Microsoft Patch Tuesday July 2024
Microsoft today released patches for 142 vulnerabilities. Only four of the vulnerabilities are rated as "critical". There are two vulnerabilities that have already been discussed and two that have already been exploited.
Noteworthy Vulnerabilities:
CVE-2024-38080: Windows Hyper-V Elevation of Privilege Vulnerability (exploited vulnerability)
An attacker can obtain SYSTEM privilege by exploiting this integer overflow.
CVE-2024-38112: Windows MSHTML Platform Spoofing Vulnerability
I haven't seen any details disclosed yet. However, these vulnerabilities typically make it difficult to identify the nature and origin of an attachment. A victim may be tricked into opening a malicious attachment, leading to code execution. There have been numerous similar vulnerabilities in the past.
CVE-2024-35264: .NET and Visual Studio Remote Code Execution Vulnerability (disclosed vulnerability)
CVSS score for this vulnerability is 8.1. It is not considered critical. The vulnerability is exploited by closing an http/3 connection while the body is still being processed. The attacker must take advantage of a race condition to execute code.
CVE-2024-37985: Systematic Identification and Characterization of Proprietary Prefetchers (disclosed vulnerability)
This vulnerability only affects ARM systems. An attacker would be able to view privileged heap memory.
CVE-2024-38074, CVE-2024-38076, CVE-2024-38077: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
Three of the four critical vulnerabilities affect the RDP Licensing Service. Watch our for PoC exploits for this vulnerability.
CVE-2024-38060: Windows Imaging Component Remote Code Execution Vulnerability
The WIC is the Windows framework used to parse images and related metadata. Toe trigger the vulnerability, an authenticated attacker must upload a TIFF image to a server.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET Core and Visual Studio Denial of Service Vulnerability | |||||||
CVE-2024-30105 | No | No | - | - | Important | 7.5 | 6.5 |
.NET and Visual Studio Denial of Service Vulnerability | |||||||
CVE-2024-38095 | No | No | - | - | Important | 7.5 | 6.5 |
.NET and Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2024-35264 | Yes | No | - | - | Important | 8.1 | 7.1 |
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2024-38081 | No | No | - | - | Important | 7.3 | 6.4 |
Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers | |||||||
CVE-2024-37985 | Yes | No | - | - | Important | 5.9 | 5.2 |
Azure CycleCloud Elevation of Privilege Vulnerability | |||||||
CVE-2024-38092 | No | No | - | - | Important | 8.8 | 7.9 |
Azure DevOps Server Spoofing Vulnerability | |||||||
CVE-2024-35266 | No | No | - | - | Important | 7.6 | 6.6 |
CVE-2024-35267 | No | No | - | - | Important | 7.6 | 6.6 |
Azure Kinect SDK Remote Code Execution Vulnerability | |||||||
CVE-2024-38086 | No | No | - | - | Important | 6.4 | 5.6 |
Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | |||||||
CVE-2024-35261 | No | No | - | - | Important | 7.8 | 7.0 |
BitLocker Security Feature Bypass Vulnerability | |||||||
CVE-2024-38058 | No | No | - | - | Important | 6.8 | 5.9 |
CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability | |||||||
CVE-2024-3596 | No | No | - | - | Important | 7.5 | 6.5 |
DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability | |||||||
CVE-2024-38061 | No | No | - | - | Important | 7.5 | 6.5 |
DHCP Server Service Remote Code Execution Vulnerability | |||||||
CVE-2024-38044 | No | No | - | - | Important | 7.2 | 6.3 |
Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability | |||||||
CVE-2024-38517 | No | No | - | - | Moderate | 7.8 | 6.8 |
Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability | |||||||
CVE-2024-39684 | No | No | - | - | Moderate | 7.8 | 6.8 |
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-38054 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-38052 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-38057 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Defender for IoT Elevation of Privilege Vulnerability | |||||||
CVE-2024-38089 | No | No | - | - | Important | 9.1 | 7.9 |
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | |||||||
CVE-2024-30061 | No | No | - | - | Important | 7.3 | 6.4 |
Microsoft Message Queuing Information Disclosure Vulnerability | |||||||
CVE-2024-38017 | No | No | - | - | Important | 5.5 | 5.0 |
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2024-37334 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Office Remote Code Execution Vulnerability | |||||||
CVE-2024-38021 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Outlook Spoofing Vulnerability | |||||||
CVE-2024-38020 | No | No | - | - | Moderate | 6.5 | 5.7 |
Microsoft SharePoint Remote Code Execution Vulnerability | |||||||
CVE-2024-38094 | No | No | - | - | Important | 7.2 | 6.3 |
Microsoft SharePoint Server Information Disclosure Vulnerability | |||||||
CVE-2024-32987 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2024-38023 | No | No | - | - | Critical | 7.2 | 6.3 |
CVE-2024-38024 | No | No | - | - | Important | 7.2 | 6.3 |
Microsoft WS-Discovery Denial of Service Vulnerability | |||||||
CVE-2024-38091 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Windows Codecs Library Information Disclosure Vulnerability | |||||||
CVE-2024-38055 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-38056 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | |||||||
CVE-2024-38025 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-38019 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-38028 | No | No | - | - | Important | 7.2 | 6.3 |
Microsoft Windows Server Backup Elevation of Privilege Vulnerability | |||||||
CVE-2024-38013 | No | No | - | - | Important | 6.7 | 5.8 |
Microsoft Xbox Remote Code Execution Vulnerability | |||||||
CVE-2024-38032 | No | No | - | - | Important | 7.1 | 6.2 |
PowerShell Elevation of Privilege Vulnerability | |||||||
CVE-2024-38043 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-38033 | No | No | - | - | Important | 7.3 | 6.4 |
CVE-2024-38047 | No | No | - | - | Important | 7.8 | 6.8 |
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||||
