Microsoft May 2024 Patch Tuesday, (Tue, May 14th)
2024-5-15 01:28:16 Author: isc.sans.edu(查看原文) 阅读量:92 收藏

This month we got patches for 67 vulnerabilities. Of these, 1 are critical, and 1 is being exploited according to Microsoft.

The critical vulnerability is a Remote Code Execution (RCE) affecting the Microsoft Sharepoint Server (CVE-2024-30044). According to the advisory, an authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted Sharepoint Server and craft specialized API requests to trigger deserialization of file's parameters. This would enable the attacker to perform remote code execution in the context of the Sharepoint Server. The CVSS for the vulnerability is 8.8.

The zero-day vulnerability is an elevation of privilege on Windows DWM (Desktop Windows Management) Core Library (CVE-2024-30051). According to the advisory, an attacker who successfully exploited this vulnerability could gain SYSTEM privileges. The CVSS for the vulnerability is 7.8.

There is an important vulnerability affecting MinGit software (CVE-2024-32002), used by Microsoft Visual Studio, caused by an improper limitation of a pathname to a restricted directory ('Path Traversal') making it susceptible to Remote Code Execution. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. The CVSS for the vulnerability is 9.0 – the highest for this month.

See the full list of patches:

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-30045 No No - - Important 6.3 5.5
Azure Migrate Cross-Site Scripting Vulnerability
CVE-2024-30053 No No - - Important 6.5 5.9
CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution
CVE-2024-32002 No No - - Important 9.0 7.8
Chromium: CVE-2024-4331 Use after free in Picture In Picture
CVE-2024-4331 No No - - -    
Chromium: CVE-2024-4368 Use after free in Dawn
CVE-2024-4368 No No - - -    
Chromium: CVE-2024-4558 Use after free in ANGLE
CVE-2024-4558 No No - - -    
Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio
CVE-2024-4559 No No - - -    
Chromium: CVE-2024-4671 Use after free in Visuals
CVE-2024-4671 No No - - -    
DHCP Server Service Denial of Service Vulnerability
CVE-2024-30019 No No - - Important 6.5 5.7
Dynamics 365 Customer Insights Spoofing Vulnerability
CVE-2024-30047 No No - - Important 7.6 6.6
CVE-2024-30048 No No - - Important 7.6 6.6
GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories
CVE-2024-32004 No No - - Important 8.1 7.1
Microsoft Bing Search Spoofing Vulnerability
CVE-2024-30041 No No - - Important 5.4 4.7
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-30007 No No - - Important 8.8 7.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2024-30055 No No Less Likely Less Likely Low 5.4 4.7
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-30042 No No - - Important 7.8 6.8
Microsoft Intune for Android Mobile Application Management Tampering Vulnerability
CVE-2024-30059 No No - - Important 6.1 5.8
Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability
CVE-2024-26238 No No - - Important 7.8 6.8
Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
CVE-2024-30054 No No - - Important 6.5 5.7
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2024-30043 No No - - Important 6.5 5.7
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-30044 No No - - Critical 8.8 7.7
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-30006 No No - - Important 8.8 7.7
Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
CVE-2024-29994 No No - - Important 7.8 6.8
NTFS Elevation of Privilege Vulnerability
CVE-2024-30027 No No - - Important 7.8 6.8
Visual Studio Denial of Service Vulnerability
CVE-2024-30046 Yes No - - Important 5.9 5.2
Win32k Elevation of Privilege Vulnerability
CVE-2024-30028 No No - - Important 7.8 6.8
CVE-2024-30030 No No - - Important 7.8 6.8
CVE-2024-30038 No No - - Important 7.8 6.8
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
CVE-2024-30031 No No - - Important 7.8 6.8
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2024-30034 No No - - Important 5.5 4.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-29996 No No - - Important 7.8 6.8
CVE-2024-30025 No No - - Important 7.8 6.8
CVE-2024-30037 No No - - Important 7.5 6.5
Windows Cryptographic Services Information Disclosure Vulnerability
CVE-2024-30016 No No - - Important 5.5 4.8
Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2024-30020 No No - - Important 8.1 7.1
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-30032 No No - - Important 7.8 6.8
CVE-2024-30035 No No - - Important 7.8 6.8
CVE-2024-30051 Yes Yes - - Important 7.8 7.2
Windows DWM Core Library Information Disclosure Vulnerability
CVE-2024-30008 No No - - Important 5.5 4.8
Windows Deployment Services Information Disclosure Vulnerability
CVE-2024-30036 No No - - Important 6.5 5.7
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-30011 No No - - Important 6.5 5.7
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-30010 No No - - Important 8.8 7.7
CVE-2024-30017 No No - - Important 8.8 7.7
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-30018 No No - - Important 7.8 6.8
Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE-2024-30040 No Yes - - Important 8.8 8.2
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-30050 No No - - Moderate 5.4 5.0
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-29997 No No - - Important 6.8 5.9
CVE-2024-29998 No No - - Important 6.8 5.9
CVE-2024-29999 No No - - Important 6.8 5.9
CVE-2024-30000 No No - - Important 6.8 5.9
CVE-2024-30001 No No - - Important 6.8 5.9
CVE-2024-30002 No No - - Important 6.8 5.9
CVE-2024-30003 No No - - Important 6.8 5.9
CVE-2024-30004 No No - - Important 6.8 5.9
CVE-2024-30005 No No - - Important 6.8 5.9
CVE-2024-30012 No No - - Important 6.8 5.9
CVE-2024-30021 No No - - Important 6.8 5.9
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-30039 No No - - Important 5.5 4.8
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30009 No No - - Important 8.8 7.7
CVE-2024-30014 No No - - Important 7.5 6.6
CVE-2024-30015 No No - - Important 7.5 6.5
CVE-2024-30022 No No - - Important 7.5 6.5
CVE-2024-30023 No No - - Important 7.5 6.5
CVE-2024-30024 No No - - Important 7.5 6.5
CVE-2024-30029 No No - - Important 7.5 6.5
Windows Search Service Elevation of Privilege Vulnerability
CVE-2024-30033 No No - - Important 7.0 6.1
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-30049 No No - - Important 7.8 6.8

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter


文章来源: https://isc.sans.edu/diary/rss/30920
如有侵权请联系:admin#unsafe.sh