CATEGORIES
home News

Microsoft's May Patch Tuesday Brings 55 Critical Security Fixes, Update Now

by Nathan OrdWednesday, May 12, 2021, 03:57 PM EDT
msrc microsoft patch tuesday update brings 55 vulnerability fixes
Yesterday was Microsoft’s routine Patch Tuesday release, which tackled quite a few vulnerabilities, 55 to be exact. Though this may seem like a lot, it is actually the smallest update from the company since 2020, but it does take care of some big problems. This includes a rather worrisome wormable HTTP protocol-stack vulnerability within Windows that thankfully has not been seen exploited in the wild.

Of the 55 fixes coming with this patch, the wormable HTTP protocol-stack vulnerability, denoted by CVE-2021-31166, is the most concerning. This vulnerability has been given a rather high Common Vulnerability Scoring System (CVSS) score at 9.8 out of 10, which means it can be dangerous if used. According to Microsoft Security Response Center (MSRC), this vulnerability can be performed over a network, has low complexity, and has a high impact on the CIA triad, or confidentiality, integrity, and availability. This is the perfect storm for a vulnerability, but thankfully there has not been any known use of this in the wild yet.

ie11 microsoft patch tuesday update brings 55 vulnerability fixes

Another interesting vulnerability that should get some attention is CVE-2021-26419, which gives even more of a reason to kill off Internet Explorer entirely. The MSRC page for the vulnerability explains that an attacker could “host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website.” The user accessing the webpage could allow the remote attacker to execute code through Internet Explorer 11.

Besides these two, there are many more fixed vulnerabilities in this update which we did not cover, so perhaps it is time to patch your systems. Before you update, save yourself some future trouble and make a backup just in case something goes awry. We have seen issues in the past with Microsoft patches, but we hope those have been squared away and quality assurance has improved.

As always, hackers are always out there trying to find new vulnerabilities, so getting into the habit of regularly updating is a good thing, even if there are concerns about broken updates. Anyhow, if you have read about another interesting vulnerability that we did not cover, let us know about it in the comments below.
Tags:  Microsoft, security, Windows, cybersecurity, Patch-Tuesday, Windows 10, (nasdaq:msft)
TOP CONVERSATIONS
You Next Copilot PC Platform
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment