Don't miss a single vulnerability this Patch Tuesday. The latest patches and updates from Microsoft and multiple third-party applications can be found in May's Patch Tuesday Index below.
Earlier in the month, Mozilla released updates for Thunderbird, Firefox, Firefox ESR, and their Hubs Cloud Reticulum. Of the four security bulletins, 2 are deemed Critical.
Adobe has also released a large number fixes for 12 separate products with a total of 25 Critical CVEs.
Automox Patch Tuesday expert Nick Colyer will be breaking down all of May's Patch Tuesday releases tomorrow, May 12, 2021. Register here so you can prioritize the patches for your environment and ask any question you may have.
Updated Live. Last Update 11:55 AM EST May 11, 2021.
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Hubs Cloud | 1 security vulnerability fixed in Hubs Cloud Reticulum | MFSA 2021-21 | Critical |
Firefox | 2 security vulnerabilities fixed in Firefox and Firefox for Android | MFSA 2021-20 | Critical |
Thunderbird | 1 security vulnerability fixed in Thunderbird 78.10.1 | MFSA 2021-19 | Medium |
Firefox ESR | 1 security vulnerability fixed in Firefox ESR 78.10.1 | MFSA 2021-18 | Medium |
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Adobe Experience Manager | 2 Security Vulnerabilities fixed in Adobe Experience Manager | APSB21-15 | Adobe Priority 2 |
Adobe InDesign | 3 Security Vulnerabilities fixed in Adobe InDesign | APSB21-22 | Adobe Priority 3 |
Adobe Illustrator | 5 Security Vulnerabilities fixed in Adobe Illustrator | APSB21-24 | Adobe Priority 3 |
Adobe InCopy | 1 Security Vulnerability fixed in Adobe InCopy | APSB21-25 | Adobe Priority 3 |
Adobe Genuine Service | 1 Security Vulnerability fixed in Adobe Genuine Service | APSB21-27 | Adobe Priority 3 |
Adobe Acrobat and Reader | 14 Security Vulnerabilities fixed in Adobe Acrobat and Reader | APSB21-29 | Adobe Priority 1 |
Magento | 7 Security Vulnerabilities fixed in Magento | APSB21-30 | Adobe Priority 2 |
Adobe Creative Cloud | 1 Security Vulnerability fixed in Adobe Creative Cloud Desktop Application | APSB21-31 | Adobe Priority 3 |
Adobe Media Encoder | 1 Security Vulnerability fixed in Adobe Media Encoder | APSB21-32 | Adobe Priority 3 |
Adobe After Effects | 1 Security Vulnerability fixed in Adobe After Effects | APSB21-33 | Adobe Priority 3 |
Medium by Adobe | 1 Security Vulnerability fixed in Medium by Adobe | APSB21-34 | Adobe Priority 3 |
Adobe Animate | 7 Security Vulnerabilities fixed in Adobe Animate | APSB21-35 | Adobe Priority 3 |
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Windows Cryptographic Services | Windows Cryptographic Services Remote Code Execution Vulnerability | CVE-2021-1720 | Critical |
Internet Explorer | Scripting Engine Memory Corruption Vulnerability | CVE-2021-26419 | Critical |
Role: Hyper-V | Hyper-V Remote Code Execution Vulnerability | CVE-2021-28476 | Critical |
HTTP.sys | HTTP Protocol Stack Remote Code Execution Vulnerability | CVE-2021-31166 | Critical |
Windows OLE | OLE Automation Remote Code Execution Vulnerability | CVE-2021-31194 | Critical |
Windows Wireless Networking | Windows Wireless Networking Information Disclosure Vulnerability | CVE-2020-24587 | High |
Windows Wireless Networking | Windows Wireless Networking Spoofing Vulnerability | CVE-2020-24588 | High |
Windows Wireless Networking | Windows Wireless Networking Spoofing Vulnerability | CVE-2020-26144 | High |
Microsoft Office SharePoint | Microsoft SharePoint Spoofing Vulnerability | CVE-2021-26418 | High |
Skype for Business and Microsoft Lync | Skype for Business and Lync Remote Code Execution Vulnerability | CVE-2021-26421 | High |
Skype for Business and Microsoft Lync | Skype for Business and Lync Remote Code Execution Vulnerability | CVE-2021-26422 | High |
Visual Studio | Visual Studio Remote Code Execution Vulnerability | CVE-2021-27068 | High |
Microsoft Office Access | Microsoft Access Remote Code Execution Vulnerability | CVE-2021-28455 | High |
Microsoft Dynamics Finance & Operations | Dynamics Finance and Operations Cross-site Scripting Vulnerability | CVE-2021-28461 | High |
Microsoft Windows Codecs Library | Web Media Extensions Remote Code Execution Vulnerability | CVE-2021-28465 | High |
Microsoft Office SharePoint | Microsoft SharePoint Server Remote Code Execution Vulnerability | CVE-2021-28474 | High |
Microsoft Office SharePoint | Microsoft SharePoint Spoofing Vulnerability | CVE-2021-28478 | High |
