Patch Tuesday, April 2021
April's Patch Tuesday is upon us and it is showering us with patches for a total of 108 CVEs. This includes 20 CVEs rated a "Critical", 87 rated as "Important", and one single CVE rated as "Moderate".
More than half of the list of Critical CVEs affect Microsoft's Remote Procedure Call (RPC) Runtime. Twelve vulnerabilities in total affect the RPC software and could result in the remote execution of arbitrary code on an affected system. Microsoft Exchange server is also back in the Critical list with four RCE CVEs affecting that server software. After the “Hafnium” zero-day vulnerabilities exploited for MS Exchange earlier this year, these will bring a lot of attention despite there being no “in the wild” exploitation at this point.
On the list of CVEs rated as "Important" add an additional 16 patches for RCE vulnerabilities in RPC. Multiple Hyper-V, Azure, and Visual Studio vulnerabilities are also patched on that list. There are also multiple Denial of Service vulnerabilities including two in the TCP/IP protocol stack and a couple of dozen Privilege Escalation vulnerabilities including one in the NTFS filesystem driver.
Luckily this release doesn't include any public exploits for these vulnerabilities, so get patching as soon as you can and stay ahead of the criminals.
Critical
Azure Sphere Unsigned Code Execution Vulnerability
CVE-2021-28460
Remote Code Execution
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483
Remote Code Execution
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28343
Remote Code Execution
Windows Media Video Decoder Remote Code Execution Vulnerability
CVE-2021-27095, CVE-2021-28315, CVE-2021-28445
Remote Code Execution
Important
Azure AD Web Sign-in Security Feature Bypass Vulnerability
CVE-2021-27092
Security Feature Bypass
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
CVE-2021-27067
Information Disclosure
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVE-2021-28459
Spoofing
Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability
CVE-2021-28458
Elevation of Privilege
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28313, CVE-2021-28321, CVE-2021-28322
Elevation of Privilege
Microsoft Excel Information Disclosure Vulnerability
CVE-2021-28456
Information Disclosure
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-28451, CVE-2021-28454
Remote Code Execution
Microsoft Internet Messaging API Remote Code Execution Vulnerability
CVE-2021-27089
Remote Code Execution
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-28449
Remote Code Execution
Microsoft Outlook Memory Corruption Vulnerability
CVE-2021-28452
Remote Code Execution
Microsoft SharePoint Denial of Service Update
CVE-2021-28450
Denial of Service
Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2021-28317
Information Disclosure
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-28453
Remote Code Execution
NTFS Elevation of Privilege Vulnerability
CVE-2021-27096
Elevation of Privilege
Raw Image Extension Remote Code Execution Vulnerability
CVE-2021-28466, CVE-2021-28468
Remote Code Execution
Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28471
Remote Code Execution
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28327, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434
Remote Code Execution
RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
CVE-2021-27091
Elevation of Privilege
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability
CVE-2021-28470
Remote Code Execution
Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability
CVE-2021-28448
Remote Code Execution
Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability
CVE-2021-28472
Remote Code Execution
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28457, CVE-2021-28469, CVE-2021-28473, CVE-2021-28475, CVE-2021-28477
Remote Code Execution
Visual Studio Installer Elevation of Privilege Vulnerability
CVE-2021-27064
Elevation of Privilege
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2021-28464
Remote Code Execution
Win32k Elevation of Privilege Vulnerability
CVE-2021-27072, CVE-2021-28310
Elevation of Privilege
Windows Application Compatibility Cache Denial of Service Vulnerability
CVE-2021-28311
Denial of Service
Windows AppX Deployment Server Denial of Service Vulnerability
CVE-2021-28326
Denial of Service
Windows Console Driver Denial of Service Vulnerability
CVE-2021-28438, CVE-2021-28443
Denial of Service
Windows DNS Information Disclosure Vulnerability
CVE-2021-28323, CVE-2021-28328
Information Disclosure
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
CVE-2021-27094, CVE-2021-28447
Security Feature Bypass
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-27088
Elevation of Privilege
Windows Event Tracing Information Disclosure Vulnerability
CVE-2021-28435
Information Disclosure
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-28318
Information Disclosure
Windows GDI+ Remote Code Execution Vulnerability
CVE-2021-28348, CVE-2021-28349, CVE-2021-28350
Remote Code Execution
Windows Hyper-V Denial of Service Vulnerability
CVE-2021-26416
Denial of Service
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2021-28314
Elevation of Privilege
Windows Hyper-V Information Disclosure Vulnerability
CVE-2021-28441
Information Disclosure
Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2021-28444
Security Feature Bypass
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-26415, CVE-2021-28440
Elevation of Privilege
Windows Installer Information Disclosure Vulnerability
CVE-2021-28437
Information Disclosure
Windows Installer Spoofing Vulnerability
CVE-2021-26413
Spoofing
Windows Kernel Information Disclosure Vulnerability
CVE-2021-27093, CVE-2021-28309
Information Disclosure
Windows Media Photo Codec Information Disclosure Vulnerability
CVE-2021-27079
Information Disclosure
Windows Overlay Filter Information Disclosure Vulnerability
CVE-2021-26417
Information Disclosure
Windows Portmapping Information Disclosure Vulnerability
CVE-2021-28446
Information Disclosure
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2021-28320
Elevation of Privilege
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2021-27090
Elevation of Privilege
Windows Services and Controller App Elevation of Privilege Vulnerability
CVE-2021-27086
Elevation of Privilege
Windows SMB Information Disclosure Vulnerability
CVE-2021-28324, CVE-2021-28325
Information Disclosure
Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2021-28347, CVE-2021-28351, CVE-2021-28436
Elevation of Privilege
Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2021-28319, CVE-2021-28439
Denial of Service
Windows TCP/IP Information Disclosure Vulnerability
CVE-2021-28442
Information Disclosure
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
CVE-2021-28316
Security Feature Bypass
Moderate
Windows NTFS Denial of Service Vulnerability
CVE-2021-28312
Denial of Service
About the Author
Karl Sigler is Security Research Manager, SpiderLabs Threat Intelligence at Trustwave. Karl is a 20-year infosec veteran responsible for research and analysis of current vulnerabilities, malware and threat trends at Trustwave. Follow Karl on LinkedIn.
ABOUT TRUSTWAVE
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.