Microsoft Patch Tuesday - October 2024

Published: 2024-10-08. Last Updated: 2024-10-08 19:18:33 UTC
by Johannes Ullrich (Version: 1)

Microsoft today released patches for 117 vulnerabilities. Three additional vulnerabilities apply to Chromium/Edge. Another three vulnerabilities are rated critical.

Five of the vulnerabilities were disclosed before today. Two vulnerabilities were not only disclosed but also exploited, according to Microsoft

Notable Vulnerabilities:

Microsoft Management Console Remote Code Execution Vulnerability (CVE-2024-43572)

To Exploit this vulnerability, the attacker must convince the victim to open a malicious file.

Open Source Curl Remote Code Execution Vulnerability (CVE-2024-6197)

This vulnerability was disclosed and patched in libcurl back in July. Accordng to curl.se, the most likely outcome is a crash, but code execution can not be ruled out.

Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2024-20659)

The vulnerability allows an attacker to bypass the UEFI on the host machine and compromise the hypervisor and the secure kernel. Exploitation requires a reboot at the right time.

Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43573)

yet another Windows MSHTML Platform Spoofing vulnerability. Fourth 0-day just this year in this component. APT actors usually use these issues to make downloading and executing malware more likely.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-43485	No	No	-	-	Important	7.5	6.5
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-38229	No	No	-	-	Important	8.1	7.1
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2024-43483	No	No	-	-	Important	7.5	6.5
CVE-2024-43484	No	No	-	-	Important	7.5	6.5
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
CVE-2024-43591	No	No	-	-	Important	8.7	7.6
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-38097	No	No	-	-	Important	7.1	6.2
Azure Service Fabric for Linux Remote Code Execution Vulnerability
CVE-2024-43480	No	No	-	-	Important	6.6	5.8
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
CVE-2024-38179	No	No	-	-	Important	8.8	7.7
BitLocker Security Feature Bypass Vulnerability
CVE-2024-43513	No	No	-	-	Important	6.4	5.6
BranchCache Denial of Service Vulnerability
CVE-2024-43506	No	No	-	-	Important	7.5	6.5
CVE-2024-38149	No	No	-	-	Important	7.5	6.5
Chromium: CVE-2024-7025 Integer overflow in Layout
CVE-2024-7025	No	No	-	-	-
Chromium: CVE-2024-9369 Insufficient data validation in Mojo
CVE-2024-9369	No	No	-	-	-
Chromium: CVE-2024-9370 Inappropriate implementation in V8
CVE-2024-9370	No	No	-	-	-
Code Integrity Guard Security Feature Bypass Vulnerability
CVE-2024-43585	No	No	-	-	Important	5.5	4.8
DeepSpeed Remote Code Execution Vulnerability
CVE-2024-43497	No	No	-	-	Important	8.4	7.3
Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
CVE-2024-43515	No	No	-	-	Important	7.5	6.5
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-43517	No	No	-	-	Important	8.8	7.7
Microsoft Configuration Manager Remote Code Execution Vulnerability
CVE-2024-43468	No	No	-	-	Critical	9.8	8.5
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
CVE-2024-43614	No	No	-	-	Important	5.5	4.8
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-43504	No	No	-	-	Important	7.8	6.8
Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-43572	Yes	Yes	-	-	Important	7.8	7.2
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43576	No	No	-	-	Important	7.8	6.8
CVE-2024-43616	No	No	-	-	Important	7.8	6.8
Microsoft Office Spoofing Vulnerability
CVE-2024-43609	No	No	-	-	Important	6.5	5.7
