April 2021 Patch Tuesday – 108 Vulnerabilities, 19 Critical, Adobe
This month’s Microsoft Patch Tuesday addresses 108 vulnerabilities, of which 19 are rated critical severity and 88 are rated high severity. Adobe released patches for its Photoshop, Digital Editions, and Bridge products.
CVE-2021-28310: Win32k Elevation of Privilege Vulnerability
Microsoft released patches addressing another 0-day vulnerability (CVE-2021-28310). CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). There is a public exploit available which is being used in the wild. BITTER APT group is suspected of exploiting this CVE in the wild. This CVE has a temporal score of 7.2 from the vendor and should be prioritized for patching.
Microsoft Exchange Server Remote Code Execution (RCE) Vulnerabilities
Microsoft released patches to fix critical RCE vulnerabilities in MS Exchange Server: CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483. CVE-2021-28480 and CVE-2021-28481 have a critical severity score of 9.8 out of 10 and could be exploited without authentication.
Discover Patch Tuesday Vulnerabilities in VMDR
Qualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).
You can see all your impacted hosts by these vulnerabilities using the following QQL query:
vulnerabilities.vulnerability.qid:[`110377`, `110378`, `110379`, `375445`, `375446`, `375450`, `375451`, `375452`, `375453`, `375454`, `375455`, `50109`, `91757`, `91758`, `91759`, `91760`, `91761`]
Respond by Patching
VMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the “Missing” patches to identify and deploy the applicable, available patches in one go.
The following QQL will return the missing patches pertaining to this Patch Tuesday.
qid:110377 OR qid:110378 OR qid:110379 OR qid:375445 OR qid:375446 OR qid:375450 OR qid:375451 OR qid:375452 OR qid:375453 OR qid:375454 OR qid:375455 OR qid:50109 OR qid:91757 OR qid:91758 OR qid:91759 OR qid:91760 OR qid:91761
Patch Tuesday Dashboard
The current updated Patch Tuesday dashboards are available in Dashboard Toolbox: 2021 Patch Tuesday Dashboard.
Workstation Patches
Microsoft Office vulnerabilities should be prioritized for workstation-type devices.
Adobe
Adobe issued patches today covering multiple vulnerabilities in Photoshop, Digital Editions, and Bridge products. Patching Adobe Photoshop for CVE-2021-28542, CVE-2021-28549 and Digital Editions for CVE-2021-21100 should be prioritized due to their critical impact.
Webinar Series: This Month in Patches
To help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is excited to announce the start of a new monthly webinar series “This Month in Patches.”
In this new monthly webinar series, which will occur on every Thursday after Patch Tuesday, Qualys Research team will discuss some of the key vulnerabilities disclosed in the past month (including Microsoft Patch Tuesday) and how to patch them.
About Patch Tuesday
Patch Tuesday QIDs are published at Security Alerts, typically late in the evening of Patch Tuesday, followed shortly after by PT dashboards.
This post was first first published on Qualys Security Blog’ website by Anand Paturi. You can view it by clicking here