Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


Microsoft has released security update guide CVE-2021-41372 for Power BI Report Server. See the complete guide at


After certain malicious Microsoft Power BI reports are uploaded to a Power BI Report Server, it's possible to run scripts in the security context of the user and perform privilege escalation.

Affected versions 

  • Power BI Report Server (September 2021)
    1.12.7936.39665 (build 15.0.1107.146)

  • Power BI Report Server (May 2021)
    1.11.7815.26414 (build 15.0.1106.169)

Power BI Report Server is updated to the following versions in this security update.

Product Name

Product version

File version

Power BI Report Server (September 2021)



Power BI Report Server (May 2021)



How to obtain and install the updates

These updates are available for download from the Microsoft Download Center:

Download icon Download the September 2021 package now

   Release date: November 9, 2021

Download icon Download the May 2021 package now

   Release date: March 4, 2022

More information


To apply the updates, you must have any version of Power BI Report Server installed.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!