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43505	No	No	-	-	Important	7.8	6.8
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43581	No	No	-	-	Important	7.1	6.2
CVE-2024-43615	No	No	-	-	Important	7.1	6.2
CVE-2024-38029	No	No	-	-	Important	7.5	6.5
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2024-43503	No	No	-	-	Important	7.8	6.8
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
CVE-2024-43541	No	No	-	-	Important	7.5	6.5
CVE-2024-43544	No	No	-	-	Important	7.5	6.5
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-43574	No	No	-	-	Important	8.3	7.2
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-43519	No	No	-	-	Important	8.8	7.7
Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
CVE-2024-43560	No	No	-	-	Important	7.8	6.8
NT OS Kernel Elevation of Privilege Vulnerability
CVE-2024-43553	No	No	-	-	Important	7.4	6.4
Open Source Curl Remote Code Execution Vulnerability
CVE-2024-6197	Yes	No	-	-	Important	8.8	7.7
Outlook for Android Elevation of Privilege Vulnerability
CVE-2024-43604	No	No	-	-	Important	5.7	5.0
Power BI Report Server Spoofing Vulnerability
CVE-2024-43481	No	No	-	-	Important	6.5	5.7
CVE-2024-43612	No	No	-	-	Important	6.9	6.0
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43533	No	No	-	-	Important	8.8	7.7
CVE-2024-43599	No	No	-	-	Important	8.8	7.7
Remote Desktop Protocol Server Remote Code Execution Vulnerability
CVE-2024-43582	No	No	-	-	Critical	8.1	7.1
Remote Registry Service Elevation of Privilege Vulnerability
CVE-2024-43532	No	No	-	-	Important	8.8	7.7
Sudo for Windows Spoofing Vulnerability
CVE-2024-43571	No	No	-	-	Important	5.6	4.9
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVE-2024-43590	No	No	-	-	Important	7.8	6.8
Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
CVE-2024-43488	No	No	-	-	Critical	8.8	7.7
Visual Studio Code for Linux Remote Code Execution Vulnerability
CVE-2024-43601	No	No	-	-	Important	7.1	6.2
Visual Studio Collector Service Denial of Service Vulnerability
CVE-2024-43603	No	No	-	-	Important	5.5	4.8
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2024-43563	No	No	-	-	Important	7.8	6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-43501	No	No	-	-	Important	7.8	6.8
Windows Cryptographic Information Disclosure Vulnerability
CVE-2024-43546	No	No	-	-	Important	5.6	4.9
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43509	No	No	-	-	Important	7.8	6.8
CVE-2024-43556	No	No	-	-	Important	7.8	6.8
Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43508	No	No	-	-	Important	5.5	4.8
CVE-2024-43534	No	No	-	-	Important	6.5	5.7
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43521	No	No	-	-	Important	7.5	6.5
CVE-2024-43567	No	No	-	-	Important	7.5	6.5
CVE-2024-43575	No	No	-	-	Important	7.5	6.5
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-30092	No	No	-	-	Important	8.0	7.0
Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2024-20659	Yes	No	-	-	Important	7.1	6.6
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38129	No	No	-	-	Important	7.5	6.5
Windows Kerberos Information Disclosure Vulnerability
CVE-2024-43547	No	No	-	-	Important	6.5	5.7
Windows Kernel Denial of Service Vulnerability
CVE-2024-43520	No	No	-	-	Important	5.0	4.4
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43502	No	No	-	-	Important	7.1	6.2
CVE-2024-43527	No	No	-	-	Important	7.8	6.8
CVE-2024-37979	No	No	-	-	Important	6.7	5.8
CVE-2024-43511	No	No	-	-	Important	7.0	6.1
CVE-2024-43570	No	No	-	-	Important	6.4	5.6
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-43535	No	No	-	-	Important	7.0	6.1
Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-43554	No	No	-	-	Important	5.5	4.8
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2024-43522	No	No	-	-	Important	7.0	6.1
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43573	Yes	Yes	-	-	Moderate	6.5	6.0
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43537	No	No	-	-	Important	6.5	5.7
CVE-2024-43538	No	No	-	-	Important	6.5	5.7
CVE-2024-43540	No	No	-	-	Important	6.5	5.7
CVE-2024-43542	No	No	-	-	Important	6.5	5.7
CVE-2024-43555	No	No	-	-	Important	6.5	5.7
CVE-2024-43557	No	No	-	-	Important	6.5	5.7
CVE-2024-43558	No	No	-	-	Important	6.5	5.7
CVE-2024-43559	No	No	-	-	Important	6.5	5.7
CVE-2024-43561	No	No	-	-	Important	6.5	5.7
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43525	No	No	-	-	Important	6.8	5.9
CVE-2024-43526	No	No	-	-	Important	6.8	5.9
CVE-2024-43543	No	No	-	-	Important	6.8	5.9
CVE-2024-43523	No	No	-	-	Important	6.8	5.9
CVE-2024-43524	No	No	-	-	Important	6.8	5.9
CVE-2024-43536	No	No	-	-	Important	6.8	5.9
Windows Netlogon Elevation of Privilege Vulnerability
CVE-2024-38124	No	No	-	-	Important	9.0	7.8
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43562	No	No	-	-	Important	7.5	6.5
CVE-2024-43565	No	No	-	-	Important	7.5	6.5
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-43545	No	No	-	-	Important	7.5	6.5
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-43529	No	No	-	-	Important	7.3	6.4
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38262	No	No	-	-	Important	7.5	6.5
Windows Remote Desktop Services Tampering Vulnerability
CVE-2024-43456	No	No	-	-	Important	4.8	4.2
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-43514	No	No	-	-	Important	7.8	6.8
Windows Resilient File System (ReFS) Information Disclosure Vulnerability
CVE-2024-43500	No	No	-	-	Important	5.5	4.8
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37976	No	No	-	-	Important	6.7	5.8
CVE-2024-37982	No	No	-	-	Important	6.7	5.8
CVE-2024-37983	No	No	-	-	Important	6.7	5.8
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38261	No	No	-	-	Important	7.8	6.8
CVE-2024-43608	No	No	-	-	Important	8.8	7.7
CVE-2024-43607	No	No	-	-	Important	8.8	7.7
CVE-2024-38265	No	No	-	-	Important	8.8	7.7
CVE-2024-43453	No	No	-	-	Important	8.8	7.7
CVE-2024-38212	No	No	-	-	Important	8.8	7.7
CVE-2024-43549	No	No	-	-	Important	8.8	7.7
CVE-2024-43564	No	No	-	-	Important	8.8	7.7
CVE-2024-43589	No	No	-	-	Important	8.8	8.1
CVE-2024-43592	No	No	-	-	Important	8.8	7.7
CVE-2024-43593	No	No	-	-	Important	8.8	7.7
CVE-2024-43611	No	No	-	-	Important	8.8	7.7
Windows Scripting Engine Security Feature Bypass Vulnerability
CVE-2024-43584	No	No	-	-	Important	7.7	6.7
Windows Secure Channel Spoofing Vulnerability
CVE-2024-43550	No	No	-	-	Important	7.4	6.4
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43516	No	No	-	-	Important	7.8	6.8
CVE-2024-43528	No	No	-	-	Important	7.8	6.8
Windows Shell Remote Code Execution Vulnerability
CVE-2024-43552	No	No	-	-	Important	7.3	6.4
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-43512	No	No	-	-	Important	6.5	5.7
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-43551	No	No	-	-	Important	7.8	6.8
Windows Telephony Server Remote Code Execution Vulnerability
CVE-2024-43518	No	No	-	-	Important	8.8	7.7
Winlogon Elevation of Privilege Vulnerability
CVE-2024-43583	Yes	No	-	-	Important	7.8	6.8

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

Keywords: microsoft

0 comment(s)

ISC Stormcast For Tuesday, October 8th, 2024 https://isc.sans.edu/podcastdetail/9170

Internet Storm Center

Microsoft Patch Tuesday - October 2024

Comments