Friday, November 22, 2024

A tumultuous, titanic Patch Tuesday as Microsoft makes some adjustments – Sophos Information

A number of months of relative calm are over for Home windows directors, as Microsoft on Tuesday launched 147 patches affecting ten product households. Home windows takes the lion’s share of patches with 90, with 38 for SQL Server (together with ten shared with Visible Studio). The remaining are unfold amongst .NET, 365, Azure, Defender for IoT, Workplace, Outlook, and SharePoint. There are three critical-severity points, all affecting Defender for IoT.

At patch time, three points, all important-severity faults affecting Home windows, are identified to be beneath lively exploit within the wild. One (CVE-2024-26234, a driver-related challenge reported to Microsoft by Sophos) is publicly disclosed, as we’ll talk about beneath. Eleven extra important-severity vulnerabilities in Home windows are by the corporate’s estimation extra more likely to be exploited within the subsequent 30 days. Six of the problems addressed are amenable to detection by Sophos protections, and we embrace info on these in a desk beneath.

Along with these patches, the discharge contains advisory info on 5 patches associated to the Edge browser and 5 from Intel, Lenovo, and Purple Hat; the recurrently scheduled servicing stack updates are additionally included in advisory materials this month. We don’t embrace advisories within the CVE counts and graphics beneath, however we offer info on all of them in an appendix on the finish of the article. We’re as normal together with on the finish of this put up three different appendices itemizing all Microsoft’s patches, sorted by severity, by predicted exploitability, and by product household.

By the numbers

  • Complete Microsoft CVEs: 147
  • Complete Edge / Chrome advisory points lined in replace: 5
  • Complete non-Edge, non-Microsoft advisory points overed in replace: 5
  • Publicly disclosed: 1
  • Presently exploited: 3
  • Severity
    • Vital: 3
    • Necessary: 142
    • Reasonable: 2
  • Affect
    • Distant Code Execution: 67
    • Elevation of Privilege: 31
    • Safety Characteristic Bypass: 27
    • Data Disclosure: 12
    • Denial of Service: 7
    • Spoofing: 3

A bar chart showing the severity of April 2024 Microsoft patches, sorted by impact; information is replicated in text

Determine 1: RCEs got here roaring to the forefront this month, however Safety Characteristic Bypass makes a formidable exhibiting (extra on that in a bit)

Merchandise

  • Home windows: 90
  • SQL Server: 38 (together with 10 shared with Visible Studio)
  • Visible Studio: 11 (together with 10 shared with SQL Server and one shared with .NET)
  • Azure: 9
  • Defender for IoT: 6
  • .NET: 1 (shared with Visible Studio)
  • 365: 1 (shared with Workplace)
  • Workplace: 1 (shared with 365)
  • Outlook: 1
  • SharePoint: 1

A bar chart showing the severity of April 2024 Microsoft patches, sorted by product family; information is replicated in text

Determine 2: Home windows accounts for just below two-thirds of the April 2024 patches, with 9 different product households additionally within the combine (however 5 of these receiving only one patch)

Notable April updates and themes

Along with the problems mentioned above, just a few particular gadgets advantage consideration.

Startup Points Stack Up

Safe Boot Safety Characteristic Bypass Vulnerability – 24 patches
BitLocker Safety Characteristic Bypass Vulnerability – 1 patch
Lenovo: CVE-2024-23593 Zero Out Boot Supervisor and drop to UEFI Shell – 1 patch
Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi – 1 patch

Safe Boot and BitLocker are having an fascinating month. All 25 Microsoft patches are important-severity points. Microsoft says that none of them are at present beneath lively exploitation and that they consider exploitation is much less probably within the 30 days after launch. The 2 points from Lenovo are likewise associated besides processes, are characterised by Microsoft as important-severity Safety Characteristic Bypass faults and are considered much less more likely to be exploited inside the subsequent 30 days. (It ought to be famous that Microsoft mentions the Lenovo releases merely as advisory info.)

CVE-2024-26234 – Proxy Driver Spoofing Vulnerability

As talked about above, again in December, Sophos X-Ops opened an investigation of a suspicious-looking executable that claimed to be signed by a legitimate Microsoft {Hardware} Writer Certificates. You possibly can examine what occurred subsequent in our writeup of what we found. For Microsoft’s half, the corporate has added the related information to its rolling revocation listing, which is up to date on this patch cycle beneath this CVE. It’s the sole challenge this month that’s thought-about to be publicly disclosed.

A Robust Month for SQL Server

Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability – 13 patches
Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability – 24 patches
Microsoft WDAC OLE DB Supplier for SQL Server Distant Code Execution Vulnerability – 3 patches
Microsoft WDAC SQL Server ODBC Driver Distant Code Execution Vulnerability – 1 patch

These 41 patches are all important-severity points with CVE numbers probably assigned from Microsoft’s CAN block (virtually all of them are sequential, which normally signifies that they have been drawn from the identical block at about the identical time). Microsoft says that none of them are at present beneath lively exploitation and that they consider exploitation is much less probably within the 30 days after launch.

A bar chart showing the severity of all 2024 Microsoft patches, sorted by impact

Determine 3: Safety Characteristic Bypass leaps to 3rd place within the cumulative patch totals for 2024, although RCE nonetheless leads the pack

Sophos protections

CVE Sophos Intercept X/Endpoint IPS Sophos XGS Firewall
CVE-2024-26209 Exp/2426209-A Exp/2426209-A
CVE-2024-26211 Exp/2426211-A Exp/2426211-A
CVE-2024-26212 Exp/2426212-A sid:2309495
CVE-2024-26218 Exp/2426218-A Exp/2426218-A
CVE-2024-26230 Exp/2426230-A Exp/2426230-A
CVE-2024-26234 Mal/Proxcat-A N/A

 

As you may each month, should you don’t need to wait in your system to tug down Microsoft’s updates itself, you may obtain them manually from the Home windows Replace Catalog web site. Run the winver.exe device to find out which construct of Home windows 10 or 11 you’re working, then obtain the Cumulative Replace package deal in your particular system’s structure and construct quantity.

Appendix A: Vulnerability Affect and Severity

It is a listing of April patches sorted by affect, then sub-sorted by severity. Every listing is additional organized by CVE. In an effort to maintain our readers knowledgeable, we additionally present CVSS base and temp scores as these change into out there, since these might differ from Microsoft’s self-assessments.

Distant Code Execution (68 CVEs)

 

Vital severity
CVE-2024-21322 Microsoft Defender for IoT Distant Code Execution Vulnerability
CVE-2024-21323 Microsoft Defender for IoT Distant Code Execution Vulnerability
CVE-2024-29053 Microsoft Defender for IoT Distant Code Execution Vulnerability
Necessary severity
CVE-2024-20678 Distant Process Name Runtime Distant Code Execution Vulnerability
CVE-2024-21409 .NET, .NET Framework, and Visible Studio Distant Code Execution Vulnerability
CVE-2024-26179 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability
CVE-2024-26193 Azure Migrate Distant Code Execution Vulnerability
CVE-2024-26195 DHCP Server Service Distant Code Execution Vulnerability
CVE-2024-26200 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability
CVE-2024-26202 DHCP Server Service Distant Code Execution Vulnerability
CVE-2024-26205 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability
CVE-2024-26208 Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability
CVE-2024-26210 Microsoft WDAC OLE DB Supplier for SQL Server Distant Code Execution Vulnerability
CVE-2024-26214 Microsoft WDAC SQL Server ODBC Driver Distant Code Execution Vulnerability
CVE-2024-26221 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26222 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26223 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26224 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26227 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26231 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26232 Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability
CVE-2024-26233 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26244 Microsoft WDAC OLE DB Supplier for SQL Server Distant Code Execution Vulnerability
CVE-2024-26252 Home windows rndismp6.sys Distant Code Execution Vulnerability
CVE-2024-26253 Home windows rndismp6.sys Distant Code Execution Vulnerability
CVE-2024-26256 libarchive Distant Code Execution Vulnerability
CVE-2024-26257 Microsoft Excel Distant Code Execution Vulnerability
CVE-2024-28906 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28908 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28909 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28910 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28911 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28912 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28913 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28914 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28915 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28926 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28927 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28929 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28930 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28931 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28932 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28933 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28934 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28935 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28936 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28937 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28938 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28939 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28940 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28941 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28942 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28943 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28944 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28945 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29043 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29044 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29045 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29046 Microsoft WDAC OLE DB Supplier for SQL Server Distant Code Execution Vulnerability
CVE-2024-29047 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29048 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29050 Home windows Cryptographic Companies Distant Code Execution Vulnerability
CVE-2024-29066 Home windows Distributed File System (DFS) Distant Code Execution Vulnerability
CVE-2024-29982 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29983 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29984 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29985 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability

 

Elevation of Privilege (31 CVEs)

