Patch Tuesday Update

Patch Tuesday Update – July 2024
2024-7-10 05:3:46 Author: securityboulevard.com(查看原文) 阅读量:0 收藏

CVE/Advisory	Title	Tag	Microsoft Severity Rating	Base Score	Microsoft Impact	Exploited	Publicly Disclosed
CVE-2024-30061	Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability	Microsoft Dynamics	Important	7.3	Information Disclosure	No	No
CVE-2024-21417	Windows Text Services Framework Elevation of Privilege Vulnerability	Windows CoreMessaging	Important	8.8	Elevation of Privilege	No	No
CVE-2024-28899	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8.8	Security Feature Bypass	No	No
CVE-2024-30081	Windows NTLM Spoofing Vulnerability	Windows NTLM	Important	7.1	Spoofing	No	No
CVE-2024-30098	Windows Cryptographic Services Security Feature Bypass Vulnerability	Windows Cryptographic Services	Important	7.5	Security Feature Bypass	No	No
CVE-2024-35264	.NET and Visual Studio Remote Code Execution Vulnerability	.NET and Visual Studio	Important	8.1	Remote Code Execution	No	Yes
CVE-2024-35270	Windows iSCSI Service Denial of Service Vulnerability	Windows iSCSI	Important	5.3	Denial of Service	No	No
CVE-2024-38088	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-38087	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21332	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21333	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21335	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21373	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21398	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21414	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21415	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21428	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37318	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37332	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37331	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37969	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37970	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37974	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37981	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37986	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37987	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-38013	Microsoft Windows Server Backup Elevation of Privilege Vulnerability	Windows Server Backup	Important	6.7	Elevation of Privilege	No	No
CVE-2024-38015	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability	Windows Remote Desktop	Important	7.5	Denial of Service	No	No
CVE-2024-38022	Windows Image Acquisition Elevation of Privilege Vulnerability	Windows Image Acquisition	Important	7	Elevation of Privilege	No	No
CVE-2024-38023	Microsoft SharePoint Server Remote Code Execution Vulnerability	Microsoft Office SharePoint	Critical	7.2	Remote Code Execution	No	No
CVE-2024-38024	Microsoft SharePoint Server Remote Code Execution Vulnerability	Microsoft Office SharePoint	Important	7.2	Remote Code Execution	No	No
CVE-2024-38025	Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability	Windows Performance Monitor	Important	7.2	Remote Code Execution	No	No
CVE-2024-38034	Windows Filtering Platform Elevation of Privilege Vulnerability	Windows Filtering	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38041	Windows Kernel Information Disclosure Vulnerability	Windows Kernel	Important	5.5	Information Disclosure	No	No
CVE-2024-38043	PowerShell Elevation of Privilege Vulnerability	Windows PowerShell	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38517	Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability	Active Directory Rights Management Services	Moderate	7.8	Elevation of Privilege	No	No
CVE-2024-38051	Windows Graphics Component Remote Code Execution Vulnerability	Microsoft Graphics Component	Important	7.8	Remote Code Execution	No	No
CVE-2024-38054	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability	Microsoft Streaming Service	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38055	Microsoft Windows Codecs Library Information Disclosure Vulnerability	Microsoft Windows Codecs Library	Important	5.5	Information Disclosure	No	No
CVE-2024-38056	Microsoft Windows Codecs Library Information Disclosure Vulnerability	Microsoft Windows Codecs Library	Important	5.5	Information Disclosure	No	No
CVE-2024-38059	Win32k Elevation of Privilege Vulnerability	Windows Win32K – ICOMP	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38060	Windows Imaging Component Remote Code Execution Vulnerability	Windows Imaging Component	Critical	8.8	Remote Code Execution	No	No
CVE-2024-38061	DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability	Role: Active Directory Certificate Services; Active Directory Domain Services	Important	7.5	Elevation of Privilege	No	No
CVE-2024-38062	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability	Windows Kernel-Mode Drivers	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38064	Windows TCP/IP Information Disclosure Vulnerability	Windows TCP/IP	Important	7.5	Information Disclosure	No	No
CVE-2024-38071	Windows Remote Desktop Licensing Service Denial of Service Vulnerability	Windows Remote Desktop Licensing Service	Important	7.5	Denial of Service	No	No
