Microsoft Windows Security Updates May 2021 overview

[mood]

Microsoft Windows Security Updates May 2021 overview

 

It is the second Tuesday of the month, and that means it is Patch Day at Microsoft. Microsoft released security and non-security updates for all supported versions of the company's Windows operating system and other company products today.

 

Our overview is designed for home administrators and system administrators who install security patches on devices running Windows. It links to all support pages, direct downloads of the major Windows patches, includes links to critical issues and known issues.

 

You can check out the April 2021 Patch Day overview here.

The Microsoft Windows Security Updates: May 2021

You may download the following Excel spreadsheet to get a list of the security updates released for Microsoft Windows and other company products: windows-security-updates-may-2021

Executive Summary

• Non-Enterprise editions of Windows 10 version 1909 reach end of servicing today (Home, Pro, Pro Education and Pro Workstation). Microsoft lifted the last upgrade safeguards of Windows 10 version 2004 and 20H2 recently.
• Microsoft released security updates for all supported versions of Windows (client and server).
• All Windows client products are affected by known issues.
• Other Microsoft products with security updates are: Microsoft Office, Internet Explorer, Visual Studio, Skype for Business, .NET Core.

Operating System Distribution

• Windows 7  (extended support only😞 11 vulnerabilities: 1 critical and 10 important
  • Hyper-V Remote Code Execution Vulnerability - CVE-2021-28476
• Windows 8.1: 12 vulnerabilities: 2 critical and 12 important
  • Hyper-V Remote Code Execution Vulnerability - CVE-2021-28476
  • OLE Automation Remote Code Execution Vulnerability -- CVE-2021-31194
• Windows 10 version 1903 and 1909: 16 vulnerabilities: 2 critical and 14 important
  • same as Windows 8.1
• Windows 10 version 2004 and 20H2: 24 vulnerabilities, 3 critical and 21 important
  • Hyper-V Remote Code Execution Vulnerability - CVE-2021-28476
  • OLE Automation Remote Code Execution Vulnerability -- CVE-2021-31194
  • HTTP Protocol Stack Remote Code Execution Vulnerability -- CVE-2021-31166

 

Windows Server products

• Windows Server 2008 R2 (extended support only): 10 vulnerabilities: 1 critical and 9 important
  • Hyper-V Remote Code Execution Vulnerability -- CVE-2021-28476
• Windows Server 2012 R2: 12 vulnerabilities: 2 critical and 12 important
  • Hyper-V Remote Code Execution Vulnerability - CVE-2021-28476
  • OLE Automation Remote Code Execution Vulnerability -- CVE-2021-31194
• Windows Server 2016: 12 vulnerabilities: 2 critical and 12 important.
  • same as Windows Server 2021 R2
• Windows Server 2019: 16 vulnerabilities: 2 critical and 14 important
  • same as Windows Sever 2008 R2

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

 

• Monthly Rollup: KB5003233
• Security-Only: KB5003228

 

Updates and improvements:

• Fixed an issue in the Server Message Block (SMB) protocol causing frequent crashes with error 0xA on Windows Server 2008 R2 SP1
• Security updates

 

Windows 8.1 and Windows Server 2012 R2

• Monthly Rollup: KB5003209
• Security-only: KB5003220

 

Updates and improvements:

• Security updates

 

Windows 10 version 1909

• Support Page: KB5003169

 

Updates and improvements:

• Fixed an issue that could make scroll bar controls appear blank on the screen.
• Security updates.

 

Windows 10 version 2004 and 20H2

• Support Page: KB5003173

 

Updates and improvements:

• Security updates

 

Other security updates

 

2021-05 Cumulative Security Update for Internet Explorer (KB5003165)

2021-05 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5003203)

2021-05 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5003208 )

2021-05 Security Monthly Quality Rollup for Windows Server 2008 (KB5003210)

2021-05 Security Only Quality Update for Windows Server 2008 (KB5003225)

2021-05 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5003171)

2021-05 Cumulative Update for Windows 10 Version 1803 (KB5003174)

2021-05 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5003197)

2021-05 Servicing Stack Update for Windows 10 Version 1803 (KB5003364)

2021-05 Servicing Stack Update for Windows Server 2019 and Windows 10 Version 1809 (KB5003243)

2021-05 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB5003244)

Known Issues

Windows 7 SP1 and Windows Server 2008 R2 SP1

• Update installations are reverted if the system is not supported for ESU.
• Certain operations may fail on Cluster Shared Volumes. Workaround available, see support page.

 

Windows 8.1 and Windows Server 2012 R2

• Certain operations may fail on Cluster Shared Volumes. Workaround available, see support page.

 

Windows 10 version 1909

• System and certificates may be lost when a device is updated to a newer version of Windows 10. See the workaround on the support page.

 

Windows 10 version 2004 and 20H2

• Microsoft Edge Legacy may have been removed on devices with Windows installations created from custom offline media or ISO images, but the browser may not have been replaced by the new Edge. Workaround is available, see support page.
• Performance issues in games after update installation. Is resolved for consumer and non-managed business devices.
• Kanji characters entered using the Microsoft Japanese Input Method Editor may result in correct characters being displayed.

Security advisories and updates

ADV 990001 -- Latest Servicing Stack Updates

Non-security related updates

2021-05 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5001843)

2021-05 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5001844)

2021-05 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5001845)

2021-05 Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5001848 )

2021-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5001849)

2021-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5001850)

2021-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5001878 )

2021-05 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5001880)

2021-05 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5001881)

2021-05 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 (KB5001882)

2021-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 2004, and Windows 10 Version 2004 (KB4601554)

2021-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 and Windows 10 Version 1909 (KB4601556)

2021-05 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5001841)

2021-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016 (1803) for x64 (KB5001842)

2021-05 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5001879)

2021-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2, Windows 10 Version 2004, Windows 10 Version 1909, and Windows 10 Version 1903 (KB5003266)

Windows Malicious Software Removal Tool (KB890830)

Microsoft Office Updates

You find Office update information here.

How to download and install the May 2021 security updates

 

Updates for home Windows systems are usually installed automatically through Windows Updates. Windows checks for updates regularly and will install security updates automatically, if discovered during checks.

 

Administrators may run manual checks for updates to speed up the discovery and thus installation of today's security updates.

 

Note: we recommend that you make backups of important date, best the entire system, before installing any updates.

 

Windows administrators may run the following steps to check for updates manually on Windows devices:

1. Select Start, type Windows Update and load the Windows Update item that is displayed.
2. Select check for updates to run a manual check for updates.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

 

Windows 7 and Server 2008 R2

• KB5003233 -- 2021-05 Security Monthly Quality Rollup for Windows 7
• KB5003228 -- 2021-05 Security Only Quality Update for Windows 7

 

Windows 8.1 and Windows Server 2012 R2

• KB5003209 -- 2021-05 Security Monthly Quality Rollup for Windows 8.1
• KB5003220 -- 2021-05 Security Only Quality Update for Windows 8.1

Windows 10 (version 1909)

• KB5003171 -- 2021-05 Cumulative Update for Windows 10 Version 1909

Windows 10 (version 2004)

• KB5003173 -- 2021-05 Cumulative Update for Windows 10 Version 2004

 

Windows 10 (version 20H2)

• KB5003173 -- 2021-05 Cumulative Update for Windows 10 Version  20H2

 

 

Source: Microsoft Windows Security Updates May 2021 overview