Tuesday, May 11, 2021

Microsoft May 2021 Security Updates

The Microsoft May 2021 security updates have been released and consist of 55 CVEs.  Of these 55 CVEs, 4 are rated Critical, 50 Important, and 1 is rated Moderate in severity.


According to Microsoft, although three of the bugs are listed as being publicly known, none are listed as currently being exploited.


The  updates apply to the following products: .NET Core & Visual Studio, HTTP.sys, Internet Explorer, Microsoft Accessibility Insights for Webk, Microsoft Bluetooth Driver, Microsoft Dynamics Finance & Operations, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Windows Codecs Library, Microsoft Windows IrDA, Open Source Software, Role: Hyper-V, Skype for Business and Microsoft Lync, Visual Studio, Visual Studio Code, Windows Container , Isolation FS Filter Driver, Windows Container Manager Service, Windows Cryptographic Services, Windows CSC Service, Windows Desktop Bridge, Windows OLE, Windows Projected File System FS Filter, Windows RDP Client, Windows SMB, Windows SSDP Service, Windows WalletService, and Windows Wireless Networking.


Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.


For Windows 10 Version 1909, see KB5003209.


The KBs listed below contain information about known issues with the security updates:


KB Article

Applies To


Windows 10, Version 1909, Windows Server, Version 1909


Windows 10, Version 1809, Windows Server 2019


Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2


Windows 10, Version 1607, Windows Server 2016


Windows Server 2012 (Security-only update)


Windows Server 2012 (Monthly Rollup)


Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)


Windows Server 2008 SP2 (Monthly Rollup)


Windows 8.1 Windows Server 2012 R2 (Security-only update)


Windows Server 2008 SP2 (Security-only update)


Windows 7 SP2, Windows Server 2008 R2 (Security-only update)


Windows 7 SP2, Windows Server 2008 R2 (Monthly Rollup)


Exchange Server 2019, 2016, and 2013


 Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The May 2021 Security Update Review.


Additional Update Notes:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: