Browser updates are back for the May’s Patch Tuesday


With 55 updates, three publicly reported vulnerabilities and reported public exploits for Adobe Reader, this week’s Patch Tuesday update will require some time and testing before deployment. There are some tough testing scenarios (we’re looking at you, OLE) and kernel updates make for risky deployments. Focus on the IE and Adobe Reader patches — and take your time with the (technically challenging) Exchange and Windows updates.

Speaking of taking your time, if you’re still Windows 10 1909, this is your last month of security updates. 

The three publicly disclosed vulnerabilities this month include:

  • CVE-2021-31204 – .NET and Visual Studio Elevation of Privilege Vulnerability Important
  • CVE-2021-31207 – Microsoft Exchange Server Security Feature Bypass
  • CVE-2021-31200 – Common Utilities Remote Code Execution Vulnerability Important

You can find this information summarized in this infographic.

Key Testing Scenarios

There are no reported high-risk changes to the Windows platform this month.  For this patch cycle we have divided our testing guide into two sections:

Microsoft Office

Copyright © 2021 IDG Communications, Inc.



Source link