Microsoft Patch Tuesday - October 2024

    Published: 2024-10-08. Last Updated: 2024-10-08 19:18:33 UTC
    by Johannes Ullrich (Version: 1)
    0 comment(s)

    Microsoft today released patches for 117 vulnerabilities. Three additional vulnerabilities apply to Chromium/Edge. Another three vulnerabilities are rated critical.

    Five of the vulnerabilities were disclosed before today. Two vulnerabilities were not only disclosed but also exploited, according to Microsoft

    Notable Vulnerabilities:

    Microsoft Management Console Remote Code Execution Vulnerability (CVE-2024-43572)

    To Exploit this vulnerability, the attacker must convince the victim to open a malicious file.

    Open Source Curl Remote Code Execution Vulnerability (CVE-2024-6197)

    This vulnerability was disclosed and patched in libcurl back in July. Accordng to curl.se, the most likely outcome is a crash, but code execution can not be ruled out.

    Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2024-20659)

    The vulnerability allows an attacker to bypass the UEFI on the host machine and compromise the hypervisor and the secure kernel. Exploitation requires a reboot at the right time.

    Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43573)

    yet another Windows MSHTML Platform Spoofing vulnerability. Fourth 0-day just this year in this component. APT actors usually use these issues to make downloading and executing malware more likely.

     

     

