My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Microsoft Patch Tuesday - March 2024

Published: 2024-03-12. Last Updated: 2024-03-12 17:53:50 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

This month's patches are oddly "light". We have patches for 60 vulnerabilities and 4 Chromium patches affecting Microsoft Edge. But only two of the vulnerabilities are rated as "Critical":

CVE-2024-21408: Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21407: Windows Hyper-V Remote Code Execution Vulnerability

Oddly, Microsoft considers a DoS vulnerability "critical". However, a DoS against Hyper-V could have a significant impact, which may justify the rating. The code execution vulnerability justifies a rating of critical. However, exploitation requires an attacker to first gain a foothold inside a virtual machine.

Other vulnerabilities of interest:

CVE-2024-26198: A remote code execution vulnerability for Exchange Server. This is a DLL loading issue that is typically more difficult to exploit. Authentication is required to exploit the vulnerability.

Overall, this Patch Tuesday doesn't look too bad. Follow your normal patch management process. There is no need to get all worked up; tomorrow morning: Have some coffee, test... and later deploy once the tests are completed successfully.

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-21392 No No - - Important 7.5 6.7
Azure Data Studio Elevation of Privilege Vulnerability
CVE-2024-26203 No No - - Important 7.3 7.0
Azure SDK Spoofing Vulnerability
CVE-2024-21421 No No - - Important 7.5 6.5
Chromium: CVE-2024-2173 Out of bounds memory access in V8
CVE-2024-2173 No No - - -    
Chromium: CVE-2024-2174 Inappropriate implementation in V8
CVE-2024-2174 No No - - -    
Chromium: CVE-2024-2176 Use after free in FedCM
CVE-2024-2176 No No - - -    
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
CVE-2024-21431 No No - - Important 7.8 6.8
Intel: CVE-2023-28746 Register File Data Sampling (RFDS)
CVE-2023-28746 No No - - Important    
Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2024-21438 No No - - Important 7.5 6.5
Microsoft Authenticator Elevation of Privilege Vulnerability
CVE-2024-21390 No No - - Important 7.1 6.2
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-21400 No No - - Important 9.0 8.1
Microsoft Defender Security Feature Bypass Vulnerability
CVE-2024-20671 No No - - Important 5.5 4.8
Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability
CVE-2024-26164 No No - - Important 8.8 7.7
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-21419 No No - - Important 7.6 6.6
Microsoft Edge for Android Spoofing Vulnerability
CVE-2024-26167 No No Less Likely Less Likely - 4.3 3.8
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2024-26198 No No - - Important 8.8 7.7
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability
CVE-2024-26201 No No - - Important 6.6 5.9
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-21451 No No - - Important 8.8 7.7
CVE-2024-26159 No No - - Important 8.8 7.7
CVE-2024-21440 No No - - Important 8.8 7.7
CVE-2024-26162 No No - - Important 8.8 7.7
Microsoft Office Elevation of Privilege Vulnerability
CVE-2024-26199 No No - - Important 7.8 6.8
Microsoft QUIC Denial of Service Vulnerability
CVE-2024-26190 No No - - Important 7.5 6.5
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-21426 No No - - Important 7.8 6.8
Microsoft Teams for Android Information Disclosure Vulnerability
CVE-2024-21448 No No - - Important 5.0 4.4
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21441 No No - - Important 8.8 7.7
CVE-2024-21444 No No - - Important 8.8 7.7
CVE-2024-21450 No No - - Important 8.8 7.7
CVE-2024-26161 No No - - Important 8.8 7.7
CVE-2024-26166 No No - - Important 8.8 7.7
Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
CVE-2024-21434 No No - - Important 7.8 6.8
NTFS Elevation of Privilege Vulnerability
CVE-2024-21446 No No - - Important 7.8 6.8
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2024-21330 No No - - Important 7.8 7.0
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
CVE-2024-21334 No No - - Important 9.8 8.5
Outlook for Android Information Disclosure Vulnerability
CVE-2024-26204 No No - - Important 7.5 6.5
Skype for Consumer Remote Code Execution Vulnerability
CVE-2024-21411 No No - - Important 8.8 7.7
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
CVE-2024-21418 No No - - Important 7.8 6.8
Visual Studio Code Elevation of Privilege Vulnerability
CVE-2024-26165 No No - - Important 8.8 7.7
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2024-26160 No No - - Important 5.5 4.8
Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability
CVE-2024-26170 No No - - Important 7.8 6.8
Windows Compressed Folder Tampering Vulnerability
CVE-2024-26185 No No - - Important 6.5 5.7
Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2024-26169 No No - - Important 7.8 6.8
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-21437 No No - - Important 7.8 6.8
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21408 No No - - Critical 5.5 4.8
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-21407 No No - - Critical 8.1 7.1
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-21436 No No - - Important 7.8 6.8
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-21427 No No - - Important 7.5 6.5
Windows Kernel Denial of Service Vulnerability
CVE-2024-26181 No No - - Important 5.5 4.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21443 No No - - Important 7.3 6.4
CVE-2024-26173 No No - - Important 7.8 6.8
CVE-2024-26176 No No - - Important 7.8 6.8
CVE-2024-26178 No No - - Important 7.8 6.8
CVE-2024-26182 No No - - Important 7.8 6.8
Windows Kernel Information Disclosure Vulnerability
CVE-2024-26174 No No - - Important 5.5 4.8
CVE-2024-26177 No No - - Important 5.5 4.8
Windows OLE Remote Code Execution Vulnerability
CVE-2024-21435 No No - - Important 8.8 7.7
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-21433 No No - - Important 7.0 6.1
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-26197 No No - - Important 6.5 5.7
Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-21439 No No - - Important 7.0 6.1
Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability
CVE-2024-21430 No No - - Important 5.7 5.1
Windows USB Hub Driver Remote Code Execution Vulnerability
CVE-2024-21429 No No - - Important 6.8 5.9
Windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-21442 No No - - Important 7.8 6.8
CVE-2024-21445 No No - - Important 7.0 6.1
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-21432 No No - - Important 7.0 6.1

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

0 comment(s)
My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Comments


Diary Archives