April 2024 Microsoft Patch Tuesday Summary, (Tue, Apr 9th)
2024-4-10 03:31:25 Author: isc.sans.edu(查看原文) 阅读量:77 收藏

This update covers a total of 157 vulnerabilities. Seven of these vulnerabilities are Chromium vulnerabilities affecting Microsoft's Edge browser. However, only three of these vulnerabilities are considered critical. One of the vulnerabilities had already been disclosed and exploited.

Vulnerabilities of Interest:

CVE-2024-26234: This proxy driver spoofing vulnerability has already been exploited and made public before today. 

CVE-2024-21322, CVE-2024-21323, CVE-2024-29053: These critical vulnerabilities allow remote code execution in Microsoft Defender for IoT.

The update patches about 40 (sorry, lost exact count) remote code execution vulnerabilities in Microsoft OLE Driver for SQL Server. These vulnerabilities are rated only "important", not "critical". The vulnerability affects clients connecting to malicious SQL servers. The client would be the target, not the server.

The seven important remote code execution vulnerabilities in the DNS Server Service look interesting. To achieve remote code execution, "perfect timing" is required according to Microsoft.

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Mariner: Openwsman Path Traversal and process_connection() DoS vulnerability.
CVE-2019-3816 No No - - - 7.5 7.5
CVE-2019-3833 No No - - - 7.5 7.5
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2024-21409 No No - - Important 7.3 6.4
Azure AI Search Information Disclosure Vulnerability
CVE-2024-29063 No No - - Important 7.3 6.6
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
CVE-2024-28917 No No - - Important 6.2 5.4
Azure Compute Gallery Elevation of Privilege Vulnerability
CVE-2024-21424 No No - - Important 6.5 5.7
Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2024-29993 No No - - Important 8.8 7.7
Azure Identity Library for .NET Information Disclosure Vulnerability
CVE-2024-29992 No No - - Moderate 5.5 5.3
Azure Migrate Remote Code Execution Vulnerability
CVE-2024-26193 No No - - Important 6.4 5.9
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-29989 No No - - Important 8.4 7.3
Azure Private 5G Core Denial of Service Vulnerability
CVE-2024-20685 No No - - Moderate 5.9 5.2
BitLocker Security Feature Bypass Vulnerability
CVE-2024-20665 No No - - Important 6.1 5.3
Chromium: CVE-2024-3156 Inappropriate implementation in V8
CVE-2024-3156 No No - - -    
Chromium: CVE-2024-3158 Use after free in Bookmarks
CVE-2024-3158 No No - - -    
Chromium: CVE-2024-3159 Out of bounds memory access in V8
CVE-2024-3159 No No - - -    
DHCP Server Service Denial of Service Vulnerability
CVE-2024-26212 No No - - Important 7.5 6.5
CVE-2024-26215 No No - - Important 7.5 7.2
DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-26195 No No - - Important 7.2 6.3
CVE-2024-26202 No No - - Important 7.2 6.3
HTTP.sys Denial of Service Vulnerability
CVE-2024-26219 No No - - Important 7.5 6.5
Intel: CVE-2024-2201 Branch History Injection
CVE-2024-2201 No No - - Important 4.7 4.1
Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell
CVE-2024-23593 No No - - Important 7.8 6.8
Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi
CVE-2024-23594 No No - - Important 6.4 5.6
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-29990 No No - - Important 9.0 8.1
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28905 No No - - Important 7.8 6.8
CVE-2024-26213 No No - - Important 7.0 6.1
CVE-2024-28904 No No - - Important 7.8 6.8
CVE-2024-28907 No No - - Important 7.8 6.8
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-21324 No No - - Important 7.2 6.3
CVE-2024-29055 No No - - Important 7.2 6.3
CVE-2024-29054 No No - - Important 7.2 6.3
Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2024-21322 No No - - Critical 7.2 6.3
CVE-2024-21323 No No - - Critical 8.8 7.7
CVE-2024-29053 No No - - Critical 8.8 7.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2024-29981 No No Less Likely Less Likely Low 4.3 3.9
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVE-2024-29049 No No Less Likely Less Likely Moderate 4.1 3.6
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-26257 No No - - Important 7.8 7.5
Microsoft Install Service Elevation of Privilege Vulnerability
CVE-2024-26158 No No - - Important 7.8 6.8
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2024-26209 No No - - Important 5.5 4.8
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-26232 No No - - Important 7.3 6.4
CVE-2024-26208 No No - - Important 7.2 6.3
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28929 No No - - Important 8.8 7.7
CVE-2024-28931 No No - - Important 8.8 7.7
CVE-2024-28932 No No - - Important 8.8 7.7
CVE-2024-28936 No No - - Important 8.8 7.7
CVE-2024-29043 No No - - Important 8.8 7.7
CVE-2024-28930 No No - - Important 8.8 7.7
CVE-2024-28933 No No - - Important 8.8 7.7
CVE-2024-28934 No No - - Important 8.8 7.7
CVE-2024-28935 No No - - Important 8.8 7.7
CVE-2024-28937 No No - - Important 8.8 7.7
CVE-2024-28938 No No - - Important 8.8 7.7
CVE-2024-28941 No No - - Important 8.8 7.7
CVE-2024-28943 No No - - Important 8.8 7.7
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28906 No No - - Important 8.8 7.7
CVE-2024-28908 No No - - Important 8.8 7.7
CVE-2024-28909 No No - - Important 8.8 7.7
CVE-2024-28910 No No - - Important 8.8 7.7
CVE-2024-28911 No No - - Important 8.8 7.7
CVE-2024-28912 No No - - Important 8.8 7.7
CVE-2024-28913 No No - - Important 8.8 7.7
CVE-2024-28914 No No - - Important 8.8 7.7
CVE-2024-28915 No No - - Important 8.8 7.7
CVE-2024-28939 No No - - Important 8.8 7.7
CVE-2024-28942 No No - - Important 8.8 7.7
CVE-2024-28945 No No - - Important 8.8 7.7
CVE-2024-29045 No No - - Important 7.5 6.5
CVE-2024-29047 No No - - Important 8.8 7.7
CVE-2024-28926 No No - - Important 8.8 7.7
CVE-2024-28927 No No - - Important 8.8 7.7
CVE-2024-28940 No No - - Important 8.8 7.7
CVE-2024-28944 No No - - Important 8.8 7.7
CVE-2024-29044 No No - - Important 8.8 7.7
CVE-2024-29046 No No - - Important 8.8 7.7
CVE-2024-29048 No No - - Important 8.8 7.7
CVE-2024-29982 No No - - Important 8.8 7.7
CVE-2024-29983 No No - - Important 8.8 7.7
CVE-2024-29984 No No - - Important 8.8 7.7
CVE-2024-29985 No No - - Important 8.8 7.7
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2024-26251 No No - - Important 6.8 6.5
Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
CVE-2024-26254 No No - - Important 7.5 6.5
Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-26210 No No - - Important 8.8 7.7
CVE-2024-26244 No No - - Important 8.8 7.7
Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability
CVE-2024-26214 No No - - Important 8.8 7.7
Outlook for Windows Spoofing Vulnerability
CVE-2024-20670 No No - - Important 8.1 7.1
Proxy Driver Spoofing Vulnerability
CVE-2024-26234 Yes Yes - - Important 6.7 5.8
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2024-20678 No No - - Important 8.8 7.7
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-20669 No No - - Important 6.7 5.8
CVE-2024-20688 No No - - Important 7.1 6.2
CVE-2024-20689 No No - - Important 7.1 6.2
CVE-2024-26250 No No - - Important 6.7 5.8
CVE-2024-28920 No No - - Important 7.8 6.8
CVE-2024-28922 No No - - Important 4.1 3.6
CVE-2024-28921 No No - - Important 6.7 5.8
CVE-2024-28919 No No - - Important 6.7 5.8
CVE-2024-28923 No No - - Important 6.4 5.6
CVE-2024-28896 No No - - Important 7.5 6.5
CVE-2024-28898 No No - - Important 6.3 5.5
CVE-2024-28903 No No - - Important 6.7 5.8
CVE-2024-26168 No No - - Important 6.8 5.9
CVE-2024-26171 No No - - Important 6.7 5.8
CVE-2024-26175 No No - - Important 7.8 6.8
CVE-2024-26180 No No - - Important 8.0 7.0
