There are updates for 41 vulnerabilities published for Windows OS, Browsers and Office. The total number of the vulnerabilities is decent but some of them are critical.

Four of the vulnerabilities have the base score of 9.8 in CVSS rating. CVE-2021-24074 and CVE-2021-24086 are targeted to Windows TCP/IP implementation. They can enable Denial of Service (DoS) and Critical Remote Code Execution (RCE). Other two critical vulnerabilities are CVE-2021-24077 and CVE-2021-24078. The vulnerabilities are targeted to Windows Fax Service and Windows DNS Server.

Last week Microsoft announced a zero-day vulnerability CVE-2021-1732, which was for Win32k component of Windows 10 and Windows Server 2019. In addition to this 3 of the vulnerabilities had been publicly disclosed: CVE-2021-24098, CVE-2021-1727 and CVE-2021-24106.

The impact and scoring of these and other vulnerabilities can be explored with Common Vulnerability Scoring System Calculator. Microsoft posts CVSS-calculator (maintained by National Vulnerability Database) links for all the vulnerabilities in their vulnerability articles. More thorough information of the vulnerabilities can be found from Microsoft’s MSRC-portal.

The known issues are almost the same as last month. Based on that information the administrators can still continue deploying the monthly patches following normal procedures.

Operating system

Known issues (last month)

Windows 10, version 20H2 and Windows Server, version 20H2

3 (2)

Windows 10, version 2004 and Windows Server, version 2004

3 (2)

Windows 10, version 1909 ja 1903* and Windows Server, version 1903

2 (1)

Windows 10, version 1809 and Windows Server 2019

1 (0)

Windows 10, version 1803**

0 (0)

Windows 10, version 1709*** and Windows Server, version 1709

Reached end of service.

Windows 10, version 1703***

Reached end of service.

Windows 10, version 1607 LTSC*** and Windows Server 2016

1 (1)

Windows 8.1**** and Windows Server 2012 R2

1 (1)

Windows Server 2012

1 (1)

Windows 7**** and Windows Server 2008 R2 SP1

2 (2)

* 1909 shares the same core and system files with the predecessor 1903.

** The support for the specific feature update for version Home and Pro has ended.

*** The support for the specific feature update for all the version has ended.

**** Mainstream support for the operating system has ended: Windows 8.1 1/10/2023 and Windows 7 1/14/2020.

Patching the critical, zero-day and publicly disclosed vulnerabilities should the priority for this month. Those vulnerabilities are mentioned in beginning of the article. Do this especially if you have the targeted operating systems and components in use. Otherwise, the normal patching routines can be followed. However, Centero recommends to test the updates thoroughly before deploying them to production endpoints. In addition to this, all the known issues should be read through and reflected to own environment.

Microsoft maintains a list of Windows updates and their known issues on the following pages.

With Centero Software Manager Cloud and CSM Cloud for Servers it’s possible to deploy these updates into your environment and even on remote computers by the configuration you have defined.

Read more on this topic:

Many Vulnerabilities Are Patched on Microsoft’s Patch Tuesday of April

There are quite many vulnerabilities this month. Take care of the endpoints especially now when users mostly work remotely.   The number of the vulnerabilities has been great during the last months. April is no exception. This month Microsoft patched 113 vulnerabilities. There are not any highest critical level of vulnerabilities targeted to operating systems […]

Check out, that Java is properly used under the new terms of use

Since Oracle announced, Java will not be free anymore in case of business use, every Centero Software Manager (CSM) customer must notice changed terms of use and makes sure, that Java is used under these terms. Read our detailed service announcement and instructions from here.