April 2024 Microsoft Patch Tuesday Summary
This update covers a total of 157 vulnerabilities. Seven of these vulnerabilities are Chromium vulnerabilities affecting Microsoft's Edge browser. However, only three of these vulnerabilities are considered critical. One of the vulnerabilities had already been disclosed and exploited.
Vulnerabilities of Interest:
CVE-2024-26234: This proxy driver spoofing vulnerability has already been exploited and made public before today.
CVE-2024-21322, CVE-2024-21323, CVE-2024-29053: These critical vulnerabilities allow remote code execution in Microsoft Defender for IoT.
The update patches about 40 (sorry, lost exact count) remote code execution vulnerabilities in Microsoft OLE Driver for SQL Server. These vulnerabilities are rated only "important", not "critical". The vulnerability affects clients connecting to malicious SQL servers. The client would be the target, not the server.
The seven important remote code execution vulnerabilities in the DNS Server Service look interesting. To achieve remote code execution, "perfect timing" is required according to Microsoft.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
Mariner: Openwsman Path Traversal and process_connection() DoS vulnerability. | |||||||
CVE-2019-3816 | No | No | - | - | - | 7.5 | 7.5 |
CVE-2019-3833 | No | No | - | - | - | 7.5 | 7.5 |
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2024-21409 | No | No | - | - | Important | 7.3 | 6.4 |
Azure AI Search Information Disclosure Vulnerability | |||||||
CVE-2024-29063 | No | No | - | - | Important | 7.3 | 6.6 |
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability | |||||||
CVE-2024-28917 | No | No | - | - | Important | 6.2 | 5.4 |
Azure Compute Gallery Elevation of Privilege Vulnerability | |||||||
CVE-2024-21424 | No | No | - | - | Important | 6.5 | 5.7 |
Azure CycleCloud Elevation of Privilege Vulnerability | |||||||
CVE-2024-29993 | No | No | - | - | Important | 8.8 | 7.7 |
Azure Identity Library for .NET Information Disclosure Vulnerability | |||||||
CVE-2024-29992 | No | No | - | - | Moderate | 5.5 | 5.3 |
Azure Migrate Remote Code Execution Vulnerability | |||||||
CVE-2024-26193 | No | No | - | - | Important | 6.4 | 5.9 |
Azure Monitor Agent Elevation of Privilege Vulnerability | |||||||
CVE-2024-29989 | No | No | - | - | Important | 8.4 | 7.3 |
Azure Private 5G Core Denial of Service Vulnerability | |||||||
CVE-2024-20685 | No | No | - | - | Moderate | 5.9 | 5.2 |
BitLocker Security Feature Bypass Vulnerability | |||||||
CVE-2024-20665 | No | No | - | - | Important | 6.1 | 5.3 |
Chromium: CVE-2024-3156 Inappropriate implementation in V8 | |||||||
CVE-2024-3156 | No | No | - | - | - | ||
Chromium: CVE-2024-3158 Use after free in Bookmarks | |||||||
CVE-2024-3158 | No | No | - | - | - | ||
Chromium: CVE-2024-3159 Out of bounds memory access in V8 | |||||||
CVE-2024-3159 | No | No | - | - | - | ||
DHCP Server Service Denial of Service Vulnerability | |||||||
CVE-2024-26212 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-26215 | No | No | - | - | Important | 7.5 | 7.2 |
DHCP Server Service Remote Code Execution Vulnerability | |||||||
CVE-2024-26195 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-26202 | No | No | - | - | Important | 7.2 | 6.3 |
HTTP.sys Denial of Service Vulnerability | |||||||
CVE-2024-26219 | No | No | - | - | Important | 7.5 | 6.5 |
Intel: CVE-2024-2201 Branch History Injection | |||||||
CVE-2024-2201 | No | No | - | - | Important | 4.7 | 4.1 |
Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell | |||||||
CVE-2024-23593 | No | No | - | - | Important | 7.8 | 6.8 |
Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi | |||||||
CVE-2024-23594 | No | No | - | - | Important | 6.4 | 5.6 |
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | |||||||
CVE-2024-29990 | No | No | - | - | Important | 9.0 | 8.1 |
Microsoft Brokering File System Elevation of Privilege Vulnerability | |||||||
CVE-2024-28905 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26213 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2024-28904 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-28907 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Defender for IoT Elevation of Privilege Vulnerability | |||||||
CVE-2024-21324 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-29055 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-29054 | No | No | - | - | Important | 7.2 | 6.3 |
Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||||
CVE-2024-21322 | No | No | - | - | Critical | 7.2 | 6.3 |
CVE-2024-21323 | No | No | - | - | Critical | 8.8 | 7.7 |
CVE-2024-29053 | No | No | - | - | Critical | 8.8 | 7.7 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||||
CVE-2024-29981 | No | No | Less Likely | Less Likely | Low | 4.3 | 3.9 |
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | |||||||
CVE-2024-29049 | No | No | Less Likely | Less Likely | Moderate | 4.1 | 3.6 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2024-26257 | No | No | - | - | Important | 7.8 | 7.5 |
Microsoft Install Service Elevation of Privilege Vulnerability | |||||||
CVE-2024-26158 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |||||||
CVE-2024-26209 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||||
CVE-2024-26232 | No | No | - | - | Important | 7.3 | 6.4 |
CVE-2024-26208 | No | No | - | - | Important | 7.2 | 6.3 |
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2024-28929 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28931 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28932 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28936 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29043 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28930 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28933 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28934 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28935 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28937 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28938 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28941 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28943 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2024-28906 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28908 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28909 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28910 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28911 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28912 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28913 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28914 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28915 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28939 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28942 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28945 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29045 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-29047 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28926 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28927 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28940 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-28944 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29044 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29046 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29048 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29982 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29983 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29984 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-29985 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft SharePoint Server Spoofing Vulnerability | |||||||
