2021-27095, CVE-2021-28315, CVE-2021-28445
Remote Code Execution


Important

Azure AD Web Sign-in Security Feature Bypass Vulnerability
CVE-2021-27092
Security Feature Bypass

Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
CVE-2021-27067
Information Disclosure

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVE-2021-28459
Spoofing

Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability
CVE-2021-28458
Elevation of Privilege

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28313, CVE-2021-28321, CVE-2021-28322
Elevation of Privilege

Microsoft Excel Information Disclosure Vulnerability
CVE-2021-28456
Information Disclosure

Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-28451, CVE-2021-28454
Remote Code Execution

Microsoft Internet Messaging API Remote Code Execution Vulnerability
CVE-2021-27089
Remote Code Execution

Microsoft Office Remote Code Execution Vulnerability
CVE-2021-28449
Remote Code Execution

Microsoft Outlook Memory Corruption Vulnerability
CVE-2021-28452
Remote Code Execution

Microsoft SharePoint Denial of Service Update
CVE-2021-28450
Denial of Service

Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2021-28317
Information Disclosure

Microsoft Word Remote Code Execution Vulnerability
CVE-2021-28453
Remote Code Execution

NTFS Elevation of Privilege Vulnerability
CVE-2021-27096
Elevation of Privilege

Raw Image Extension Remote Code Execution Vulnerability
CVE-2021-28466, CVE-2021-28468
Remote Code Execution

Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28471
Remote Code Execution

Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28327, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434
Remote Code Execution

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
CVE-2021-27091
Elevation of Privilege

Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability
CVE-2021-28470
Remote Code Execution

Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability
CVE-2021-28448
Remote Code Execution

Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability
CVE-2021-28472
Remote Code Execution

Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28457, CVE-2021-28469, CVE-2021-28473, CVE-2021-28475, CVE-2021-28477
Remote Code Execution

Visual Studio Installer Elevation of Privilege Vulnerability
CVE-2021-27064
Elevation of Privilege

VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2021-28464
Remote Code Execution

Win32k Elevation of Privilege Vulnerability
CVE-2021-27072, CVE-2021-28310
Elevation of Privilege

Windows Application Compatibility Cache Denial of Service Vulnerability
CVE-2021-28311
Denial of Service

Windows AppX Deployment Server Denial of Service Vulnerability
CVE-2021-28326
Denial of Service

Windows Console Driver Denial of Service Vulnerability
CVE-2021-28438, CVE-2021-28443
Denial of Service

Windows DNS Information Disclosure Vulnerability
CVE-2021-28323, CVE-2021-28328
Information Disclosure

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
CVE-2021-27094, CVE-2021-28447
Security Feature Bypass

Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-27088
Elevation of Privilege

Windows Event Tracing Information Disclosure Vulnerability
CVE-2021-28435
Information Disclosure

Windows GDI+ Information Disclosure Vulnerability
CVE-2021-28318
Information Disclosure

Windows GDI+ Remote Code Execution Vulnerability
CVE-2021-28348, CVE-2021-28349, CVE-2021-28350
Remote Code Execution

Windows Hyper-V Denial of Service Vulnerability
CVE-2021-26416
Denial of Service

Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2021-28314
Elevation of Privilege

Windows Hyper-V Information Disclosure Vulnerability
CVE-2021-28441
Information Disclosure

Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2021-28444
Security Feature Bypass

Windows Installer Elevation of Privilege Vulnerability
CVE-2021-26415, CVE-2021-28440
Elevation of Privilege

Windows Installer Information Disclosure Vulnerability
CVE-2021-28437
Information Disclosure

Windows Installer Spoofing Vulnerability
CVE-2021-26413
Spoofing

Windows Kernel Information Disclosure Vulnerability
CVE-2021-27093, CVE-2021-28309
Information Disclosure

Windows Media Photo Codec Information Disclosure Vulnerability
CVE-2021-27079
Information Disclosure

Windows Overlay Filter Information Disclosure Vulnerability
CVE-2021-26417
Information Disclosure

Windows Portmapping Information Disclosure Vulnerability
CVE-2021-28446
Information Disclosure

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2021-28320
Elevation of Privilege

Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2021-27090
Elevation of Privilege

Windows Services and Controller App Elevation of Privilege Vulnerability
CVE-2021-27086
Elevation of Privilege

Windows SMB Information Disclosure Vulnerability
CVE-2021-28324, CVE-2021-28325
Information Disclosure

Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2021-28347, CVE-2021-28351, CVE-2021-28436
Elevation of Privilege

Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2021-28319, CVE-2021-28439
Denial of Service

Windows TCP/IP Information Disclosure Vulnerability
CVE-2021-28442
Information Disclosure

Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
CVE-2021-28316
Security Feature Bypass


Moderate

Windows NTFS Denial of Service Vulnerability
CVE-2021-28312
Denial of Service

Recent SpiderLabs Blog Posts