CVE-2024-38088 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-38087 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21332 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21333 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21335 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21373 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21398 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21414 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21415 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21428 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37318 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37332 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37331 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-35271 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-35272 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-20701 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21303 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21308 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21317 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21331 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21425 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37319 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37320 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37321 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37322 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37323 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37324 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21449 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37326 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37327 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37328 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37329 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37330 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37333 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37336 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28928 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-35256 | No | No | - | - | Important | 8.8 | 7.7 |
Secure Boot Security Feature Bypass Vulnerability | |||||||
CVE-2024-28899 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-37969 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37970 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37974 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37981 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37986 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37987 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-26184 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-37971 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37972 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37973 | No | No | - | - | Important | 8.4 | 7.3 |
CVE-2024-37975 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37977 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37978 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37984 | No | No | - | - | Important | 8.4 | 7.3 |
CVE-2024-37988 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-37989 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-38010 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-38011 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-38065 | No | No | - | - | Important | 6.8 | 5.9 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2024-38059 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Cryptographic Services Security Feature Bypass Vulnerability | |||||||
CVE-2024-30098 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | |||||||
CVE-2024-38049 | No | No | - | - | Important | 6.6 | 5.8 |
Windows Enroll Engine Security Feature Bypass Vulnerability | |||||||
CVE-2024-38069 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Fax Service Remote Code Execution Vulnerability | |||||||
CVE-2024-38104 | No | No | - | - | Important | 8.8 | 7.7 |
Windows File Explorer Elevation of Privilege Vulnerability | |||||||
CVE-2024-38100 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Filtering Platform Elevation of Privilege Vulnerability | |||||||
CVE-2024-38034 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||||
CVE-2024-38085 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-38079 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Graphics Component Remote Code Execution Vulnerability | |||||||
CVE-2024-38051 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Hyper-V Elevation of Privilege Vulnerability | |||||||
CVE-2024-38080 | No | Yes | - | - | Important | 7.8 | 6.8 |
Windows Image Acquisition Elevation of Privilege Vulnerability | |||||||
CVE-2024-38022 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Imaging Component Remote Code Execution Vulnerability | |||||||
CVE-2024-38060 | No | No | - | - | Critical | 8.8 | 7.7 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2024-38041 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-38062 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | |||||||
CVE-2024-38102 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-38101 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-38105 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | |||||||
CVE-2024-38053 | No | No | - | - | Important | 8.8 | 7.7 |
Windows Line Printer Daemon Service Denial of Service Vulnerability | |||||||
CVE-2024-38027 | No | No | - | - | Important | 6.5 | 5.7 |
Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability | |||||||
CVE-2024-38070 | No | No | - | - | Important | 7.8 | 6.8 |
Windows MSHTML Platform Spoofing Vulnerability | |||||||
CVE-2024-38112 | No | Yes | - | - | Important | 7.5 | 7.0 |
Windows MultiPoint Services Remote Code Execution Vulnerability | |||||||
CVE-2024-30013 | No | No | - | - | Important | 8.8 | 7.7 |
Windows NTLM Spoofing Vulnerability | |||||||
CVE-2024-30081 | No | No | - | - | Important | 7.1 | 6.2 |
Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability | |||||||
CVE-2024-38048 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | |||||||
CVE-2024-38031 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-38067 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-38068 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||||||
CVE-2024-30079 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||||
CVE-2024-30071 | No | No | - | - | Important | 4.7 | 4.1 |
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | |||||||
CVE-2024-38015 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Remote Desktop Licensing Service Denial of Service Vulnerability | |||||||
CVE-2024-38071 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-38072 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-38073 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-38099 | No | No | - | - | Important | 5.9 | 5.2 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | |||||||
CVE-2024-38077 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2024-38074 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2024-38076 | No | No | - | - | Critical | 9.8 | 8.5 |
Windows TCP/IP Information Disclosure Vulnerability | |||||||
CVE-2024-38064 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Text Services Framework Elevation of Privilege Vulnerability | |||||||
CVE-2024-21417 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Windows Themes Spoofing Vulnerability | |||||||
CVE-2024-38030 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2024-38066 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Workstation Service Elevation of Privilege Vulnerability | |||||||
CVE-2024-38050 | No | No | - | - | Important | 7.8 | 6.8 |
Windows iSCSI Service Denial of Service Vulnerability | |||||||
CVE-2024-35270 | No | No | - | - | Important | 5.3 | 4.6 |
Xbox Wireless Adapter Remote Code Execution Vulnerability | |||||||
CVE-2024-38078 | No | No | - | - | Important | 7.5 | 6.5 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments