Homepage 5 Blog 5 Microsoft Patch Tuesday, May 2021 Review

Microsoft Patch Tuesday, May 2021 Review

Manage remote endpoints, deploy software and patches with a robust cloud-based Action1 RMM solution. Start your 2-week trial or use free forever for up to 50 endpoints.

Today, the second Tuesday of May, is Microsoft’s Patch Tuesday. This month’s patch release includes fixes for 55 CVEs – 50 classified as Important, one moderate, and four marked as critical. Microsoft also patched three zero-day vulnerabilities that were publicly disclosed but not yet exploited at the time of this release. The 55 fixes touch on various Microsoft products and services, including Exchange Server, Skype for Business, Visual Studio, MS Office, .NET Core, SharePoint Server, and Hyper-V.

Along with May’s patch cycle, Microsoft also rolled out cumulative updates for all supported versions of Windows. The freshly updated Windows 10 OS builds 19041.895 and 19042.895 mostly feature enhanced security for Windows System Core Components, browsers, and other basic functions, plus a couple of new peripheral drivers and UI elements.

Let’s get back to the security flaws addressed in this month’s patch dump. Here is an overview of the three zero-day vulnerabilities and other noteworthy fixes:

The Three Zero-day Vulnerabilities

This trio was publicly disclosed, but there were no reported cases of any active exploits in the wild.

CVE-2021-31204 – NET and Visual Studio Elevation of Privilege Vulnerability

This elevation of privilege bug was also first reported on GitHub. According to the explanation given, the flaw affects .NET 5.0 and .NET Core 3.1 when the user runs a single-file application on Unix-based Operating Systems, including Linux and Mac OS. Microsoft listed this fix as Important.

CVE-2021-31200 – Common Utilities RCE Vulnerability

CVE-2021-31207 is a moderate-severity flaw in Microsoft Exchange Server. It’s not clear how it got discovered, but it was part of the Pwn2Own 2021 hacking challenge organized by ZDI. There were three more patches for Microsoft Exchange Server fixing CVE-2021-31195CVE-2021-31198, and CVE-2021-31209, related to RCE and spoofing vulnerabilities.

Other Critical and Important Fixes in May’s Patch Bundle

CVE-2021-28476 – Hyper-V RCE Vulnerability

With a 9.9 score on the CVSS scale, CVE-2021-28476 topped the severity ranking for all the vulnerabilities addressed this month. However, according to Microsoft, a threat actor might be more inclined to exploit the loophole for a DoS attack rather than an outright RCE attack. Due to the complexity involved in a DoS attack, the severity level drops to 8.5, but the bug remains critically severe for the less sophisticated RCE exploit.

CVE-2021-31166 – HTTP Protocol Stack RCE Bug

This HTTP Protocol Stack RCE comes a close second in severity rating at 9.8. The potential exploit has a low complexity rating. An unauthenticated actor could execute code as kernel by simply sending a specially designed packet to the target server. Such an exploit does not require any user interaction, making it potentially wormable. The patch is a top priority for server systems running HTTP protocols, including Windows 10 machines configured as servers.

CVE-2020-24587 – Windows Wireless Networking Information Disclosure Flaw

This month’s patch release fixes a bug in Windows Wireless Networking that could allow an attacker to disclose the encrypted information in wireless packets on a vulnerable system. CVE-2020-24587 only scores a 6.5 CVSS, but little is known about its possible exploits. Since the flaw was first listed in 2020 – as two other CVEs in today’s release – it’s clear that Microsoft took some time to develop the fix.

CVE-2021-27068 – Visual Studio RCE Vulnerability

The new patch fixes a remote code execution bug in Visual Studio 2009. The exploit does not seem to need user interaction, so it’s still unclear how an attacker would utilize this flaw. And even though the attack may not require authentication to execute the remote code, the exploit’s complexity is ranked as Low. But it’s still an essential patch for Visual Studio users, particularly VB programmers.

Recommended Action

As usual, Microsoft recommends that users immediately install the new patches and updates on the vulnerable systems. Although none of the security bugs listed today have been exploited so far, the threat of potential exploits still stands. Keep your Windows systems updated to seal off any known and unknown security vulnerabilities. Click here to view the complete list of CVEs for May Patch Tuesday, showing the affected Windows systems, workarounds, and other useful notes.

Stay tuned for more on Windows updates and fixes in next month’s Patch Tuesday on June 8.

Never Miss an Update With Action1 Patch Management

New patches and features updates present opportunities to improve your IT performance and safeguard your digital assets against internal and external threats. It’s up to you to ensure that these patches are installed correctly and promptly to avoid compromising your IT security posture and efficiency.

With the Action1 patch management solution, you never have to worry about patches or other updates on your Windows systems. Action1 enables automated patching on Windows OS and features while allowing real-time control and visibility into the updates already installed and those that are missing. Our patch manager reinforces your endpoint security by automatically scanning and deploying all the necessary Windows updates as soon as they’re released.

Start your Action1 free trial today and sample the freedom, peace of mind, convenience, and reassurance of protecting your software infrastructure using the most robust and dependable automated patch management solution.

May 12, 2021

Related Articles

MSP Pricing Models Guide: Achieving MSP Profitability in 2021

MSP Pricing Models Guide: Achieving MSP Profitability in 2021

Managed IT services is one of the fastest-growing and most lucrative sectors of the business tech industry. The global IT services market is on track to hit $1.1 trillion by 2026, registering an 8.02 CAGR between 2021 and 2026. Although the managed IT market is...

Sure Strategies and Ways to Prevent Cyber Attacks

Sure Strategies and Ways to Prevent Cyber Attacks

Cybercriminals have been leveraging the latest in technology to plan and execute sophisticated cyberattacks. They use artificial intelligence, the Internet of things (IoT), bots, etc., to execute malware installations, ransomware infections, man-in-the-middle (MITM)...

About Action1 RMM

Action1 RMM is a cloud-based IT solution for remote monitoring and management, patching, and remote support.

Start your free two-week trial of Action1, or use RMM tools for free forever on 50 endpoints with no functionality limitations!


Submit a Comment

Your email address will not be published.

cloud patch management solutions action1

MSP Solution

Centralize endpoint management and boost efficiency of IT service delivery.

automated server patch management action compliance

Patch Management

Identify and deploy missing OS and third-party software updates.

cloud software deployment tools windows

Software Deployment

Distribute software and updates across managed endpoints.

software distribution tools software inventory action1

IT Asset Inventory

Keep a detailed inventory and manage hardware and software assets.

web client remote desktop

Remote Desktop

Support users via seamless remote desktop connection.

web based rdp client

Unattended Access

Provide administrative support and manage remote devices.

automated patch management action1

Endpoint Management

Run PowerShell, custom scripts, reboot computers and restart services.

API integrations action1


Integrate Action1 RMM to your IT ecosystem.

computer inventory tool for compliance

Reports and Alerts

Conduct endpoint security audits with comprehensive reporting.