Tuesday, May 11, 2021

Microsoft May 2021 Security Updates



The Microsoft May 2021 security updates have been released and consist of 55 CVEs.  Of these 55 CVEs, 4 are rated Critical, 50 Important, and 1 is rated Moderate in severity.

 

According to Microsoft, although three of the bugs are listed as being publicly known, none are listed as currently being exploited.

  

The  updates apply to the following products: .NET Core & Visual Studio, HTTP.sys, Internet Explorer, Microsoft Accessibility Insights for Webk, Microsoft Bluetooth Driver, Microsoft Dynamics Finance & Operations, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Windows Codecs Library, Microsoft Windows IrDA, Open Source Software, Role: Hyper-V, Skype for Business and Microsoft Lync, Visual Studio, Visual Studio Code, Windows Container , Isolation FS Filter Driver, Windows Container Manager Service, Windows Cryptographic Services, Windows CSC Service, Windows Desktop Bridge, Windows OLE, Windows Projected File System FS Filter, Windows RDP Client, Windows SMB, Windows SSDP Service, Windows WalletService, and Windows Wireless Networking.

 

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

 

For Windows 10 Version 1909, see KB5003209.

 

The KBs listed below contain information about known issues with the security updates:

 

KB Article

Applies To

5003169

Windows 10, Version 1909, Windows Server, Version 1909

5003171

Windows 10, Version 1809, Windows Server 2019

5003173

Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H2

5003197

Windows 10, Version 1607, Windows Server 2016

5003203

Windows Server 2012 (Security-only update)

5003208

Windows Server 2012 (Monthly Rollup)

5003209

Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

5003210

Windows Server 2008 SP2 (Monthly Rollup)

5003220

Windows 8.1 Windows Server 2012 R2 (Security-only update)

5003225

Windows Server 2008 SP2 (Security-only update)

5003228

Windows 7 SP2, Windows Server 2008 R2 (Security-only update)

5003233

Windows 7 SP2, Windows Server 2008 R2 (Monthly Rollup)

5003435

Exchange Server 2019, 2016, and 2013

 

 Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The May 2021 Security Update Review.

 

Additional Update Notes:

 

References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...





No comments: