May 2021 Patch Tuesday Index

Don't miss a single vulnerability this Patch Tuesday. The latest patches and updates from Microsoft and multiple third-party applications can be found in May's Patch Tuesday Index below.

Earlier in the month, Mozilla released updates for Thunderbird, Firefox, Firefox ESR, and their Hubs Cloud Reticulum. Of the four security bulletins, 2 are deemed Critical.

Adobe has also released a large number fixes for 12 separate products with a total of 25 Critical CVEs.

Automox Patch Tuesday expert Nick Colyer will be breaking down all of May's Patch Tuesday releases tomorrow, May 12, 2021. Register here so you can prioritize the patches for your environment and ask any question you may have.

Updated Live. Last Update 11:55 AM EST May 11, 2021.

firefox Mozilla Firefox
Product
Title
Identifier
Severity
Hubs Cloud 1 security vulnerability fixed in Hubs Cloud Reticulum MFSA 2021-21 Critical
Firefox 2 security vulnerabilities fixed in Firefox and Firefox for Android MFSA 2021-20 Critical
Thunderbird 1 security vulnerability fixed in Thunderbird 78.10.1 MFSA 2021-19 Medium
Firefox ESR 1 security vulnerability fixed in Firefox ESR 78.10.1 MFSA 2021-18 Medium
adobe Adobe
Product
Title
Identifier
Severity
Adobe Experience Manager 2 Security Vulnerabilities fixed in Adobe Experience Manager APSB21-15 Adobe Priority 2
Adobe InDesign 3 Security Vulnerabilities fixed in Adobe InDesign APSB21-22 Adobe Priority 3
Adobe Illustrator 5 Security Vulnerabilities fixed in Adobe Illustrator APSB21-24 Adobe Priority 3
Adobe InCopy 1 Security Vulnerability fixed in Adobe InCopy APSB21-25 Adobe Priority 3
Adobe Genuine Service 1 Security Vulnerability fixed in Adobe Genuine Service APSB21-27 Adobe Priority 3
Adobe Acrobat and Reader 14 Security Vulnerabilities fixed in Adobe Acrobat and Reader APSB21-29 Adobe Priority 1
Magento 7 Security Vulnerabilities fixed in Magento APSB21-30 Adobe Priority 2
Adobe Creative Cloud 1 Security Vulnerability fixed in Adobe Creative Cloud Desktop Application APSB21-31 Adobe Priority 3
Adobe Media Encoder 1 Security Vulnerability fixed in Adobe Media Encoder APSB21-32 Adobe Priority 3
Adobe After Effects 1 Security Vulnerability fixed in Adobe After Effects APSB21-33 Adobe Priority 3
Medium by Adobe 1 Security Vulnerability fixed in Medium by Adobe APSB21-34 Adobe Priority 3
Adobe Animate 7 Security Vulnerabilities fixed in Adobe Animate APSB21-35 Adobe Priority 3
microsoft Microsoft
Product
Title
Identifier
Severity
Windows Cryptographic Services Windows Cryptographic Services Remote Code Execution Vulnerability CVE-2021-1720 Critical
Internet Explorer Scripting Engine Memory Corruption Vulnerability CVE-2021-26419 Critical
Role: Hyper-V Hyper-V Remote Code Execution Vulnerability CVE-2021-28476 Critical
HTTP.sys HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2021-31166 Critical
Windows OLE OLE Automation Remote Code Execution Vulnerability CVE-2021-31194 Critical
Windows Wireless Networking Windows Wireless Networking Information Disclosure Vulnerability CVE-2020-24587 High
Windows Wireless Networking Windows Wireless Networking Spoofing Vulnerability CVE-2020-24588 High
Windows Wireless Networking Windows Wireless Networking Spoofing Vulnerability CVE-2020-26144 High
Microsoft Office SharePoint Microsoft SharePoint Spoofing Vulnerability CVE-2021-26418 High
Skype for Business and Microsoft Lync Skype for Business and Lync Remote Code Execution Vulnerability CVE-2021-26421 High
Skype for Business and Microsoft Lync Skype for Business and Lync Remote Code Execution Vulnerability CVE-2021-26422 High
Visual Studio Visual Studio Remote Code Execution Vulnerability CVE-2021-27068 High
Microsoft Office Access Microsoft Access Remote Code Execution Vulnerability CVE-2021-28455 High
Microsoft Dynamics Finance & Operations Dynamics Finance and Operations Cross-site Scripting Vulnerability CVE-2021-28461 High
Microsoft Windows Codecs Library Web Media Extensions Remote Code Execution Vulnerability CVE-2021-28465 High
Microsoft Office SharePoint Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2021-28474 High
Microsoft Office SharePoint Microsoft SharePoint Spoofing Vulnerability CVE-2021-28478 High