    Description
    CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
    .NET and Visual Studio Denial of Service Vulnerability
    CVE-2024-43485 No No - - Important 7.5 6.5
    .NET and Visual Studio Remote Code Execution Vulnerability
    CVE-2024-38229 No No - - Important 8.1 7.1
    .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
    CVE-2024-43483 No No - - Important 7.5 6.5
    CVE-2024-43484 No No - - Important 7.5 6.5
    Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
    CVE-2024-43591 No No - - Important 8.7 7.6
    Azure Monitor Agent Elevation of Privilege Vulnerability
    CVE-2024-38097 No No - - Important 7.1 6.2
    Azure Service Fabric for Linux Remote Code Execution Vulnerability
    CVE-2024-43480 No No - - Important 6.6 5.8
    Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
    CVE-2024-38179 No No - - Important 8.8 7.7
    BitLocker Security Feature Bypass Vulnerability
    CVE-2024-43513 No No - - Important 6.4 5.6
    BranchCache Denial of Service Vulnerability
    CVE-2024-43506 No No - - Important 7.5 6.5
    CVE-2024-38149 No No - - Important 7.5 6.5
    Chromium: CVE-2024-7025 Integer overflow in Layout
    CVE-2024-7025 No No - - -    
    Chromium: CVE-2024-9369 Insufficient data validation in Mojo
    CVE-2024-9369 No No - - -    
    Chromium: CVE-2024-9370 Inappropriate implementation in V8
    CVE-2024-9370 No No - - -    
    Code Integrity Guard Security Feature Bypass Vulnerability
    CVE-2024-43585 No No - - Important 5.5 4.8
    DeepSpeed Remote Code Execution Vulnerability
    CVE-2024-43497 No No - - Important 8.4 7.3
    Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
    CVE-2024-43515 No No - - Important 7.5 6.5
    Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
    CVE-2024-43517 No No - - Important 8.8 7.7
    Microsoft Configuration Manager Remote Code Execution Vulnerability
    CVE-2024-43468 No No - - Critical 9.8 8.5
    Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
    CVE-2024-43614 No No - - Important 5.5 4.8
    Microsoft Excel Remote Code Execution Vulnerability
    CVE-2024-43504 No No - - Important 7.8 6.8
    Microsoft Management Console Remote Code Execution Vulnerability
    CVE-2024-43572 Yes Yes - - Important 7.8 7.2
    Microsoft Office Remote Code Execution Vulnerability
    CVE-2024-43576 No No - - Important 7.8 6.8
    CVE-2024-43616 No No - - Important 7.8 6.8
    Microsoft Office Spoofing Vulnerability
    CVE-2024-43609 No No - - Important 6.5 5.7
    Microsoft Office Visio Remote Code Execution Vulnerability
    CVE-2024-43505 No No - - Important 7.8 6.8
    Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
    CVE-2024-43581 No No - - Important 7.1 6.2
    CVE-2024-43615 No No - - Important 7.1 6.2
    CVE-2024-38029 No No - - Important 7.5 6.5
    Microsoft SharePoint Elevation of Privilege Vulnerability
    CVE-2024-43503 No No - - Important 7.8 6.8
    Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
    CVE-2024-43541 No No - - Important 7.5 6.5
    CVE-2024-43544 No No - - Important 7.5 6.5
    Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
    CVE-2024-43574 No No - - Important 8.3 7.2
    Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
    CVE-2024-43519 No No - - Important 8.8 7.7
    Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
    CVE-2024-43560 No No - - Important 7.8 6.8
    NT OS Kernel Elevation of Privilege Vulnerability
    CVE-2024-43553 No No - - Important 7.4 6.4
    Open Source Curl Remote Code Execution Vulnerability
    CVE-2024-6197 Yes No - - Important 8.8 7.7
    Outlook for Android Elevation of Privilege Vulnerability
    CVE-2024-43604 No No - - Important 5.7 5.0
    Power BI Report Server Spoofing Vulnerability
    CVE-2024-43481 No No - - Important 6.5 5.7
    CVE-2024-43612 No No - - Important 6.9 6.0
    Remote Desktop Client Remote Code Execution Vulnerability
    CVE-2024-43533 No No - - Important 8.8 7.7
    CVE-2024-43599 No No - - Important 8.8 7.7
    Remote Desktop Protocol Server Remote Code Execution Vulnerability
    CVE-2024-43582 No No - - Critical 8.1 7.1
    Remote Registry Service Elevation of Privilege Vulnerability
    CVE-2024-43532 No No - - Important 8.8 7.7
    Sudo for Windows Spoofing Vulnerability
    CVE-2024-43571 No No - - Important 5.6 4.9
    Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
    CVE-2024-43590 No No - - Important 7.8 6.8
    Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
    CVE-2024-43488 No No - - Critical 8.8 7.7
    Visual Studio Code for Linux Remote Code Execution Vulnerability
    CVE-2024-43601 No No - - Important 7.1 6.2
    Visual Studio Collector Service Denial of Service Vulnerability
    CVE-2024-43603 No No - - Important 5.5 4.8
    Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
    CVE-2024-43563 No No - - Important 7.8 6.8
    Windows Common Log File System Driver Elevation of Privilege Vulnerability
    CVE-2024-43501 No No - - Important 7.8 6.8
    Windows Cryptographic Information Disclosure Vulnerability
    CVE-2024-43546 No No - - Important 5.6 4.9
    Windows Graphics Component Elevation of Privilege Vulnerability
    CVE-2024-43509 No No - - Important 7.8 6.8
    CVE-2024-43556 No No - - Important 7.8 6.8
    Windows Graphics Component Information Disclosure Vulnerability
