Blog

Remote Code Execution Vulnerability in Windows 10 and Windows Server – CVE-2021-31166

by Nadia Meichtry

On Patch Tuesday in May 2021, Microsoft fixed a total of 55 vulnerabilities in various Windows versions and applications. [1] Patch Tuesday occurs on the second Tuesday of each month. On this day, Microsoft releases patches or updates for their systems and products. [2]

Microsoft has classified CVE-2021-31166 as particularly dangerous. This remote code execution (RCE) vulnerability has a CVSS (Common Vulnerability Scoring System) score of 9.8 out of 10, affecting Windows 10 versions 2004 and 20H2 and Windows Server versions 2004 and 20H2. [3] A proof of concept for this vulnerability was published on 16 May 2021. [4]
[read the German article]

All Categories
News & Advisories
Pen Tester's Diary
DFIR Analyst's Diary

Published on: 26.05.2021

Share

Autor

Keine Beschreibung verfügbar.

Related articles

Never want to miss anything again?

Subscribe to our news feed on LinkedIn and register to receive our newsletter.

Sign up for our Newsletter
Privacy Statement

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 12:00 p.m. and 1:00 p.m. – 5:00 p.m (exception: customers with SLA – please call the 24/7 IRFA emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

  • What and who is affected?
  • Who discovered and reported the incident?
  • How and when was the incident noticed?
  • What did you observe?
  • What are you concerned about in connection with the incident?
  • What actions have already been taken?

For more information about our DFIR services here:

QR_CSIRT_2022_EN@2x
Add CSIRT to contacts