Ransomware

Microsoft Patch Tuesday June 2024: Major Updates And Fixes

In response to the rise of cyber threats, Microsoft's June 2024 Patch Tuesday addresses 49 CVEs, safeguarding against hackers and ransomware.

by Ashish Khaitan June 12th, 2024

Share on LinkedInShare on Twitter

Microsoft has released the June 2024 Patch Tuesday updates, reinforcing security and enhancing functionality for Windows 11 and 10 users alike. Among these updates, the tech giant has also addressed 49 vulnerabilities affecting Microsoft environments and products.

“Microsoft patched 49 CVEs in its June 2024 Patch Tuesday release, another sub-60 CVE release for the second month in a row. This month, Microsoft did not patch any zero-day vulnerabilities exploited in the wild. Typically, Microsoft Patch Tuesday releases skew towards being mostly remote code execution vulnerabilities,” said Satnam Narang, Senior Staff Research Engineer at Tenable.

For those using the Windows 11 operating systems with versions 23H2 and 22H2, the KB5039212 patch awaits in the Windows Update queue. This comprehensive Microsoft Patch Tuesday Update introduces several notable tweaks.

Microsoft Patch Tuesday Update: All the Major Developments and Fixes

With this June Microsoft Patch Tuesday update, the tech giant has introduced a slew of user-friendly updates, including the ability to generate QR codes directly from the Windows Share menu in Microsoft Edge, facilitating seamless sharing of webpages and cloud files.

Enhancements to the Windows Share feature now allow users to easily email content to themselves using their linked email address from their Microsoft account, while a subtle but impactful change prevents the abrupt dismissal of the Windows Share window, requiring users to click the designated close button instead.

File management is streamlined with the ability to drag files between breadcrumbs within the File Explorer address bar, simplifying the process of relocating files within the same file path. Additionally, a new “Linked devices” page in the Settings menu enables users logged in with a Microsoft account to seamlessly manage their PCs and Xbox consoles, while the Windows Backup app now integrates with Microsoft accounts, offering secure backup options for files, themes, settings, installed apps, and Wi-Fi credentials to the cloud.

Microsoft has also addressed underlying issues with this June 2024 Patch Tuesday, including a fix for an issue causing the taskbar to briefly malfunction or become unresponsive, as well as resolving an issue hindering systems from resuming from hibernation post-BitLocker activation.

“In 2023, remote code execution flaws accounted for over one-third (35.1%) of all CVEs patched. However, this Patch Tuesday release was dominated by elevation of privilege flaws, accounting for nearly half of the CVEs patched (49%) this month. Microsoft patched CVE-2024-30089, an elevation of privilege flaw in the Microsoft Streaming Service. Like many of the elevation of privilege flaws patched as part of Patch Tuesday, Microsoft labelled this one as “Exploitation More Likely,” said Narang.

For Windows 11 users on the original iteration of the OS (21H2), the KB5039213 patch primarily focuses on bug fixes, with the added activation of the SMB over QUIC client certificate authentication feature, providing IT administrators with enhanced control over client access to SMB over QUIC servers.

Addressing 49 Vulnerabilities with Vigilance

With cyber threats looming large, Microsoft’s June 2024 Patch Tuesday release stands as a protective measure against hackers and ransomware groups alike, addressing a total of 49 CVEs. Among these, one is rated critical, marking a concerted effort to shore up security defenses.

Notably, there have been no reported zero-day or publicly disclosed vulnerabilities, underscoring Microsoft’s proactive stance on security.

Elevation of Privilege (EoP) vulnerabilities take center stage, constituting 49% of the patched vulnerabilities this month, followed closely by Remote Code Execution (RCE) at 36.7%. Several critical vulnerabilities have been identified, including CVE-2024-30080, a Remote Code Execution flaw in Microsoft Message Queuing (MSMQ) with a CVSSv3 score of 9.8, deemed highly exploitable by Microsoft.

Additionally, CVE-2024-30082, CVE-2024-30087, and CVE-2024-30091 highlight the significance of patching critical components like the Win32k driver to prevent potential exploits. Similarly, attention is drawn to Windows Kernel vulnerabilities CVE-2024-30064, CVE-2024-30068, CVE-2024-30088, and CVE-2024-30099, emphasizing the necessity of comprehensive patch management. Moreover, CVE-2024-30085 highlights the varied attack vectors adversaries may exploit, necessitating swift remediation.

“These types of flaws are notoriously useful for cybercriminals seeking to elevate privileges on a compromised system. When exploited in the wild as a zero-day, they are typically associated with more advanced persistent threat actors or as part of targeted attacks,” said Narang.

He added further, “This vulnerability was disclosed to Microsoft by the same security researcher that disclosed CVE-2023-36802, another Microsoft Streaming Service elevation of privilege flaw, which was patched in the September 2023 Patch Tuesday. Curiously, that flaw was disclosed by the researcher, but it was Microsoft themselves that noted it as being exploited in the wild. Another Microsoft Streaming Service flaw was patched this month (CVE-2024-30090), but unlike CVE-2024-30089, this one is labeled as “Exploitation Less Likely.”

Concurrently, Microsoft’s cessation of security updates for Windows 10 21H2 across several editions stresses the importance of timely upgrades to ensure ongoing protection against online threats.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button