    CVE-2024-43508 No No - - Important 5.5 4.8
    CVE-2024-43534 No No - - Important 6.5 5.7
    Windows Hyper-V Denial of Service Vulnerability
    CVE-2024-43521 No No - - Important 7.5 6.5
    CVE-2024-43567 No No - - Important 7.5 6.5
    CVE-2024-43575 No No - - Important 7.5 6.5
    Windows Hyper-V Remote Code Execution Vulnerability
    CVE-2024-30092 No No - - Important 8.0 7.0
    Windows Hyper-V Security Feature Bypass Vulnerability
    CVE-2024-20659 Yes No - - Important 7.1 6.6
    Windows Kerberos Elevation of Privilege Vulnerability
    CVE-2024-38129 No No - - Important 7.5 6.5
    Windows Kerberos Information Disclosure Vulnerability
    CVE-2024-43547 No No - - Important 6.5 5.7
    Windows Kernel Denial of Service Vulnerability
    CVE-2024-43520 No No - - Important 5.0 4.4
    Windows Kernel Elevation of Privilege Vulnerability
    CVE-2024-43502 No No - - Important 7.1 6.2
    CVE-2024-43527 No No - - Important 7.8 6.8
    CVE-2024-37979 No No - - Important 6.7 5.8
    CVE-2024-43511 No No - - Important 7.0 6.1
    CVE-2024-43570 No No - - Important 6.4 5.6
    Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
    CVE-2024-43535 No No - - Important 7.0 6.1
    Windows Kernel-Mode Driver Information Disclosure Vulnerability
    CVE-2024-43554 No No - - Important 5.5 4.8
    Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
    CVE-2024-43522 No No - - Important 7.0 6.1
    Windows MSHTML Platform Spoofing Vulnerability
    CVE-2024-43573 Yes Yes - - Moderate 6.5 6.0
    Windows Mobile Broadband Driver Denial of Service Vulnerability
    CVE-2024-43537 No No - - Important 6.5 5.7
    CVE-2024-43538 No No - - Important 6.5 5.7
    CVE-2024-43540 No No - - Important 6.5 5.7
    CVE-2024-43542 No No - - Important 6.5 5.7
    CVE-2024-43555 No No - - Important 6.5 5.7
    CVE-2024-43557 No No - - Important 6.5 5.7
    CVE-2024-43558 No No - - Important 6.5 5.7
    CVE-2024-43559 No No - - Important 6.5 5.7
    CVE-2024-43561 No No - - Important 6.5 5.7
    Windows Mobile Broadband Driver Remote Code Execution Vulnerability
    CVE-2024-43525 No No - - Important 6.8 5.9
    CVE-2024-43526 No No - - Important 6.8 5.9
    CVE-2024-43543 No No - - Important 6.8 5.9
    CVE-2024-43523 No No - - Important 6.8 5.9
    CVE-2024-43524 No No - - Important 6.8 5.9
    CVE-2024-43536 No No - - Important 6.8 5.9
    Windows Netlogon Elevation of Privilege Vulnerability
    CVE-2024-38124 No No - - Important 9.0 7.8
    Windows Network Address Translation (NAT) Denial of Service Vulnerability
    CVE-2024-43562 No No - - Important 7.5 6.5
    CVE-2024-43565 No No - - Important 7.5 6.5
    Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
    CVE-2024-43545 No No - - Important 7.5 6.5
    Windows Print Spooler Elevation of Privilege Vulnerability
    CVE-2024-43529 No No - - Important 7.3 6.4
    Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
    CVE-2024-38262 No No - - Important 7.5 6.5
    Windows Remote Desktop Services Tampering Vulnerability
    CVE-2024-43456 No No - - Important 4.8 4.2
    Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
    CVE-2024-43514 No No - - Important 7.8 6.8
    Windows Resilient File System (ReFS) Information Disclosure Vulnerability
    CVE-2024-43500 No No - - Important 5.5 4.8
    Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
    CVE-2024-37976 No No - - Important 6.7 5.8
    CVE-2024-37982 No No - - Important 6.7 5.8
    CVE-2024-37983 No No - - Important 6.7 5.8
    Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
    CVE-2024-38261 No No - - Important 7.8 6.8
    CVE-2024-43608 No No - - Important 8.8 7.7
    CVE-2024-43607 No No - - Important 8.8 7.7
    CVE-2024-38265 No No - - Important 8.8 7.7
    CVE-2024-43453 No No - - Important 8.8 7.7
    CVE-2024-38212 No No - - Important 8.8 7.7
    CVE-2024-43549 No No - - Important 8.8 7.7
    CVE-2024-43564 No No - - Important 8.8 7.7
    CVE-2024-43589 No No - - Important 8.8 8.1
    CVE-2024-43592 No No - - Important 8.8 7.7
    CVE-2024-43593 No No - - Important 8.8 7.7
    CVE-2024-43611 No No - - Important 8.8 7.7
    Windows Scripting Engine Security Feature Bypass Vulnerability
    CVE-2024-43584 No No - - Important 7.7 6.7
    Windows Secure Channel Spoofing Vulnerability
    CVE-2024-43550 No No - - Important 7.4 6.4
    Windows Secure Kernel Mode Elevation of Privilege Vulnerability
    CVE-2024-43516 No No - - Important 7.8 6.8
    CVE-2024-43528 No No - - Important 7.8 6.8
    Windows Shell Remote Code Execution Vulnerability
    CVE-2024-43552 No No - - Important 7.3 6.4
    Windows Standards-Based Storage Management Service Denial of Service Vulnerability
    CVE-2024-43512 No No - - Important 6.5 5.7
    Windows Storage Elevation of Privilege Vulnerability
    CVE-2024-43551 No No - - Important 7.8 6.8
    Windows Telephony Server Remote Code Execution Vulnerability
    CVE-2024-43518 No No - - Important 8.8 7.7
    Winlogon Elevation of Privilege Vulnerability
    CVE-2024-43583 Yes No - - Important 7.8 6.8

     

    ---
    Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
    Twitter|

    Keywords: microsoft
    0 comment(s)
    ISC Stormcast For Tuesday, October 8th, 2024 https://isc.sans.edu/podcastdetail/9170

      Comments


      Diary Archives