Necessary severity
CVE-2024-20693 Home windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21324 Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-21424 Azure Compute Gallery Elevation of Privilege Vulnerability
CVE-2024-21447 Home windows Authentication Elevation of Privilege Vulnerability
CVE-2024-26158 Microsoft Set up Service Elevation of Privilege Vulnerability
CVE-2024-26211 Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability
CVE-2024-26213 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-26216 Home windows File Server Useful resource Administration Service Elevation of Privilege Vulnerability
CVE-2024-26218 Home windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26229 Home windows CSC Service Elevation of Privilege Vulnerability
CVE-2024-26230 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26235 Home windows Replace Stack Elevation of Privilege Vulnerability
CVE-2024-26236 Home windows Replace Stack Elevation of Privilege Vulnerability
CVE-2024-26237 Home windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2024-26239 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26241 Win32k Elevation of Privilege Vulnerability
CVE-2024-26242 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26243 Home windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-26245 Home windows SMB Elevation of Privilege Vulnerability
CVE-2024-26248 Home windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-28904 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28905 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28907 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28917 Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
CVE-2024-29052 Home windows Storage Elevation of Privilege Vulnerability
CVE-2024-29054 Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29055 Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29056 Home windows Authentication Elevation of Privilege Vulnerability
CVE-2024-29989 Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-29990 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-29993 Azure CycleCloud Elevation of Privilege Vulnerability

 

Safety Characteristic Bypass (26 CVEs)

Necessary severity
CVE-2024-20665 BitLocker Safety Characteristic Bypass Vulnerability
CVE-2024-20669 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-20688 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-20689 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26168 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26171 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26175 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26180 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26189 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26194 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26228 Home windows Cryptographic Companies Safety Characteristic Bypass Vulnerability
CVE-2024-26240 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26250 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28896 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28897 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28898 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28903 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28919 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28920 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28921 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28922 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28923 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28924 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28925 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-29061 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-29062 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-29988 Web Shortcut Information Safety Characteristic Bypass Vulnerability

 

Data Disclosure (12 CVEs)

Necessary severity
CVE-2024-26172 Microsoft DWM Core Library Data Disclosure Vulnerability
CVE-2024-26207 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-26209 Microsoft Native Safety Authority Subsystem Service Data Disclosure Vulnerability
CVE-2024-26217 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-26220 Home windows Cellular Hotspot Data Disclosure Vulnerability
CVE-2024-26226 Home windows Distributed File System (DFS) Data Disclosure Vulnerability
CVE-2024-26255 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-28900 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-28901 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-28902 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-29063 Azure AI Search Data Disclosure Vulnerability
CVE-2024-29992 Azure Identification Library for .NET Data Disclosure Vulnerability

 

Denial of Service (7 CVEs)

Necessary severity
CVE-2024-26183 Home windows Kerberos Denial of Service Vulnerability
CVE-2024-26212 DHCP Server Service Denial of Service Vulnerability
CVE-2024-26215 DHCP Server Service Denial of Service Vulnerability
CVE-2024-26219 HTTP.sys Denial of Service Vulnerability
CVE-2024-26254 Microsoft Digital Machine Bus (VMBus) Denial of Service Vulnerability
CVE-2024-29064 Home windows Hyper-V Denial of Service Vulnerability
Reasonable severity
CVE-2024-20685 Azure Personal 5G Core Denial of Service Vulnerability

 

Spoofing (3 CVEs)

Necessary severity
CVE-2024-20670 Outlook for Home windows Spoofing Vulnerability
CVE-2024-26234 Proxy Driver Spoofing Vulnerability
CVE-2024-26251 Microsoft SharePoint Server Spoofing Vulnerability

 

 

Appendix B: Exploitability

It is a listing of the April CVEs already beneath exploit within the wild, and people judged by Microsoft to be extra more likely to be exploited within the wild inside the first 30 days post-release. The listing is organized by CVE.