Windows CSC Service Windows CSC Service Information Disclosure Vulnerability CVE-2021-28479 High
Windows Container Manager Service Windows Container Manager Service Elevation of Privilege Vulnerability CVE-2021-31165 High
Windows Container Manager Service Windows Container Manager Service Elevation of Privilege Vulnerability CVE-2021-31167 High
Windows Container Manager Service Windows Container Manager Service Elevation of Privilege Vulnerability CVE-2021-31168 High
Windows Container Manager Service Windows Container Manager Service Elevation of Privilege Vulnerability CVE-2021-31169 High
Microsoft Graphics Component Windows Graphics Component Elevation of Privilege Vulnerability CVE-2021-31170 High
Microsoft Office SharePoint Microsoft SharePoint Information Disclosure Vulnerability CVE-2021-31171 High
Microsoft Office SharePoint Microsoft SharePoint Spoofing Vulnerability CVE-2021-31172 High
Microsoft Office SharePoint Microsoft SharePoint Server Information Disclosure Vulnerability CVE-2021-31173 High
Microsoft Office Excel Microsoft Excel Information Disclosure Vulnerability CVE-2021-31174 High
Microsoft Office Excel Microsoft Office Remote Code Execution Vulnerability CVE-2021-31175 High
Microsoft Office Microsoft Office Remote Code Execution Vulnerability CVE-2021-31176 High
Microsoft Office Excel Microsoft Office Remote Code Execution Vulnerability CVE-2021-31177 High
Microsoft Office Excel Microsoft Office Information Disclosure Vulnerability CVE-2021-31178 High
Microsoft Office Excel Microsoft Office Remote Code Execution Vulnerability CVE-2021-31179 High
Microsoft Office Word Microsoft Office Graphics Remote Code Execution Vulnerability CVE-2021-31180 High
Microsoft Office SharePoint Microsoft SharePoint Remote Code Execution Vulnerability CVE-2021-31181 High
Microsoft Bluetooth Driver Microsoft Bluetooth Driver Spoofing Vulnerability CVE-2021-31182 High
Microsoft Windows IrDA Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability CVE-2021-31184 High
Windows Desktop Bridge Windows Desktop Bridge Denial of Service Vulnerability CVE-2021-31185 High
Windows RDP Client Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability CVE-2021-31186 High
Windows WalletService Windows WalletService Elevation of Privilege Vulnerability CVE-2021-31187 High
Microsoft Graphics Component Windows Graphics Component Elevation of Privilege Vulnerability CVE-2021-31188 High
Windows Container Isolation FS Filter Driver Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability CVE-2021-31190 High
Windows Projected File System FS Filter Windows Projected File System FS Filter Driver Information Disclosure Vulnerability CVE-2021-31191 High
Microsoft Windows Codecs Library Windows Media Foundation Core Remote Code Execution Vulnerability CVE-2021-31192 High
Windows SSDP Service Windows SSDP Service Elevation of Privilege Vulnerability CVE-2021-31193 High
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-31195 High
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-31198 High
Open Source Software Common Utilities Remote Code Execution Vulnerability CVE-2021-31200 High
.NET Core & Visual Studio .NET Core and Visual Studio Elevation of Privilege Vulnerability CVE-2021-31204 High
Windows SMB Windows SMB Client Security Feature Bypass Vulnerability CVE-2021-31205 High
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-31206 High
Windows Container Manager Service Windows Container Manager Service Elevation of Privilege Vulnerability CVE-2021-31208 High
Microsoft Exchange Server Microsoft Exchange Server Spoofing Vulnerability CVE-2021-31209 High
Visual Studio Code Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability CVE-2021-31211 High
Visual Studio Code Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability CVE-2021-31213 High
Visual Studio Code Visual Studio Code Remote Code Execution Vulnerability CVE-2021-31214 High
Microsoft Accessibility Insights for Web Microsoft Accessibility Insights for Web Information Disclosure Vulnerability CVE-2021-31936 High
Microsoft Exchange Server Microsoft Exchange Server Security Feature Bypass Vulnerability CVE-2021-31207 Medium