On 11 May 2021, Microsoft and Adobe released patches in multiple products; some of the fixed flaws have proof-of-concept (POC) code available and one flaw has been exploited by threat actors. Timely patching of these flaws is recommended.
- Microsoft’s May 2021 Patch Tuesday has fixed 55 vulnerabilities, among which four were classified as Critical, 50 as Important, and one as Moderate. POC code is available for some of them, but none of the flaws were known to be actively exploited in the wild at the time of the report.
- The four Critical vulnerabilities are CVE-2021-31166 , CVE-2021-26419 , CVE-2021-28476 , and CVE-2021-31194.
- Microsoft stated that the details for the following vulnerabilities were publicly exposed: CVE-2021-31207, CVE-2021-31200, CVE-2021-31204, and CVE-2021-31166.
- Adobe released patches for 43 flaws in 12 products, including a flaw in Adobe’s Acrobat Reader that has been exploited in the wild in “limited attacks targeting Adobe Reader users on Windows.”
- Successful exploitation of this issue, tracked as CVE-2021-28550/APSB21-29, could allow threat actors to execute almost any command in Windows, including installing malware and the possibility of taking over the system.
- If you are running vulnerable versions of Adobe’s Acrobat Reader, we recommend expedited patching of the CVE-2021-28550 to prevent targeting by an active malware campaign.
- Users can update their product installations manually by choosing Help > Check for Updates.
- We recommend timely patching for Microsoft vulnerabilities as the available POC code makes it more likely for threat actors to abuse the flaws in the near future.
- If you have systems running a vulnerable OS, with established connections on common HTTP ports (80, 8080, 443), from external IPs, we recommend prioritizing the CVE-2021-31166 patch.