Microsoft Patch Tuesday - October 2024
Microsoft today released patches for 117 vulnerabilities. Three additional vulnerabilities apply to Chromium/Edge. Another three vulnerabilities are rated critical.
Five of the vulnerabilities were disclosed before today. Two vulnerabilities were not only disclosed but also exploited, according to Microsoft
Notable Vulnerabilities:
Microsoft Management Console Remote Code Execution Vulnerability (CVE-2024-43572)
To Exploit this vulnerability, the attacker must convince the victim to open a malicious file.
Open Source Curl Remote Code Execution Vulnerability (CVE-2024-6197)
This vulnerability was disclosed and patched in libcurl back in July. Accordng to curl.se, the most likely outcome is a crash, but code execution can not be ruled out.
Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2024-20659)
The vulnerability allows an attacker to bypass the UEFI on the host machine and compromise the hypervisor and the secure kernel. Exploitation requires a reboot at the right time.
Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43573)
yet another Windows MSHTML Platform Spoofing vulnerability. Fourth 0-day just this year in this component. APT actors usually use these issues to make downloading and executing malware more likely.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET and Visual Studio Denial of Service Vulnerability | |||||||
CVE-2024-43485 | No | No | - | - | Important | 7.5 | 6.5 |
.NET and Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2024-38229 | No | No | - | - | Important | 8.1 | 7.1 |
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | |||||||
CVE-2024-43483 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-43484 | No | No | - | - | Important | 7.5 | 6.5 |
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | |||||||
CVE-2024-43591 | No | No | - | - | Important | 8.7 | 7.6 |
Azure Monitor Agent Elevation of Privilege Vulnerability | |||||||
CVE-2024-38097 | No | No | - | - | Important | 7.1 | 6.2 |
Azure Service Fabric for Linux Remote Code Execution Vulnerability | |||||||
CVE-2024-43480 | No | No | - | - | Important | 6.6 | 5.8 |
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability | |||||||
CVE-2024-38179 | No | No | - | - | Important | 8.8 | 7.7 |
BitLocker Security Feature Bypass Vulnerability | |||||||
CVE-2024-43513 | No | No | - | - | Important | 6.4 | 5.6 |
BranchCache Denial of Service Vulnerability | |||||||
CVE-2024-43506 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-38149 | No | No | - | - | Important | 7.5 | 6.5 |
Chromium: CVE-2024-7025 Integer overflow in Layout | |||||||
CVE-2024-7025 | No | No | - | - | - | ||
Chromium: CVE-2024-9369 Insufficient data validation in Mojo | |||||||
CVE-2024-9369 | No | No | - | - | - | ||
Chromium: CVE-2024-9370 Inappropriate implementation in V8 | |||||||
CVE-2024-9370 | No | No | - | - | - | ||
Code Integrity Guard Security Feature Bypass Vulnerability | |||||||
CVE-2024-43585 | No | No | - | - | Important | 5.5 | 4.8 |
DeepSpeed Remote Code Execution Vulnerability | |||||||
CVE-2024-43497 | No | No | - | - | Important | 8.4 | 7.3 |
Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability | |||||||
CVE-2024-43515 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | |||||||
CVE-2024-43517 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Configuration Manager Remote Code Execution Vulnerability | |||||||
CVE-2024-43468 | No | No | - | - | Critical | 9.8 | 8.5 |
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability | |||||||
CVE-2024-43614 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2024-43504 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Management Console Remote Code Execution Vulnerability | |||||||
CVE-2024-43572 | Yes | Yes | - | - | Important | 7.8 | 7.2 |
Microsoft Office Remote Code Execution Vulnerability | |||||||
CVE-2024-43576 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-43616 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Office Spoofing Vulnerability | |||||||
CVE-2024-43609 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft Office Visio Remote Code Execution Vulnerability | |||||||
CVE-2024-43505 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability | |||||||
CVE-2024-43581 | No | No | - | - | Important | 7.1 | 6.2 |
CVE-2024-43615 | No | No | - | - | Important | 7.1 | 6.2 |
CVE-2024-38029 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
CVE-2024-43503 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability | |||||||
CVE-2024-43541 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-43544 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | |||||||
CVE-2024-43574 | No | No | - | - | Important | 8.3 | 7.2 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2024-43519 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-43560 | No | No | - | - | Important | 7.8 | 6.8 |
NT OS Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2024-43553 | No | No | - | - | Important | 7.4 | 6.4 |
Open Source Curl Remote Code Execution Vulnerability | |||||||
CVE-2024-6197 | Yes | No | - | - | Important | 8.8 | 7.7 |
Outlook for Android Elevation of Privilege Vulnerability | |||||||
CVE-2024-43604 | No | No | - | - | Important | 5.7 | 5.0 |
Power BI Report Server Spoofing Vulnerability | |||||||
CVE-2024-43481 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43612 | No | No | - | - | Important | 6.9 | 6.0 |
Remote Desktop Client Remote Code Execution Vulnerability | |||||||
CVE-2024-43533 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43599 | No | No | - | - | Important | 8.8 | 7.7 |
Remote Desktop Protocol Server Remote Code Execution Vulnerability | |||||||
CVE-2024-43582 | No | No | - | - | Critical | 8.1 | 7.1 |
Remote Registry Service Elevation of Privilege Vulnerability | |||||||
CVE-2024-43532 | No | No | - | - | Important | 8.8 | 7.7 |
Sudo for Windows Spoofing Vulnerability | |||||||
CVE-2024-43571 | No | No | - | - | Important | 5.6 | 4.9 |
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability | |||||||
CVE-2024-43590 | No | No | - | - | Important | 7.8 | 6.8 |
Visual Studio Code extension for Arduino Remote Code Execution Vulnerability | |||||||
CVE-2024-43488 | No | No | - | - | Critical | 8.8 | 7.7 |
Visual Studio Code for Linux Remote Code Execution Vulnerability | |||||||
