Patch Tuesday Update – May 2024
2024-5-15 05:11:46 Author: securityboulevard.com(查看原文) 阅读量:32 收藏

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.42.0 and FVM Agent 2.7 releases.

  • Microsoft addressed 61 vulnerabilities in this release, including 1 rated as Critical and 27 Remote Code Execution vulnerabilities.
  • This release also includes fixes for CVE-2024-30040 and CVE-2024-30051 which are known to have been exploited in the wild.
    • Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040)
      • A malicious actor would be required to trick a user into manipulating a crafted file in order to exploit this vulnerability which would result in code execution in the context of the user that interacted with the file.
    • Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
      • This vulnerability could allow an attacker to escalate to SYSTEM privileges and has been observed being used by Qakbot and other malware.
CVE/Advisory Title Tag Microsoft Severity Rating Base Score Microsoft Impact Exploited Publicly Disclosed
CVE-2024-32002 CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution Visual Studio Important 9 Remote Code Execution No No
CVE-2024-29996 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Important 7.8 Elevation of Privilege No No
CVE-2024-29997 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-29998 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-29999 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30000 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30001 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30002 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30003 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30004 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30005 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Important 8.8 Remote Code Execution No No
CVE-2024-30007 Microsoft Brokering File System Elevation of Privilege Vulnerability Microsoft Brokering File System Important 8.8 Elevation of Privilege No No
CVE-2024-30008 Windows DWM Core Library Information Disclosure  Vulnerability Windows DWM Core Library Important 5.5 Information Disclosure No No
CVE-2024-30009 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Important 8.8 Remote Code Execution No No
CVE-2024-30010 Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Important 8.8 Remote Code Execution No No
CVE-2024-30011 Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Important 6.5 Denial of Service No No
CVE-2024-30012 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30014 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Important 7.5 Remote Code Execution No No
CVE-2024-30015 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Important 7.5 Remote Code Execution No No
CVE-2024-30016 Windows Cryptographic Services Information Disclosure Vulnerability Windows Cryptographic Services Important 5.5 Information Disclosure No No
CVE-2024-30017 Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Important 8.8 Remote Code Execution No No
CVE-2024-30018 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7.8 Elevation of Privilege No No
CVE-2024-30019 DHCP Server Service Denial of Service Vulnerability Windows DHCP Server Important 6.5 Denial of Service No No
CVE-2024-30020 Windows Cryptographic Services Remote Code Execution Vulnerability Windows Cryptographic Services Important 8.1 Remote Code Execution No No
CVE-2024-30021 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Important 6.8 Remote Code Execution No No
CVE-2024-30022 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Important 7.5 Remote Code Execution No No
CVE-2024-30023 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Important 7.5 Remote Code Execution No No
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft Office SharePoint Critical 8.8 Remote Code Execution No No
CVE-2024-30050 Windows Mark of the Web Security Feature Bypass Vulnerability Windows Mark of the Web (MOTW) Moderate 5.4 Security Feature Bypass No No
CVE-2024-30053 Azure Migrate Cross-Site Scripting Vulnerability Azure Migrate Important 6.5 Spoofing No No
CVE-2024-30059 Microsoft Intune for Android Mobile Application Management Tampering Vulnerability Microsoft Intune Important 6.1 Tampering No No
CVE-2024-26238 Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability Windows Task Scheduler Important 7.8 Elevation of Privilege No No
CVE-2024-29994 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability Microsoft Windows SCSI Class System File Important 7.8 Elevation of Privilege No No
CVE-2024-30024 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Important 7.5 Remote Code Execution No No
CVE-2024-30025 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Important 7.8 Elevation of Privilege No No
CVE-2024-30027 NTFS Elevation of Privilege Vulnerability Windows NTFS Important 7.8 Elevation of Privilege No No
CVE-2024-30028 Win32k Elevation of Privilege Vulnerability Windows Win32K – ICOMP Important 7.8 Elevation of Privilege No No
CVE-2024-30029 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Important 7.5 Remote Code Execution No No
CVE-2024-30030 Win32k Elevation of Privilege Vulnerability Windows Win32K – GRFX Important 7.8 Elevation of Privilege No No
CVE-2024-30031 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability Windows CNG Key Isolation Service Important 7.8 Elevation of Privilege No No
CVE-2024-30032 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Important 7.8 Elevation of Privilege No No
CVE-2024-30033 Windows Search Service Elevation of Privilege Vulnerability Microsoft Windows Search Component Important 7 Elevation of Privilege No No
CVE-2024-30034 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Windows Cloud Files Mini Filter Driver Important 5.5 Information Disclosure No No
CVE-2024-30035 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Important 7.8 Elevation of Privilege No No
CVE-2024-30036 Windows Deployment Services Information Disclosure Vulnerability Windows Deployment Services Important 6.5 Information Disclosure No No
CVE-2024-30037 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Important 7.5 Elevation of Privilege No No
CVE-2024-30038 Win32k Elevation of Privilege Vulnerability Windows Win32K – ICOMP Important 7.8 Elevation of Privilege No No
CVE-2024-30039 Windows Remote Access Connection Manager Information Disclosure Vulnerability Windows Remote Access Connection Manager Important 5.5 Information Disclosure No No
CVE-2024-30040 Windows MSHTML Platform Security Feature Bypass Vulnerability Windows MSHTML Platform Important 8.8 Security Feature Bypass Yes No
CVE-2024-30041 Microsoft Bing Search Spoofing Vulnerability Microsoft Bing Important 5.4 Spoofing No No
CVE-2024-30042 Microsoft Excel Remote Code Execution Vulnerability Microsoft Office Excel Important 7.8 Remote Code Execution No No
CVE-2024-30043 Microsoft SharePoint Server Information Disclosure Vulnerability Microsoft Office SharePoint Important 6.5 Information Disclosure No No
CVE-2024-30045 .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Important 6.3 Remote Code Execution No No
CVE-2024-30046 Visual Studio Denial of Service Vulnerability Visual Studio Important 5.9 Denial of Service No Yes
CVE-2024-30047 Dynamics 365 Customer Insights Spoofing Vulnerability Microsoft Dynamics 365 Customer Insights Important 7.6 Spoofing No No
CVE-2024-30048 Dynamics 365 Customer Insights Spoofing Vulnerability Microsoft Dynamics 365 Customer Insights Important 7.6 Spoofing No No
CVE-2024-30049 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Windows Win32K – ICOMP Important 7.8 Elevation of Privilege No No
CVE-2024-30051 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Important 7.8 Elevation of Privilege Yes Yes
CVE-2024-32004 GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories Visual Studio Important 8.1 Remote Code Execution No No
CVE-2024-30054 Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability Power BI Important 6.5 Information Disclosure No No

AIE

Techstrong Podcasts

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Frontline VM can help.

WATCH THE VIDEO

The post Patch Tuesday Update – May 2024 appeared first on Digital Defense.

*** This is a Security Bloggers Network syndicated blog from Digital Defense authored by Digital Defense by Fortra. Read the original post at: https://www.digitaldefense.com/vulnerability-research/patch-tuesday-update-may-2024/


文章来源: https://securityboulevard.com/2024/05/patch-tuesday-update-may-2024/
如有侵权请联系:admin#unsafe.sh