On Patchday in May, Microsoft eliminates 55 security problems. Security patches are available for download for Hyper-V, Internet Explorer, Office, SharePointServer and Windows, among others. Anyone using Microsoft software should ensure that Windows Update is active and the patches are installed.
Of the 55 vulnerabilities, four vulnerabilities are rated “critical” by Microsoft. A vulnerability (CVE-2021-31166) in the HTTP protocol stack (http-sys) is considered particularly dangerous, threatening Windows 10 2004, 20H2 and Windows Server 20H2.
Worm-like spread
In a warning message, Microsoft writes that attackers could remotely execute malicious code with kernel privileges without logging in. All they have to do is send prepared packages to vulnerable systems. If attacks work, malware could spread worm-like. This means that a Trojan could jump from one server to the next and thus infect entire networks.
More security vulnerabilities
Three vulnerabilities (CVE-2021-31200, CVE-2021-31204, CVE-2021-31207) are publicly known, according to Microsoft, but there are said to be no attacks yet. The vulnerabilities in .NET Core and Visual Studio are rated “important.” The vulnerability in Exchange Server with “moderate.” If attackers successfully exploit the vulnerabilities, they could gain higher privileges or even execute their own code.
The remaining vulnerabilities are rated “important”. After successful attacks, attackers could, among other things, access information that is actually sealed off or execute malicious code.
Microsoft lists more information about the security issues in its Security Update Guide. However, the website is rather confusing. The security researchers from Trend Micro’s Zero Day Initiative, for example, have listed it better.