Clever Geek Handbook

Update Tuesday: Microsoft has released the April security updates

Microsoft has released planned security updates covering 114 vulnerabilities, including 6 in Microsoft Edge and 4 in Exchange Server. 19 vulnerabilities were classified as Critical and 88 as Important. Among the closed vulnerabilities, two were publicly disclosed, and the exploitation of one of these vulnerabilities was recorded in real attacks (0-day).





In this article, I will cover the highlights of this release.





A summary of the number and type of vulnerabilities in the respective products is shown in the graph.





You should pay special attention to the following vulnerabilities and security updates.

CVE-2021-28329 RPC), Windows Windows Server. CVSS 8.8, .





CVE-2021-28313 Windows Diagnostics Hub. Windows 10 Windows Server 20H2, 2004, 1909. CVSS 7.8, .





CVE-2021-28347 Windows Speech. Windows 10. CVSS 7.8, .





CVE-2021-27091 RPC Endpoint Mapper, . Windows Server 2012. CVSS 7.8, .





 CVE-2021-27095 - Windows Media, Windows. CVSS 7.8, .





CVE-2021-28445 Windows Network File System (NFS. Windows Windows 10 Windows Server 1803. CVSS 8.1, .





CVE-2021-28451 Microsoft Excel. Microsoft Office 2019 for Windows/Mac, Microsoft Excel 2013-2016, Microsoft 365 Apps for Enterprise, Microsoft Office Online Server, Microsoft Office Web Apps Server 2013. CVSS 7.8, .





, โ€“ CVE-2021-28310 Win32k. Windows 10 Windows Server 20H2, 2004, 1909, 1809, 1803. CVSS 7.8.





 Exchange

Microsoft Exchange. Exchange Server 2013, 2016, 2019.





: Microsoft Exchange Server 2010, 2013, 2016, 2019. .





4 CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483 ยซยป, .





. CVSS 9.8 10 ( 8.8) .





, , :





  • Exchange Server 2013 CU23





  • Exchange Server 2016 CU19/CU20





  • Exchange Server 2019 CU8/CU9





Microsoft Exchange.





Microsoft Edge ( Chromium), Microsoft Office ( -), SharePoint Server, Visual Studio, VS Code, Azure DevOps Server, Azure Sphere, GitHub Pull Requests and Issues Extension Maven Java Extension.





, .





, Microsoft Edge ( EdgeHTML). Microsoft Edge Chromium. - .





Servicing Stack Updates (SSU) : Windows 10 1809, 1909, 2004, 20H2 Windows Server 2019, 1909.





2004, 20H2 SSU . , SSU, , , ,





Security Update Guide. Security Updates Guide, .





" " Microsoft.





, Microsoft, https://aka.ms/artsin.





, 90% *, , .





: CISSP, CCSP, MCSE, MC: Azure Security Engineer



Microsoft 





Twitter: https://aka.ms/artsin

YouTube: https://aka.ms/artsinvideo





*Vulnerability Review Report by Flexera







More articles:


All Articles