CVE-2024-38072	Windows Remote Desktop Licensing Service Denial of Service Vulnerability	Windows Remote Desktop Licensing Service	Important	7.5	Denial of Service	No	No
CVE-2024-38077	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability	Windows Remote Desktop Licensing Service	Critical	9.8	Remote Code Execution	No	No
CVE-2024-38080	Windows Hyper-V Elevation of Privilege Vulnerability	Role: Windows Hyper-V	Important	7.8	Elevation of Privilege	Yes	No
CVE-2024-38085	Windows Graphics Component Elevation of Privilege Vulnerability	Windows Win32 Kernel Subsystem	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38086	Azure Kinect SDK Remote Code Execution Vulnerability	Azure Kinect SDK	Important	6.4	Remote Code Execution	No	No
CVE-2024-38091	Microsoft WS-Discovery Denial of Service Vulnerability	Microsoft WS-Discovery	Important	7.5	Denial of Service	No	No
CVE-2024-38100	Windows File Explorer Elevation of Privilege Vulnerability	Windows COM Session	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38102	Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability	Windows Internet Connection Sharing (ICS)	Important	6.5	Denial of Service	No	No
CVE-2024-38104	Windows Fax Service Remote Code Execution Vulnerability	Windows Fax and Scan Service	Important	8.8	Remote Code Execution	No	No
CVE-2024-38112	Windows MSHTML Platform Spoofing Vulnerability	Windows MSHTML Platform	Important	7.5	Spoofing	Yes	No
CVE-2024-26184	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	6.8	Security Feature Bypass	No	No
CVE-2024-30013	Windows MultiPoint Services Remote Code Execution Vulnerability	Windows MultiPoint Services	Important	8.8	Remote Code Execution	No	No
CVE-2024-32987	Microsoft SharePoint Server Information Disclosure Vulnerability	Microsoft Office SharePoint	Important	7.5	Information Disclosure	No	No
CVE-2024-30071	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Windows Remote Access Connection Manager	Important	4.7	Information Disclosure	No	No
CVE-2024-30079	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability	Windows Remote Access Connection Manager	Important	7.8	Elevation of Privilege	No	No
CVE-2024-30105	.NET Core and Visual Studio Denial of Service Vulnerability	.NET and Visual Studio	Important	7.5	Denial of Service	No	No
CVE-2024-35261	Azure Network Watcher VM Extension Elevation of Privilege Vulnerability	Azure Network Watcher	Important	7.8	Elevation of Privilege	No	No
CVE-2024-35266	Azure DevOps Server Spoofing Vulnerability	Azure DevOps	Important	7.6	Spoofing	No	No
CVE-2024-35267	Azure DevOps Server Spoofing Vulnerability	Azure DevOps	Important	7.6	Spoofing	No	No
CVE-2024-35271	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-35272	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-20701	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21303	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21308	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21317	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21331	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21425	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37319	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37320	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37321	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37322	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37323	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37324	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-21449	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37326	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37327	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37328	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37329	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37330	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37334	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37333	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37336	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-28928	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-35256	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-37971	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37972	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37973	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8.4	Security Feature Bypass	No	No
CVE-2024-37975	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37977	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37978	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37984	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8.4	Security Feature Bypass	No	No
CVE-2024-37988	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-37989	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-38010	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-38011	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	8	Security Feature Bypass	No	No
CVE-2024-38017	Microsoft Message Queuing Information Disclosure Vulnerability	Windows Message Queuing	Important	5.5	Information Disclosure	No	No
CVE-2024-38019	Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability	Windows Performance Monitor	Important	7.2	Remote Code Execution	No	No
CVE-2024-38020	Microsoft Outlook Spoofing Vulnerability	Microsoft Office Outlook	Moderate	6.5	Spoofing	No	No
