My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Microsoft Patch Tuesday June 2024

Published: 2024-06-11. Last Updated: 2024-06-11 19:06:06 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

Microsoft's June 2024 update fixes a total of 58 vulnerabilities. 7 of these vulnerabilities are associated with Chromium and Microsoft's Brave browser. Only one vulnerability is rated critical. One of the vulnerabilities had been disclosed before today.

Vulnerabilities of Interest:

CVE-2023-50868 NSEC closest enclosed proof can exhaust CPU: This issue became public in February. It affects not only Microsoft's DNS implementations but several other DNS servers. The vulnerability was made public by researchers from several German universities and research labs. They called it "KEYTRAP" and released a paper with details [1]

CVE-2024-30080 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability: MSMQ is the service that keeps on giving. The tricky part with MSMQ is that third party software often uses it. MSMQ usually listens on port port 1801/TCP. We do see a good amount of "background hum" on port 1801, and I do not see a good reason to expose it to the internet. 

 

[1] https://www.athene-center.de/en/keytrap

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
CVE-2024-35255 No No - - Important 5.5 4.8
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-35254 No No - - Important 7.1 6.2
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability
CVE-2024-37325 No No - - Important 8.1 7.3
Azure Storage Movement Client Library Denial of Service Vulnerability
CVE-2024-35252 No No - - Important 7.5 6.5
Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC
CVE-2024-5493 No No - - -    
Chromium: CVE-2024-5494 Use after free in Dawn
CVE-2024-5494 No No - - -    
Chromium: CVE-2024-5495 Use after free in Dawn
CVE-2024-5495 No No - - -    
Chromium: CVE-2024-5496 Use after free in Media Session
CVE-2024-5496 No No - - -    
Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs
CVE-2024-5497 No No - - -    
Chromium: CVE-2024-5498 Use after free in Presentation API
CVE-2024-5498 No No - - -    
Chromium: CVE-2024-5499 Out of bounds write in Streams API
CVE-2024-5499 No No - - -    
DHCP Server Service Denial of Service Vulnerability
CVE-2024-30070 No No - - Important 7.5 6.7
GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
CVE-2024-29187 No No - - Important 7.3 6.4
MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU
CVE-2023-50868 Yes No - - Important 7.5 6.5
Microsoft Azure File Sync Elevation of Privilege Vulnerability
CVE-2024-35253 No No - - Important 4.4 4.2
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2024-35263 No No - - Important 5.7 5.0
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-35248 No No - - Important 7.3 6.4
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
CVE-2024-35249 No No - - Important 8.8 7.7
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
CVE-2024-30072 No No - - Important 7.8 6.8
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-30080 No No - - Critical 9.8 8.5
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-30101 No No - - Important 7.5 6.5
CVE-2024-30102 No No - - Important 7.3 6.4
CVE-2024-30104 No No - - Important 7.8 6.8
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-30103 No No - - Important 8.8 7.7
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-30100 No No - - Important 7.8 6.8
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-30097 No No Less Likely Less Likely Important 8.8 7.7
Microsoft Streaming Service Elevation of Privilege Vulnerability
CVE-2024-30089 No No - - Important 7.8 6.8
CVE-2024-30090 No No - - Important 7.0 6.1
Visual Studio Elevation of Privilege Vulnerability
CVE-2024-29060 No No - - Important 6.7 5.8
Visual Studio Remote Code Execution Vulnerability
CVE-2024-30052 No No - - Important 4.7 4.1
Win32k Elevation of Privilege Vulnerability
CVE-2024-30082 No No - - Important 7.8 6.8
CVE-2024-30087 No No - - Important 7.8 6.8
CVE-2024-30091 No No - - Important 7.8 7.0
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2024-30085 No No - - Important 7.8 7.0
Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2024-30076 No No - - Important 6.8 5.9
Windows Cryptographic Services Information Disclosure Vulnerability
CVE-2024-30096 No No - - Important 5.5 4.8
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2024-30063 No No - - Important 6.7 5.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-30064 No No - - Important 8.8 7.7
CVE-2024-30068 No No - - Important 8.8 7.7
CVE-2024-30088 No No - - Important 7.0 6.3
CVE-2024-30099 No No - - Important 7.0 6.3
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-35250 No No - - Important 7.8 6.8
CVE-2024-30084 No No - - Important 7.0 6.1
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
CVE-2024-30074 No No - - Important 8.0 7.2
CVE-2024-30075 No No - - Important 8.0 7.0
Windows OLE Remote Code Execution Vulnerability
CVE-2024-30077 No No - - Important 8.0 7.0
Windows Perception Service Elevation of Privilege Vulnerability
CVE-2024-35265 No No - - Important 7.0 6.1
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-30069 No No - - Important 4.7 4.1
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30094 No No - - Important 7.8 6.8
CVE-2024-30095 No No - - Important 7.8 6.8
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-30083 No No - - Important 7.5 6.5
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
CVE-2024-30062 No No - - Important 7.8 7.0
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-30093 No No - - Important 7.3 6.4
Windows Themes Denial of Service Vulnerability
CVE-2024-30065 No No - - Important 5.5 4.8
Windows Wi-Fi Driver Remote Code Execution Vulnerability
CVE-2024-30078 No No - - Important 8.8 7.7
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-30086 No No - - Important 7.8 6.8
Winlogon Elevation of Privilege Vulnerability
CVE-2024-30066 No No - - Important 5.5 4.8
CVE-2024-30067 No No - - Important 5.5 4.8

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

0 comment(s)
My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Comments


Diary Archives