Patch Analysis for April 2021

Welcome to this April Patch Monday Bulletin. This month we have updates from Adobe, Google, Mozilla, and Oracle. It was a big month for Google with a number of Chrome zero days (CVE-2021-21224, CVE-2021-21206, CVE-2021-21220). Luckily, Chrome will auto update to apply these patches, but the browser needs to restart. Consider forcing a restart for workstations that may leave Chrome open for days or weeks. Monitor the environment for related IDS events and strange application behavior that may be associated with Chrome. Mozilla released high severity updates for Firefox so make this the next priority. Adobe updated various products, but they were all Priority 3 which indicates they typically are not a target or do not have active exploits observed in the wild. Apply these updates at your discretion. March was a critical patch update month for Oracle so apply Java updates after testing. Finally, review the environment for Thunderbird installations and apply updates.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of non-MS patches this month.

Patch data provided by:

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

Multiple CVE’s

Adobe Photoshop

2020 21.2.6 and earlier

2021 22.3 and earlier

4/13/2021

Arbitrary Code Execution

Critical Priority 3: Update at admin’s discretion

CVE-2021-21100

Adobe Digital Editions

4.5.11.187245 and earlier

4/13/2021

Privilege Escalation

Critical Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Bridge

10.1.1 and earlier

11.0.1 and earlier

4/13/2021

Arbitrary Code Execution, Privilege Escalation, Information Disclosure

Critical Priority 3: Update at admin’s discretion

CVE-2021-21070

RoboHelp

RH2020.0.3 and earlier

4/13/2021

Privilege Escalation

Important Priority 3: Update at admin’s discretion

Multiple CVE’s

Google Chrome

Before 90.0.4430.85

4/20/2021

Use After Free, Information Disclosure, Security Bypass

Update as soon as possible

Multiple CVE’s

Mozilla Firefox

Firefox 88/ESR 78.10

4/19/2021

Use After Free, Spoofing, Privilege Escalation, Information Disclosure, Arbitrary Code Execution, Denial of Service, Security Bypass

Update as soon as possible

Multiple CVE’s

Mozilla Thunderbird

Before Thunderbird 78.10

4/19/2021

Use After Free, Spoofing, Privilege Escalation, Arbitrary Code Execution, Denial of Service, Security Bypass

Update as soon as possible

Multiple CVE’s

Oracle Java

7u291, 8u281, 11.0.10, 16

4/20/2021

Critical Data Modification, Denial of Service

Update after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The "Randy’s Recommendation" comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.

 

Additional Resources