Virtual Administrator’s April 2021 Patch Recommendations

Patch Recommendations

This month Microsoft released patches for 110 vulnerabilities with 19 rated “Critical” and 88 “Important” in severity.

Lots of patches this month but no major problems associated after installing them.  The NSA reported 4 flaws in Exchange Server versions 2013 to 2019 (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483). These are Remote Code Execution (RCE) vulnerabilities and should be addressed immediately by installing KB5001779.  Also of concern is a Win32k elevation of privilege vulnerability (CVE-2021-28310) actively being exploited in Windows 10.  New SSUs and older versions of Windows 10 are reaching end of service next month – see details below.

 

Disclosed: CVE-2021-27091,CVE-2021-28312,CVE-2021-28437,CVE-2021-28458

Exploited: CVE-2021-28310

 

FYI

Windows 10, version 1909 will reach end of service on May 11, 2021 for devices running the Home, Pro, Pro for Workstation, and Server SAC editions.

https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-1909

Windows 10, version 1809 will reach end of service on May 11, 2021 for devices running the Enterprise, Education, and IoT Enterprise editions.

https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-1809-and-windows-server-2019

Windows 10, version 1803, all editions, will reach end of service on May 11, 2021.

https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-1803

 

Security Update Guide

https://portal.msrc.microsoft.com/en-us/security-guidance

 

Morphus Labs patch dashboard here: https://patchtuesdaydashboard.com

 

We will no longer listing “affected software” in this post. Previously Microsoft listed affected “software”. This month the list includes “products, features and roles” which makes the list too long. If you look at the month’s Release Notes on the Security Update Guide page you can view this list.

 

Microsoft Security Advisories

 

ADV990001 | Latest Servicing Stack Updates (Published:11/13/2018 | Last Updated:04/13/2021)

https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001

Reason for Revision: A Servicing Stack Update has been released for some versions of Windows.

NOTE: The Windows 10 20H2 and Windows 10 2004 Security Stack Update is included in the Update Package as of the March 2021 release. If you have not yet updated to the current release, the previous Security Stack Update for these versions is KB4598481. This version needs to be installed before updating to the March 2021 update.

Known Issues

Outside of the SharePoint Server problem listed below there are no significant issues reported so far this month.

 

KB4504716 SharePoint Server 2019 (also KB4504715 SharePoint Server 2019 Language Pack)

https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-sharepoint-server-2019-april-13-2021-kb4504716-88cc457a-cc0d-def3-b162-4674b7f45ac2

Symptom: After you install this update, you can no longer delete list item attachments in the item detail panel.

Status: Microsoft is investigating this issue and will post more information in this article when a fix becomes available.

Workaround: To work around this issue, see KB 5003294.

https://support.microsoft.com/en-us/topic/unable-to-delete-list-item-attachments-in-item-detail-panel-kb5003294-4819766a-c448-42ae-9b2b-e5d6b809cf0e

 

Good resource for known issues with Windows 10 patches. Find the version and click on “Known issues”.

Windows 10 release information

https://docs.microsoft.com/en-us/windows/release-health/

 

Monthly Rollup/Security Only/Windows 10/Server 2016,2019 KBs

Links are https://support.microsoft.com/en-us/help/####### with the KB number only.

 

Security and Quality Rollup

  • KB5001335 – Windows 7, Windows Server 2008 R2 (ESU)
  • KB5001382 – Windows 8.1, Windows Server 2012 R2
  • KB5001387 – Windows Server 2012
  • KB5001389 – Windows Server 2008 (ESU)

 

Security Only Update

  • KB5001392 – Windows 7, Windows Server 2008 R2 (ESU)
  • KB5001393 – Windows 8.1, Windows Server 2012 R2
  • KB5001383 – Windows Server 2012
  • KB5001332 – Windows Server 2008 (ESU)

 

Cumulative Update for Windows 10

  • KB5001340 – Original release version 1507 (OS Build 10240)
  • None – Version 1511 (OS Build 10586)
  • KB5001347 – Version 1607 “Anniversary Update” (OS Build 14393)
  • None – Version 1703 “Creators Update” (OS Build 15063)
  • None – Version 1709 “Fall Creators Update” (OS Build 16299)
  • KB5001339 – Version 1803 “Spring Creators Update” (OS Build 17134)
  • KB5001342 – Version 1809 “October 2018 Update” (OS Build 17763)
  • None – Version 1903 “May 2019 Update” (OS Build 18362)
  • KB5001337 – Version 1909 “November 2019 Update” (OS Build 18363)
  • KB5001330 – Version 2004 “May 2020 Update” (OS Build 19041)
  • KB5001330 – Version 20H2 “October 2020 Update” (OS Build 19042)

 

Note: Server 2016 uses the same KB as Windows 10 Version 1607. Server 2019 uses the same KB as Windows 10 Version 1809.

 

April 2021 updates for Microsoft Office

https://support.microsoft.com/en-us/topic/april-2021-updates-for-microsoft-office-8621a088-37ba-403a-a3b7-73617a7017ee

 

 

Notable CVEs

 

CVE-2021-28310 | Win32k Elevation of Privilege Vulnerability (Cumulative Update)

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28310

 

CVE-2021-28480 | Microsoft Exchange Server Remote Code Execution Vulnerability (KB5001779)

All associated: CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, and CVE-2021-28483

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28480