Windows CSC Service | Windows CSC Service Information Disclosure Vulnerability | CVE-2021-28479 | High |
Windows Container Manager Service | Windows Container Manager Service Elevation of Privilege Vulnerability | CVE-2021-31165 | High |
Windows Container Manager Service | Windows Container Manager Service Elevation of Privilege Vulnerability | CVE-2021-31167 | High |
Windows Container Manager Service | Windows Container Manager Service Elevation of Privilege Vulnerability | CVE-2021-31168 | High |
Windows Container Manager Service | Windows Container Manager Service Elevation of Privilege Vulnerability | CVE-2021-31169 | High |
Microsoft Graphics Component | Windows Graphics Component Elevation of Privilege Vulnerability | CVE-2021-31170 | High |
Microsoft Office SharePoint | Microsoft SharePoint Information Disclosure Vulnerability | CVE-2021-31171 | High |
Microsoft Office SharePoint | Microsoft SharePoint Spoofing Vulnerability | CVE-2021-31172 | High |
Microsoft Office SharePoint | Microsoft SharePoint Server Information Disclosure Vulnerability | CVE-2021-31173 | High |
Microsoft Office Excel | Microsoft Excel Information Disclosure Vulnerability | CVE-2021-31174 | High |
Microsoft Office Excel | Microsoft Office Remote Code Execution Vulnerability | CVE-2021-31175 | High |
Microsoft Office | Microsoft Office Remote Code Execution Vulnerability | CVE-2021-31176 | High |
Microsoft Office Excel | Microsoft Office Remote Code Execution Vulnerability | CVE-2021-31177 | High |
Microsoft Office Excel | Microsoft Office Information Disclosure Vulnerability | CVE-2021-31178 | High |
Microsoft Office Excel | Microsoft Office Remote Code Execution Vulnerability | CVE-2021-31179 | High |
Microsoft Office Word | Microsoft Office Graphics Remote Code Execution Vulnerability | CVE-2021-31180 | High |
Microsoft Office SharePoint | Microsoft SharePoint Remote Code Execution Vulnerability | CVE-2021-31181 | High |
Microsoft Bluetooth Driver | Microsoft Bluetooth Driver Spoofing Vulnerability | CVE-2021-31182 | High |
Microsoft Windows IrDA | Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability | CVE-2021-31184 | High |
Windows Desktop Bridge | Windows Desktop Bridge Denial of Service Vulnerability | CVE-2021-31185 | High |
Windows RDP Client | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | CVE-2021-31186 | High |
Windows WalletService | Windows WalletService Elevation of Privilege Vulnerability | CVE-2021-31187 | High |
Microsoft Graphics Component | Windows Graphics Component Elevation of Privilege Vulnerability | CVE-2021-31188 | High |
Windows Container Isolation FS Filter Driver | Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | CVE-2021-31190 | High |
Windows Projected File System FS Filter | Windows Projected File System FS Filter Driver Information Disclosure Vulnerability | CVE-2021-31191 | High |
Microsoft Windows Codecs Library | Windows Media Foundation Core Remote Code Execution Vulnerability | CVE-2021-31192 | High |
Windows SSDP Service | Windows SSDP Service Elevation of Privilege Vulnerability | CVE-2021-31193 | High |
Microsoft Exchange Server | Microsoft Exchange Server Remote Code Execution Vulnerability | CVE-2021-31195 | High |
Microsoft Exchange Server | Microsoft Exchange Server Remote Code Execution Vulnerability | CVE-2021-31198 | High |
Open Source Software | Common Utilities Remote Code Execution Vulnerability | CVE-2021-31200 | High |
.NET Core & Visual Studio | .NET Core and Visual Studio Elevation of Privilege Vulnerability | CVE-2021-31204 | High |
Windows SMB | Windows SMB Client Security Feature Bypass Vulnerability | CVE-2021-31205 | High |
Microsoft Exchange Server | Microsoft Exchange Server Remote Code Execution Vulnerability | CVE-2021-31206 | High |
Windows Container Manager Service | Windows Container Manager Service Elevation of Privilege Vulnerability | CVE-2021-31208 | High |
Microsoft Exchange Server | Microsoft Exchange Server Spoofing Vulnerability | CVE-2021-31209 | High |
Visual Studio Code | Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | CVE-2021-31211 | High |
Visual Studio Code | Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | CVE-2021-31213 | High |
Visual Studio Code | Visual Studio Code Remote Code Execution Vulnerability | CVE-2021-31214 | High |
Microsoft Accessibility Insights for Web | Microsoft Accessibility Insights for Web Information Disclosure Vulnerability | CVE-2021-31936 | High |
Microsoft Exchange Server | Microsoft Exchange Server Security Feature Bypass Vulnerability | CVE-2021-31207 | Medium |