Microsoft April 2021 Security Update

Microsoft has released its monthly security update for the month of April addressing a collection of vulnerabilities, including five (5) zero-day flaws and four (4) additional Microsoft Exchange vulnerabilities. Minimal information is given for the zero-day vulnerabilities, but successful exploitations could allow threat actors an elevation of privilege, denial of service (DoS) attacks, and information disclosure. In addition, one (1) of the said vulnerabilities was identified to be actively exploited by threat actors in the wild.

______________________________

A. Nature of the Vulnerabilities

The following zero-day vulnerabilities were tracked as:

CVE-2021-27091, RPC endpoint mapper service elevation of privilege vulnerability
CVE-2021-28312, Windows NTFS Denial of Service vulnerability
CVE-2021-28437, Windows installer information disclosure vulnerability
CVE-2021-28458, Azure ms-rest-nodeauth library elevation of privilege vulnerability
CVE-2021-28310, Win32k elevation of privilege vulnerability, which is actively exploited in the wild

Newly discovered Microsoft Exchange Server vulnerabilities were tracked as:

CVE-2021-28480, Microsoft exchange server remote code execution vulnerability
CVE-2021-28481, Microsoft exchange server remote code execution vulnerability
CVE-2021-28482, Microsoft exchange server remote code execution vulnerability
CVE-2021-28483, Microsoft exchange server remote code execution vulnerability

______________________________

B. List of Vulnerable Systems

Affected Windows systems/products are as follows:

Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
Azure/ms-rest-nodeauth Package

Affected Microsoft Exchange Server are as follows:

Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 19
Microsoft Exchange Server 2016 Cumulative Update 20
Microsoft Exchange Server 2019 Cumulative Update 8
Microsoft Exchange Server 2019 Cumulative Update 9

______________________________

C. Actions to be Taken

Immediately test and apply the corresponding patched versions of the affected Windows systems/products from the Microsoft Security Response Center (MSRC) Security Update Guide. (https://msrc.microsoft.com/update-guide)