Exploitation detected
CVE-2024-26234 Proxy Driver Spoofing Vulnerability
CVE-2024-28903 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28921 Safe Boot Safety Characteristic Bypass Vulnerability
Exploitation extra probably inside the subsequent 30 days
CVE-2024-26158 Microsoft Set up Service Elevation of Privilege Vulnerability
CVE-2024-26209 Microsoft Native Safety Authority Subsystem Service Data Disclosure Vulnerability
CVE-2024-26211 Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability
CVE-2024-26212 DHCP Server Service Denial of Service Vulnerability
CVE-2024-26218 Home windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26230 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26239 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26241 Win32k Elevation of Privilege Vulnerability
CVE-2024-26256 libarchive Distant Code Execution Vulnerability
CVE-2024-29056 Home windows Authentication Elevation of Privilege Vulnerability
CVE-2024-29988 Web Shortcut Information Safety Characteristic Bypass Vulnerability

 

Appendix C: Merchandise Affected

It is a listing of April’s patches sorted by product household, then sub-sorted by severity. Every listing is additional organized by CVE. Patches which can be shared amongst a number of product households are listed a number of instances, as soon as for every product household.

Home windows (90 CVEs)

Necessary severity
CVE-2024-20665 BitLocker Safety Characteristic Bypass Vulnerability
CVE-2024-20669 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-20678 Distant Process Name Runtime Distant Code Execution Vulnerability
CVE-2024-20688 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-20689 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-20693 Home windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21447 Home windows Authentication Elevation of Privilege Vulnerability
CVE-2024-26158 Microsoft Set up Service Elevation of Privilege Vulnerability
CVE-2024-26168 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26171 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26172 Microsoft DWM Core Library Data Disclosure Vulnerability
CVE-2024-26175 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26179 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability
CVE-2024-26180 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26183 Home windows Kerberos Denial of Service Vulnerability
CVE-2024-26189 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26194 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26195 DHCP Server Service Distant Code Execution Vulnerability
CVE-2024-26200 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability
CVE-2024-26202 DHCP Server Service Distant Code Execution Vulnerability
CVE-2024-26205 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability
CVE-2024-26207 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-26208 Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability
CVE-2024-26209 Microsoft Native Safety Authority Subsystem Service Data Disclosure Vulnerability
CVE-2024-26210 Microsoft WDAC OLE DB Supplier for SQL Server Distant Code Execution Vulnerability
CVE-2024-26211 Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability
CVE-2024-26212 DHCP Server Service Denial of Service Vulnerability
CVE-2024-26213 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-26214 Microsoft WDAC SQL Server ODBC Driver Distant Code Execution Vulnerability
CVE-2024-26215 DHCP Server Service Denial of Service Vulnerability
CVE-2024-26216 Home windows File Server Useful resource Administration Service Elevation of Privilege Vulnerability
CVE-2024-26217 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-26218 Home windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26219 HTTP.sys Denial of Service Vulnerability
CVE-2024-26220 Home windows Cellular Hotspot Data Disclosure Vulnerability
CVE-2024-26221 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26222 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26223 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26224 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26226 Home windows Distributed File System (DFS) Data Disclosure Vulnerability
CVE-2024-26227 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26228 Home windows Cryptographic Companies Safety Characteristic Bypass Vulnerability
CVE-2024-26229 Home windows CSC Service Elevation of Privilege Vulnerability
CVE-2024-26230 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26231 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26232 Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability
CVE-2024-26233 Home windows DNS Server Distant Code Execution Vulnerability
CVE-2024-26234 Proxy Driver Spoofing Vulnerability
CVE-2024-26235 Home windows Replace Stack Elevation of Privilege Vulnerability
CVE-2024-26236 Home windows Replace Stack Elevation of Privilege Vulnerability
CVE-2024-26237 Home windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2024-26239 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26240 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26241 Win32k Elevation of Privilege Vulnerability
CVE-2024-26242 Home windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26243 Home windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-26244 Microsoft WDAC OLE DB Supplier for SQL Server Distant Code Execution Vulnerability
CVE-2024-26245 Home windows SMB Elevation of Privilege Vulnerability
CVE-2024-26248 Home windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-26250 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-26252 Home windows rndismp6.sys Distant Code Execution Vulnerability
CVE-2024-26253 Home windows rndismp6.sys Distant Code Execution Vulnerability
CVE-2024-26254 Microsoft Digital Machine Bus (VMBus) Denial of Service Vulnerability
CVE-2024-26255 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-26256 libarchive Distant Code Execution Vulnerability
CVE-2024-28896 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28897 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28898 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28900 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-28901 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-28902 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability
CVE-2024-28903 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28904 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28905 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28907 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28919 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28920 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28921 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28922 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28923 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28924 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-28925 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-29050 Home windows Cryptographic Companies Distant Code Execution Vulnerability
CVE-2024-29052 Home windows Storage Elevation of Privilege Vulnerability
CVE-2024-29056 Home windows Authentication Elevation of Privilege Vulnerability
CVE-2024-29061 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-29062 Safe Boot Safety Characteristic Bypass Vulnerability
CVE-2024-29064 Home windows Hyper-V Denial of Service Vulnerability
CVE-2024-29066 Home windows Distributed File System (DFS) Distant Code Execution Vulnerability
CVE-2024-29988 Web Shortcut Information Safety Characteristic Bypass Vulnerability

