Security News > 2021 > May > Microsoft May 2021 Patch Tuesday fixes 55 flaws, 3 zero-days
2021-05-11 17:28
Today is Microsoft's May 2021 Patch Tuesday, and with it comes three zero-day vulnerabilities, so Windows admins will be rushing to apply updates.
With today's update, Microsoft has fixed 55 vulnerabilities, with four classified as Critical, 50 as Important, and one as Moderate.
As part of today's Patch Tuesday, Microsoft has fixed three publicly disclosed vulnerabilities.
The CVE-2021-31207 Microsoft Exchange vulnerability was used by in the 2021 Pwn2Own hacking challenge.
It is expected that threat actors will analyze the patches to create exploits for the vulnerabilities, especially the one for Microsoft Exchange.
Below is the full list of resolved vulnerabilities and released advisories in the May 2021 Patch Tuesday updates.
News URL
Related news
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- August 2024 Patch Tuesday forecast: Looking for a calm August release (source)
- Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days (source)
- Microsoft Patched 6 Actively Exploited Zero-Day Flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2021-31207 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Server Security Feature Bypass Vulnerability | 6.6 |