CVE-2024-43601 | No | No | - | - | Important | 7.1 | 6.2 |
Visual Studio Collector Service Denial of Service Vulnerability | |||||||
CVE-2024-43603 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||||
CVE-2024-43563 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-43501 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Cryptographic Information Disclosure Vulnerability | |||||||
CVE-2024-43546 | No | No | - | - | Important | 5.6 | 4.9 |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||||
CVE-2024-43509 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-43556 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Graphics Component Information Disclosure Vulnerability | |||||||
CVE-2024-43508 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-43534 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2024-43521 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-43567 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-43575 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2024-30092 | No | No | - | - | Important | 8.0 | 7.0 |
Windows Hyper-V Security Feature Bypass Vulnerability | |||||||
CVE-2024-20659 | Yes | No | - | - | Important | 7.1 | 6.6 |
Windows Kerberos Elevation of Privilege Vulnerability | |||||||
CVE-2024-38129 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Kerberos Information Disclosure Vulnerability | |||||||
CVE-2024-43547 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Kernel Denial of Service Vulnerability | |||||||
CVE-2024-43520 | No | No | - | - | Important | 5.0 | 4.4 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2024-43502 | No | No | - | - | Important | 7.1 | 6.2 |
CVE-2024-43527 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-37979 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-43511 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2024-43570 | No | No | - | - | Important | 6.4 | 5.6 |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-43535 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Kernel-Mode Driver Information Disclosure Vulnerability | |||||||
CVE-2024-43554 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | |||||||
CVE-2024-43522 | No | No | - | - | Important | 7.0 | 6.1 |
Windows MSHTML Platform Spoofing Vulnerability | |||||||
CVE-2024-43573 | Yes | Yes | - | - | Moderate | 6.5 | 6.0 |
Windows Mobile Broadband Driver Denial of Service Vulnerability | |||||||
CVE-2024-43537 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43538 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43540 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43542 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43555 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43557 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43558 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43559 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-43561 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||||
CVE-2024-43525 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-43526 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-43543 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-43523 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-43524 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-43536 | No | No | - | - | Important | 6.8 | 5.9 |
Windows Netlogon Elevation of Privilege Vulnerability | |||||||
CVE-2024-38124 | No | No | - | - | Important | 9.0 | 7.8 |
Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||||||
CVE-2024-43562 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-43565 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | |||||||
CVE-2024-43545 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||||
CVE-2024-43529 | No | No | - | - | Important | 7.3 | 6.4 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | |||||||
CVE-2024-38262 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Remote Desktop Services Tampering Vulnerability | |||||||
CVE-2024-43456 | No | No | - | - | Important | 4.8 | 4.2 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | |||||||
CVE-2024-43514 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Resilient File System (ReFS) Information Disclosure Vulnerability | |||||||
CVE-2024-43500 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | |||||||
CVE-2024-37976 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-37982 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-37983 | No | No | - | - | Important | 6.7 | 5.8 |
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||||||
CVE-2024-38261 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-43608 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43607 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-38265 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43453 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-38212 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43549 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43564 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43589 | No | No | - | - | Important | 8.8 | 8.1 |
CVE-2024-43592 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43593 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-43611 | No | No | - | - | Important | 8.8 | 7.7 |
Windows Scripting Engine Security Feature Bypass Vulnerability | |||||||
CVE-2024-43584 | No | No | - | - | Important | 7.7 | 6.7 |
Windows Secure Channel Spoofing Vulnerability | |||||||
CVE-2024-43550 | No | No | - | - | Important | 7.4 | 6.4 |
Windows Secure Kernel Mode Elevation of Privilege Vulnerability | |||||||
CVE-2024-43516 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-43528 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Shell Remote Code Execution Vulnerability | |||||||
CVE-2024-43552 | No | No | - | - | Important | 7.3 | 6.4 |
Windows Standards-Based Storage Management Service Denial of Service Vulnerability | |||||||
CVE-2024-43512 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Storage Elevation of Privilege Vulnerability | |||||||
CVE-2024-43551 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Telephony Server Remote Code Execution Vulnerability | |||||||
CVE-2024-43518 | No | No | - | - | Important | 8.8 | 7.7 |
Winlogon Elevation of Privilege Vulnerability | |||||||
CVE-2024-43583 | Yes | No | - | - | Important | 7.8 | 6.8 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments