Welcome to this April Patch Tuesday Bulletin. This month we have 114 unique CVE’s across 7 technologies, 3 technologies with critical vulnerabilities, 3 vulnerabilities publicly disclosed, and 1 vulnerability exploited in the wild. The big news this month is patching Exchange. None of the exchange vulnerabilities listed were publicly disclosed or exploited but they were all assessed as “Exploitation More Likely” and the NSA and Microsoft are urging users to patch. Microsoft states that customers should install patches as soon as possible given the recent adversary focus on Exchange. CVE-2021-28310 is an elevation of privilege vulnerability affecting Windows and was shown to be exploited in the wild so make sure this is a priority. CVE-2021-27091, CVE-2021-28312, and CVE-2021-28437 were all publicly disclosed but were rated as less likely to be exploited. Make sure these are addressed following the Exchange updates. Chromium-based Edge follows the Google Chrome release and uses Google’s release information for severity and vulnerability info.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.