CVE-2024-26251 | No | No | - | - | Important | 6.8 | 6.5 |
Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability | |||||||
CVE-2024-26254 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2024-26210 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-26244 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability | |||||||
CVE-2024-26214 | No | No | - | - | Important | 8.8 | 7.7 |
Outlook for Windows Spoofing Vulnerability | |||||||
CVE-2024-20670 | No | No | - | - | Important | 8.1 | 7.1 |
Proxy Driver Spoofing Vulnerability | |||||||
CVE-2024-26234 | Yes | Yes | - | - | Important | 6.7 | 5.8 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||||
CVE-2024-20678 | No | No | - | - | Important | 8.8 | 7.7 |
Secure Boot Security Feature Bypass Vulnerability | |||||||
CVE-2024-20669 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-20688 | No | No | - | - | Important | 7.1 | 6.2 |
CVE-2024-20689 | No | No | - | - | Important | 7.1 | 6.2 |
CVE-2024-26250 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-28920 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-28922 | No | No | - | - | Important | 4.1 | 3.6 |
CVE-2024-28921 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-28919 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-28923 | No | No | - | - | Important | 6.4 | 5.6 |
CVE-2024-28896 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2024-28898 | No | No | - | - | Important | 6.3 | 5.5 |
CVE-2024-28903 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-26168 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-26171 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-26175 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26180 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-26189 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-26194 | No | No | - | - | Important | 7.4 | 6.4 |
CVE-2024-26240 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-28924 | No | No | - | - | Important | 6.7 | 5.8 |
CVE-2024-28925 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2024-28897 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-29061 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-29062 | No | No | - | - | Important | 7.1 | 6.2 |
SmartScreen Prompt Security Feature Bypass Vulnerability | |||||||
CVE-2024-29988 | No | No | - | - | Important | 8.8 | 8.2 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2024-26241 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Authentication Elevation of Privilege Vulnerability | |||||||
CVE-2024-21447 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-29056 | No | No | - | - | Important | 4.3 | 3.8 |
Windows CSC Service Elevation of Privilege Vulnerability | |||||||
CVE-2024-26229 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Cryptographic Services Remote Code Execution Vulnerability | |||||||
CVE-2024-29050 | No | No | - | - | Important | 8.4 | 7.3 |
Windows Cryptographic Services Security Feature Bypass Vulnerability | |||||||
CVE-2024-26228 | No | No | - | - | Important | 7.8 | 6.8 |
Windows DNS Server Remote Code Execution Vulnerability | |||||||
CVE-2024-26221 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-26222 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-26223 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-26224 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-26227 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-26231 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2024-26233 | No | No | - | - | Important | 7.2 | 6.3 |
Windows DWM Core Library Information Disclosure Vulnerability | |||||||
CVE-2024-26172 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Defender Credential Guard Elevation of Privilege Vulnerability | |||||||
CVE-2024-26237 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Distributed File System (DFS) Information Disclosure Vulnerability | |||||||
CVE-2024-26226 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Distributed File System (DFS) Remote Code Execution Vulnerability | |||||||
CVE-2024-29066 | No | No | - | - | Important | 7.2 | 6.3 |
Windows File Server Resource Management Service Elevation of Privilege Vulnerability | |||||||
CVE-2024-26216 | No | No | - | - | Important | 7.3 | 6.4 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2024-29064 | No | No | - | - | Important | 6.2 | 5.4 |
Windows Kerberos Denial of Service Vulnerability | |||||||
CVE-2024-26183 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Kerberos Elevation of Privilege Vulnerability | |||||||
CVE-2024-26248 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2024-20693 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26218 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Mobile Hotspot Information Disclosure Vulnerability | |||||||
CVE-2024-26220 | No | No | - | - | Important | 5.0 | 4.4 |
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||||||
CVE-2024-26211 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||||
CVE-2024-26255 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-28901 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-28902 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-26207 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-26217 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-28900 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||||||
CVE-2024-26179 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-26200 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-26205 | No | No | - | - | Important | 8.8 | 7.7 |
Windows SMB Elevation of Privilege Vulnerability | |||||||
CVE-2024-26245 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Storage Elevation of Privilege Vulnerability | |||||||
CVE-2024-29052 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Telephony Server Elevation of Privilege Vulnerability | |||||||
CVE-2024-26242 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2024-26230 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26239 | No | No | - | - | Important | 7.8 | 6.8 |
Windows USB Print Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-26243 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Update Stack Elevation of Privilege Vulnerability | |||||||
CVE-2024-26235 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26236 | No | No | - | - | Important | 7.0 | 6.1 |
Windows rndismp6.sys Remote Code Execution Vulnerability | |||||||
CVE-2024-26252 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2024-26253 | No | No | - | - | Important | 6.8 | 5.9 |
libarchive Remote Code Execution Vulnerability | |||||||
CVE-2024-26256 | No | No | - | - | Important | 7.8 | 6.8 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments