Tripwire’s April 2021 Patch Precedence Index (PPI) brings collectively vital vulnerabilities from Google Chrome and Microsoft.
First on the patch precedence record this month are patches for inadequate enter validation vulnerabilities in Google Chrome (Chromium). Exploits for these vulnerabilities have been lately added to the Metasploit Exploit Framework. These methods needs to be patched as quickly as potential.
Subsequent on the patch precedence record this month are patches for Microsoft Excel, Workplace, Phrase, and Outlook. These patches resolve 6 points together with distant code execution, reminiscence corruption, and knowledge disclosure vulnerabilities.
Subsequent are patches that have an effect on parts of the Home windows working methods. These patches resolve over 60 vulnerabilities, together with elevation of privilege, info disclosure, distant code execution, safety characteristic bypass, denial of service, and reminiscence corruption vulnerabilities. These vulnerabilities have an effect on core Home windows, Kernel, Distant Process Name, Speech Runtime, TCP/IP Driver, Early Launch Antimalware Driver, WLAN AutoConfig, Console Driver, Media, Diagnostics Hub, Overlay Filter, GDI+, Home windows Installer, NTFS, and others.
Up subsequent are patches for Hyper-V that resolve denial of service, elevation of privilege, info disclosure, and safety characteristic bypass vulnerabilities.
Lastly, directors ought to deal with server-side patches for Microsoft, which resolve points in Microsoft SharePoint, Change, SMB, and DNS. These patches resolve a number of points together with distant code execution, info disclosure, and denial of service.
BULLETINCVEExploit Framework – MetasploitCVE-2021-21220, CVE-2020-16040Microsoft OfficeCVE-2021-28453, CVE-2021-28452, CVE-2021-28456, CVE-2021-28451, CVE-2021-28454, CVE-2021-28449Home windows ICVE-2021-27072, CVE-2021-28310, CVE-2021-27096, CVE-2021-28312, CVE-2021-28320, CVE-2021-28440, CVE-2021-26415, CVE-2021-28437, CVE-2021-26413, CVE-2021-27086, CVE-2021-28445, CVE-2021-28317, CVE-2021-27079, CVE-2021-28311, CVE-2021-28318, CVE-2021-28350, CVE-2021-28348, CVE-2021-28349, CVE-2021-27088, CVE-2021-28435, CVE-2021-28309, CVE-2021-27093, CVE-2021-27094, CVE-2021-28357, CVE-2021-28356, CVE-2021-28355, CVE-2021-28354, CVE-2021-28329, CVE-2021-28353, CVE-2021-28352, CVE-2021-28358, CVE-2021-28327, CVE-2021-28331, CVE-2021-28330, CVE-2021-28333, CVE-2021-28332, CVE-2021-28335, CVE-2021-28338, CVE-2021-28334, CVE-2021-28337, CVE-2021-28336, CVE-2021-28339, CVE-2021-28434, CVE-2021-28340Home windows IICVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28315, CVE-2021-27095, CVE-2021-28316, CVE-2021-28443, CVE-2021-28438, CVE-2021-27089, CVE-2021-27091, CVE-2021-28326, CVE-2021-28322, CVE-2021-28321, CVE-2021-28313, CVE-2021-28446, CVE-2021-26417, CVE-2021-27090, CVE-2021-28351, CVE-2021-28436, CVE-2021-28347, CVE-2021-28439, CVE-2021-28319, CVE-2021-28442, CVE-2021-28447Microsoft Hyper-VCVE-2021-26416, CVE-2021-28314, CVE-2021-28441, CVE-2021-28444Microsoft Change ServerCVE-2021-28483, CVE-2021-28482, CVE-2021-28481, CVE-2021-28480Microsoft Home windows DNSCVE-2021-28323, CVE-2021-28328Home windows SMB ServerCVE-2021-28324, CVE-2021-28325Microsoft Workplace SharePointCVE-2021-28450