CVE-2024-38021	Microsoft Office Remote Code Execution Vulnerability	Microsoft Office	Important	8.8	Remote Code Execution	No	No
CVE-2024-38027	Windows Line Printer Daemon Service Denial of Service Vulnerability	Line Printer Daemon Service (LPD)	Important	6.5	Denial of Service	No	No
CVE-2024-38028	Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability	Windows Performance Monitor	Important	7.2	Remote Code Execution	No	No
CVE-2024-38030	Windows Themes Spoofing Vulnerability	Windows Themes	Important	6.5	Spoofing	No	No
CVE-2024-38031	Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability	Windows Online Certificate Status Protocol (OCSP)	Important	7.5	Denial of Service	No	No
CVE-2024-38032	Microsoft Xbox Remote Code Execution Vulnerability	XBox Crypto Graphic Services	Important	7.1	Remote Code Execution	No	No
CVE-2024-38033	PowerShell Elevation of Privilege Vulnerability	Windows PowerShell	Important	7.3	Elevation of Privilege	No	No
CVE-2024-38044	DHCP Server Service Remote Code Execution Vulnerability	Windows DHCP Server	Important	7.2	Remote Code Execution	No	No
CVE-2024-38047	PowerShell Elevation of Privilege Vulnerability	Windows PowerShell	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38048	Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability	NDIS	Important	6.5	Denial of Service	No	No
CVE-2024-38049	Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability	Windows Distributed Transaction Coordinator	Important	6.6	Remote Code Execution	No	No
CVE-2024-38050	Windows Workstation Service Elevation of Privilege Vulnerability	Windows Workstation Service	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38052	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability	Microsoft Streaming Service	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38053	Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability	Windows Internet Connection Sharing (ICS)	Important	8.8	Remote Code Execution	No	No
CVE-2024-38057	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability	Microsoft Streaming Service	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38058	BitLocker Security Feature Bypass Vulnerability	Windows BitLocker	Important	6.8	Security Feature Bypass	No	No
CVE-2024-38065	Secure Boot Security Feature Bypass Vulnerability	Windows Secure Boot	Important	6.8	Security Feature Bypass	No	No
CVE-2024-38066	Windows Win32k Elevation of Privilege Vulnerability	Windows Win32K – GRFX	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38067	Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability	Windows Online Certificate Status Protocol (OCSP)	Important	7.5	Denial of Service	No	No
CVE-2024-38068	Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability	Windows Online Certificate Status Protocol (OCSP)	Important	7.5	Denial of Service	No	No
CVE-2024-38069	Windows Enroll Engine Security Feature Bypass Vulnerability	Windows Enroll Engine	Important	7	Security Feature Bypass	No	No
CVE-2024-38070	Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability	Windows LockDown Policy (WLDP)	Important	7.8	Security Feature Bypass	No	No
CVE-2024-38073	Windows Remote Desktop Licensing Service Denial of Service Vulnerability	Windows Remote Desktop Licensing Service	Important	7.5	Denial of Service	No	No
CVE-2024-38074	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability	Windows Remote Desktop Licensing Service	Critical	9.8	Remote Code Execution	No	No
CVE-2024-38076	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability	Windows Remote Desktop	Critical	9.8	Remote Code Execution	No	No
CVE-2024-38078	Xbox Wireless Adapter Remote Code Execution Vulnerability	XBox Crypto Graphic Services	Important	7.5	Remote Code Execution	No	No
CVE-2024-38079	Windows Graphics Component Elevation of Privilege Vulnerability	Microsoft Graphics Component	Important	7.8	Elevation of Privilege	No	No
CVE-2024-38081	.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability	.NET and Visual Studio	Important	7.3	Elevation of Privilege	No	No
CVE-2024-38089	Microsoft Defender for IoT Elevation of Privilege Vulnerability	Microsoft Defender for IoT	Important	9.1	Elevation of Privilege	No	No
CVE-2024-38092	Azure CycleCloud Elevation of Privilege Vulnerability	Azure CycleCloud	Important	8.8	Elevation of Privilege	No	No
CVE-2024-38094	Microsoft SharePoint Remote Code Execution Vulnerability	Microsoft Office SharePoint	Important	7.2	Remote Code Execution	No	No
CVE-2024-38095	.NET and Visual Studio Denial of Service Vulnerability	.NET and Visual Studio	Important	7.5	Denial of Service	No	No
CVE-2024-38099	Windows Remote Desktop Licensing Service Denial of Service Vulnerability	Windows Remote Desktop Licensing Service	Important	5.9	Denial of Service	No	No
CVE-2024-38101	Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability	Windows Internet Connection Sharing (ICS)	Important	6.5	Denial of Service	No	No
CVE-2024-38105	Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability	Windows Internet Connection Sharing (ICS)	Important	6.5	Denial of Service	No	No
CVE-2024-39684	Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability	Active Directory Rights Management Services	Moderate	7.8	Elevation of Privilege	No	No

文章来源: https://securityboulevard.com/2024/07/patch-tuesday-update-july-2024/
如有侵权请联系:admin#unsafe.sh