CVE-2024-26189 No No - - Important 8.0 7.0
CVE-2024-26194 No No - - Important 7.4 6.4
CVE-2024-26240 No No - - Important 8.0 7.0
CVE-2024-28924 No No - - Important 6.7 5.8
CVE-2024-28925 No No - - Important 8.0 7.0
CVE-2024-28897 No No - - Important 6.8 5.9
CVE-2024-29061 No No - - Important 7.8 6.8
CVE-2024-29062 No No - - Important 7.1 6.2
SmartScreen Prompt Security Feature Bypass Vulnerability
CVE-2024-29988 No No - - Important 8.8 8.2
Win32k Elevation of Privilege Vulnerability
CVE-2024-26241 No No - - Important 7.8 6.8
Windows Authentication Elevation of Privilege Vulnerability
CVE-2024-21447 No No - - Important 7.8 6.8
CVE-2024-29056 No No - - Important 4.3 3.8
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2024-26229 No No - - Important 7.8 6.8
Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2024-29050 No No - - Important 8.4 7.3
Windows Cryptographic Services Security Feature Bypass Vulnerability
CVE-2024-26228 No No - - Important 7.8 6.8
Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26221 No No - - Important 7.2 6.3
CVE-2024-26222 No No - - Important 7.2 6.3
CVE-2024-26223 No No - - Important 7.2 6.3
CVE-2024-26224 No No - - Important 7.2 6.3
CVE-2024-26227 No No - - Important 7.2 6.3
CVE-2024-26231 No No - - Important 7.2 6.3
CVE-2024-26233 No No - - Important 7.2 6.3
Windows DWM Core Library Information Disclosure Vulnerability
CVE-2024-26172 No No - - Important 5.5 4.8
Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2024-26237 No No - - Important 7.8 6.8
Windows Distributed File System (DFS) Information Disclosure Vulnerability
CVE-2024-26226 No No - - Important 6.5 5.7
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2024-29066 No No - - Important 7.2 6.3
Windows File Server Resource Management Service Elevation of Privilege Vulnerability
CVE-2024-26216 No No - - Important 7.3 6.4
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-29064 No No - - Important 6.2 5.4
Windows Kerberos Denial of Service Vulnerability
CVE-2024-26183 No No - - Important 6.5 5.7
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-26248 No No - - Important 7.5 6.5
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-20693 No No - - Important 7.8 6.8
CVE-2024-26218 No No - - Important 7.8 6.8
Windows Mobile Hotspot Information Disclosure Vulnerability
CVE-2024-26220 No No - - Important 5.0 4.4
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-26211 No No - - Important 7.8 6.8
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-26255 No No - - Important 5.5 4.8
CVE-2024-28901 No No - - Important 5.5 4.8
CVE-2024-28902 No No - - Important 5.5 4.8
CVE-2024-26207 No No - - Important 5.5 4.8
CVE-2024-26217 No No - - Important 5.5 4.8
CVE-2024-28900 No No - - Important 5.5 4.8
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26179 No No - - Important 8.8 7.7
CVE-2024-26200 No No - - Important 8.8 7.7
CVE-2024-26205 No No - - Important 8.8 7.7
Windows SMB Elevation of Privilege Vulnerability
CVE-2024-26245 No No - - Important 7.8 6.8
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-29052 No No - - Important 7.8 6.8
Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26242 No No - - Important 7.0 6.1
CVE-2024-26230 No No - - Important 7.8 6.8
CVE-2024-26239 No No - - Important 7.8 6.8
Windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-26243 No No - - Important 7.0 6.1
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-26235 No No - - Important 7.8 6.8
CVE-2024-26236 No No - - Important 7.0 6.1
Windows rndismp6.sys Remote Code Execution Vulnerability
CVE-2024-26252 No No - - Important 6.8 5.9
CVE-2024-26253 No No - - Important 6.8 5.9
libarchive Remote Code Execution Vulnerability
CVE-2024-26256 No No - - Important 7.8 6.8

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|


文章来源: https://isc.sans.edu/diary/rss/30822
如有侵权请联系:admin#unsafe.sh