Ransomware

Microsoft Patch Tuesday 2024: Major Fixes And Recommendations

Additionally, Microsoft has addressed vulnerabilities in Windows 11, SharePoint, and the Windows Print Spooler service.

by Ashish Khaitan March 13, 2024 in Firewall Daily, Vulnerabilities Reading Time: 18 mins read 0

594 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

March 2024 brings a fresh focus on cybersecurity as Microsoft rolls out its latest set of patches, addressing 61 vulnerabilities in the Microsoft 2024 update.

This regular security update from Microsoft aims to fortify the security of its systems against potential threats and attacks. Notably, this month's Patch Tuesday does not reveal any zero-day vulnerabilities. However, it includes fixes for several critical issues that could potentially be exploited by cyber attackers if left unaddressed.

Among the vulnerabilities patched are those impacting various Microsoft products, including Windows, Azure, Skype for Consumer, Microsoft Defender, and Microsoft Office.

Microsoft Patch Tuesday 2024 Update: The Most Critical Vulnerabilities

Tag CVE Base Score
Windows Defender 5.5
Open Management Infrastructure CVE-2024-21330 7.8
Open Management Infrastructure CVE-2024-21334 9.8
Microsoft Authenticator CVE-2024-21390 7.1
.NET CVE-2024-21392 7.5
Microsoft Azure Kubernetes Service 9
Role: Windows Hyper-V 8.1
Role: Windows Hyper-V CVE-2024-21408 5.5
Skype for Consumer 8.8
Software for Open Networking in the Cloud (SONiC) CVE-2024-21418 7.8
Microsoft Dynamics CVE-2024-21419 7.6
Azure SDK CVE-2024-21421 7.5
Microsoft Office SharePoint CVE-2024-21426 7.8
Windows Kerberos CVE-2024-21427 7.5
Windows USB Hub Driver CVE-2024-21429 6.8
Windows USB Serial Driver CVE-2024-21430 5.7
Windows Hypervisor-Protected Code Integrity CVE-2024-21431 7.8
Windows Update Stack CVE-2024-21432 7
Windows Print Spooler Components CVE-2024-21433 7
Microsoft Windows SCSI Class System File CVE-2024-21434 7.8
Windows OLE CVE-2024-21435 8.8
Windows Installer CVE-2024-21436 7.8
Microsoft Graphics Component CVE-2024-21437 7.8
Windows AllJoyn API CVE-2024-21438 7.5
Windows Telephony Server CVE-2024-21439 7
Windows ODBC Driver CVE-2024-21440 8.8
Microsoft WDAC OLE DB provider for SQL CVE-2024-21441 8.8
Windows USB Print Driver CVE-2024-21442 7.8
Windows Kernel CVE-2024-21443 7.3
Microsoft WDAC OLE DB provider for SQL CVE-2024-21444 8.8
Windows USB Print Driver CVE-2024-21445 7
Windows NTFS CVE-2024-21446 7.8
Microsoft Teams for Android CVE-2024-21448 5
Microsoft WDAC OLE DB provider for SQL CVE-2024-21450 8.8
Microsoft WDAC ODBC Driver CVE-2024-21451 8.8
Windows ODBC Driver CVE-2024-26159 8.8
Windows Cloud Files Mini Filter Driver CVE-2024-26160 5.5
Microsoft WDAC OLE DB provider for SQL CVE-2024-26161 8.8
Windows ODBC Driver CVE-2024-26162 8.8
SQL Server CVE-2024-26164 8.8
Visual Studio Code CVE-2024-26165 8.8
Microsoft WDAC OLE DB provider for SQL CVE-2024-26166 8.8
Microsoft Edge for Android CVE-2024-26167 4.3
Windows Error Reporting CVE-2024-26169 7.8
Windows Composite Image File System CVE-2024-26170 7.8
Windows Kernel CVE-2024-26173 7.8
Windows Kernel CVE-2024-26174 5.5
Windows Kernel CVE-2024-26176 7.8
Windows Kernel CVE-2024-26177 5.5
Windows Kernel CVE-2024-26178 7.8
Windows Kernel CVE-2024-26181 5.5
Windows Kernel CVE-2024-26182 7.8
Windows Compressed Folder CVE-2024-26185 6.5
Microsoft QUIC CVE-2024-26190 7.5
Windows Standards-Based Storage Management Service CVE-2024-26197 6.5
Microsoft Exchange Server CVE-2024-26198 8.8
Microsoft Office CVE-2024-26199 7.8
Microsoft Intune CVE-2024-26201 6.6
Azure Data Studio CVE-2024-26203 7.3
Outlook for Android CVE-2024-26204 7.5

One of the most critical vulnerabilities addressed in this update is a remote code execution (RCE) flaw in Windows, which could enable a virtual machine to escape from a Hyper-V guest.

This particular vulnerability, labeled as CVE-2024-21407, presents a high level of complexity for attackers, requiring them to gather specific information about the environment and execute a series of preparatory steps. Once exploited, attackers could gain unauthorized access to the Hyper-V host, posing a significant risk to system integrity.

Another noteworthy fix is for Skype for Consumer, addressing a remote code execution vulnerability (CVE-2024-21411) that could be triggered through malicious links or images sent via Instant Message. This flaw, discovered by Hector Peralta and Nicole Armua in collaboration with Trend Micro Zero Day Initiative, highlights the importance of staying up to date against social engineering tactics employed by cybercriminals.

Furthermore, Microsoft has patched vulnerabilities affecting its Azure Kubernetes Service (CVE-2024-21400), Microsoft Defender (CVE-2024-20671), and Microsoft Office (CVE-2024-26199), among others. These fixes aim to mitigate various risks, including elevation of privilege, security feature bypass, and confidential container compromise.

Security Updates for Other Microsoft Products

CNA Tag CVE
Intel Corporation Intel CVE-2023-28746
Chrome Microsoft Edge (Chromium-based) CVE-2024-2173
Chrome Microsoft Edge (Chromium-based) CVE-2024-2174
Chrome Microsoft Edge (Chromium-based) CVE-2024-2176

Additionally, Microsoft has addressed vulnerabilities in Windows 11, SharePoint, and the Windows Print Spooler service, targeting issues such as compressed folder tampering and elevation to SYSTEM privileges. These fixes are crucial for maintaining the overall security posture of Windows-based systems and preventing potential exploitation by malicious actors.

While no prior public disclosure or exploitation in the wild has been reported for the vulnerabilities patched in this update, it's essential for users and administrators to promptly apply the patches to mitigate any potential risks. 

Windows updates ensure device security and productivity, catering to both IT administrators and general users. These monthly updates, released on “Patch Tuesday,” consolidate security and non-security fixes to maintain device integrity. 

Through channels like Windows Update and Microsoft Intune, users receive mandatory security updates. Additionally, optional non-security preview releases, available a week before security updates, offer advanced features. Out-of-band releases address critical issues promptly. 

With Windows 11, continuous innovation arrives through phased rollouts, allowing users to control feature releases. Microsoft optimizes update processes for reliability, ensuring a seamless user experience while prioritizing device security and performance.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button