 

SQL Server (38 CVEs)

Necessary severity
CVE-2024-28906 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28908 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28909 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28910 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28911 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28912 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28913 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28914 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28915 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28926 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28927 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28929 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28930 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28931 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28932 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28933 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28934 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28935 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28936 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28937 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28938 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28939 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28940 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28941 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28942 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28943 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28944 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28945 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29043 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29044 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29045 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29046 Microsoft WDAC OLE DB Supplier for SQL Server Distant Code Execution Vulnerability
CVE-2024-29047 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29048 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29982 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29983 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29984 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-29985 Microsoft OLE DB Driver for SQL Server Distant Code Execution Vulnerability

 

Visible Studio (11 CVEs)

Necessary severity
CVE-2024-21409 .NET, .NET Framework, and Visible Studio Distant Code Execution Vulnerability
CVE-2024-28929 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28930 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28931 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28932 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28933 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28934 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28935 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28936 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28937 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability
CVE-2024-28938 Microsoft ODBC Driver for SQL Server Distant Code Execution Vulnerability

 

Azure (9 CVEs)

Necessary severity
CVE-2024-21424 Azure Compute Gallery Elevation of Privilege Vulnerability
CVE-2024-26193 Azure Migrate Distant Code Execution Vulnerability
CVE-2024-28917 Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
CVE-2024-29063 Azure AI Search Data Disclosure Vulnerability
CVE-2024-29989 Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-29990 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-29993 Azure CycleCloud Elevation of Privilege Vulnerability
Reasonable severity
CVE-2024-20685 Azure Personal 5G Core Denial of Service Vulnerability
CVE-2024-29992 Azure Identification Library for .NET Data Disclosure Vulnerability

 

Defender (6 CVEs)

Vital severity
CVE-2024-21322 Microsoft Defender for IoT Distant Code Execution Vulnerability
CVE-2024-21323 Microsoft Defender for IoT Distant Code Execution Vulnerability
CVE-2024-29053 Microsoft Defender for IoT Distant Code Execution Vulnerability
Necessary severity
CVE-2024-21324 Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29054 Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29055 Microsoft Defender for IoT Elevation of Privilege Vulnerability

 

.NET (1 CVE)

Necessary severity
CVE-2024-21409 .NET, .NET Framework, and Visible Studio Distant Code Execution Vulnerability

 

365 (1 CVE)

Necessary severity
CVE-2024-26257 Microsoft Excel Distant Code Execution Vulnerability

 

Workplace (1 CVE)

Necessary severity
CVE-2024-26257 Microsoft Excel Distant Code Execution Vulnerability

 

Outlook (1 CVE)

Necessary severity
CVE-2024-20670 Outlook for Home windows Spoofing Vulnerability

 

SharePoint (1 CVE)

Necessary severity
CVE-2024-26251 Microsoft SharePoint Server Spoofing Vulnerability

 

Appendix D: Advisories and Different Merchandise

It is a listing of advisories and data on different related CVEs within the April Microsoft launch, sorted by product.

Related to Edge / Chromium (5 CVEs)

CVE-2024-3156 Chromium: CVE-2024-3156 Inappropriate implementation in V8
CVE-2024-3158 Chromium: CVE-2024-3158 Use after free in Bookmarks
CVE-2024-3159 Chromium: CVE-2024-3159 Out of bounds reminiscence entry in V8
CVE-2024-29049 Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVE-2024-29981 Microsoft Edge (Chromium-based) Spoofing Vulnerability

 

Related to Home windows (non-Microsoft launch) (5 CVEs)

CVE-2019-3816 Purple Hat: <unnamed CBL Mariner path transversal challenge>
CVE-2019-3833 Purple Hat: <unnamed CBL Mariner infinite loop challenge>
CVE-2024-2201 Intel: CVE-2024-2201 Aspect Channel Execution
CVE-2024-23593 Lenovo: CVE-2024-23593 Zero Out Boot Supervisor and drop to UEFI Shell
CVE-2024-23594 Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi

 

Different

ADV990001 Newest Servicing Stack Updates

 

 

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles