Microsoft has released security updates for multiple products to address vulnerabilities. Microsoft has fixed 108 vulnerabilities, with 19 classified as Critical and 89 as Important. As part of April 2021 Patch Tuesday, Microsoft has fixed five zero-day vulnerabilities:

CVE-2021-27091 - RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

CVE-2021-28312 - Windows NTFS Denial of Service Vulnerability

CVE-2021-28437 - Windows Installer Information Disclosure Vulnerability

CVE-2021-28458 - Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability

CVE-2021-28310 - Win32k Elevation of Privilege Vulnerability (according to Kaspersky Lab experts, vulnerability is exploited in the wild)

Microsoft's April 2021 Security Update also mitigates critical remote code execution vulnerabilities (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483) affecting on-premise Exchange Server versions. An attacker could exploit these vulnerabilities to gain access and maintain persistence on the target host.

More information on vulnerabilities and updates is available in the Microsoft's April 2021 Security Updates page - microsoft.com.

Source: bleepingcomputer.com