HomeVulnerabilityMicrosoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws

Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws

Right this moment is Microsoft’s October 2024 Patch Tuesday, which incorporates security updates for 118 flaws, together with 5 publicly disclosed zero-days, two of that are actively exploited.

This Patch Tuesday mounted three essential vulnerabilities, all distant code execution flaws.

The variety of bugs in every vulnerability class is listed beneath:

  • 28 Elevation of Privilege vulnerabilities
  • 7 Safety Function Bypass vulnerabilities
  • 43 Distant Code Execution vulnerabilities
  • 6 Data Disclosure vulnerabilities
  • 26 Denial of Service vulnerabilities
  • 7 Spoofing vulnerabilities

This rely doesn’t embody three Edge flaws that had been beforehand mounted on October third.

To be taught extra in regards to the non-security updates launched right this moment, you’ll be able to evaluation our devoted articles on the brand new Home windows 11 KB5044284 and KB5044285 cumulative updates and the Home windows 10 KB5044273 replace.

4 zero-days disclosed

This month’s Patch Tuesday fixes 5 zero-days, two of which had been actively exploited in assaults, and all 5 had been publicly disclosed.

Microsoft classifies a zero-day flaw as one that’s publicly disclosed or actively exploited whereas no official repair is out there.

The 2 actively exploited zero-day vulnerabilities in right this moment’s updates are:

CVE-2024-43573 – Home windows MSHTML Platform Spoofing Vulnerability

Whereas Microsoft has not shared any detailed details about this bug or the way it’s exploited, they did state it concerned the MSHTML platform, beforehand utilized by Web Explorer and Legacy Microsoft Edge, whose elements are nonetheless put in in Home windows.

“Whereas Microsoft has introduced retirement of the Web Explorer 11 utility on sure platforms and the Microsoft Edge Legacy utility is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are nonetheless supported,” defined Microsoft.

“The MSHTML platform is utilized by Web Explorer mode in Microsoft Edge in addition to different purposes by means of WebBrowser management. The EdgeHTML platform is utilized by WebView and a few UWP purposes. The scripting platforms are utilized by MSHTML and EdgeHTML however will also be utilized by different legacy purposes.”

Whereas not confirmed, this could possibly be a bypass of a earlier vulnerability that abused MSHTML to spoof file extensions in alerts displayed when opening information. The same MSHTML spoofing flaw was disclosed final month when assaults utilized Braille characters in filenames to spoof PDF information.

Microsoft has not shared who disclosed the vulnerability.

CVE-2024-43572 – Microsoft Administration Console Distant Code Execution Vulnerability

This flaw allowed malicious Microsoft Saved Console (MSC) information to carry out distant code execution on susceptible gadgets.

Microsoft mounted the flaw by stopping untrusted MSC information from being opened.

“The security replace will stop untrusted Microsoft Saved Console (MSC) information from being opened to guard clients towards the dangers related to this vulnerability,” defined Microsoft.

It’s unknown how this flaw was actively exploited in assaults. 

Microsoft says the bug was disclosed by “Andres and Shady”.

Microsoft says that each of those had been additionally publicly disclosed.

The opposite three vulnerabilities that had been publicly disclosed however not exploited in assaults are:

CVE-2024-6197 – Open Supply Curl Distant Code Execution Vulnerability

Microsoft mounted a libcurl distant code execution flaw that would trigger instructions to be executed when Curl makes an attempt to hook up with a malicious server.

“The susceptible code path could be triggered by a malicious server providing an particularly crafted TLS certificates,” explains a Curl security advisory.

Microsoft mounted the flaw by updating the libcurl library utilized by the Curl executable bundled with Home windows.

The flaw was found by a security researcher named “z2_,” who shared technical particulars in a HackerOne report.

CVE-2024-20659 – Home windows Hyper-V Safety Function Bypass Vulnerability

Microsoft mounted a UEFI bypass that would permit attackers to compromised the hypervisor and kernel.

“This Hypervisor vulnerability pertains to Digital Machines inside a Unified Extensible Firmware Interface (UEFI) host machine,” explains Microsoft.

“On some particular {hardware} it could be attainable to bypass the UEFI, which might result in the compromise of the hypervisor and the safe kernel.”

Microsoft says that an attacker wants bodily entry to the machine and should reboot it to use the flaw.

The flaw was found by Francisco Falcón and Iván Arce of Quarkslab however it isn’t recognized the place it was publicly disclosed.

See also  CISA urges software program devs to weed out SQL injection vulnerabilities

CVE-2024-43583 – Winlogon Elevation of Privilege Vulnerability

Microsoft mounted an elevation of privileges flaw that would give attackers SYSTEM privileges in Home windows.

To be protected against this flaw, Microsoft says that admins should take further actions.

“To deal with this vulnerability, be sure that a Microsoft first-party IME is enabled in your machine,” explains Microsoft.

“By doing so, you’ll be able to assist shield your machine from potential vulnerabilities related to a third-party (3P) IME through the check in course of.”

Microsoft says wh1tc & Zhiniang Peng of pwnull found the issues.

Current updates from different firms

Different distributors who launched updates or advisories in October 2024 embody:

The October 2024 Patch Tuesday Safety Updates

Under is the entire record of resolved vulnerabilities within the October 2024 Patch Tuesday updates.

To entry the complete description of every vulnerability and the techniques it impacts, you’ll be able to view the full report right here.

Tag CVE ID CVE Title Severity
.NET and Visible Studio CVE-2024-38229 .NET and Visible Studio Distant Code Execution Vulnerability Vital
.NET and Visible Studio CVE-2024-43485 .NET and Visible Studio Denial of Service Vulnerability Vital
.NET, .NET Framework, Visible Studio CVE-2024-43484 .NET, .NET Framework, and Visible Studio Denial of Service Vulnerability Vital
.NET, .NET Framework, Visible Studio CVE-2024-43483 .NET, .NET Framework, and Visible Studio Denial of Service Vulnerability Vital
Azure CLI CVE-2024-43591 Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability Vital
Azure Monitor CVE-2024-38097 Azure Monitor Agent Elevation of Privilege Vulnerability Vital
Azure Stack CVE-2024-38179 Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability Vital
BranchCache CVE-2024-43506 BranchCache Denial of Service Vulnerability Vital
BranchCache CVE-2024-38149 BranchCache Denial of Service Vulnerability Vital
Code Integrity Guard CVE-2024-43585 Code Integrity Guard Safety Function Bypass Vulnerability Vital
DeepSpeed CVE-2024-43497 DeepSpeed Distant Code Execution Vulnerability Vital
Web Small Laptop Methods Interface (iSCSI) CVE-2024-43515 Web Small Laptop Methods Interface (iSCSI) Denial of Service Vulnerability Vital
Microsoft ActiveX CVE-2024-43517 Microsoft ActiveX Data Objects Distant Code Execution Vulnerability Vital
Microsoft Configuration Supervisor CVE-2024-43468 Microsoft Configuration Supervisor Distant Code Execution Vulnerability Important
Microsoft Defender for Endpoint CVE-2024-43614 Microsoft Defender for Endpoint for Linux Spoofing Vulnerability Vital
Microsoft Edge (Chromium-based) CVE-2024-9369 Chromium: CVE-2024-9369 Inadequate knowledge validation in Mojo Unknown
Microsoft Edge (Chromium-based) CVE-2024-9370 Chromium: CVE-2024-9370 Inappropriate implementation in V8 Unknown
Microsoft Edge (Chromium-based) CVE-2024-7025 Chromium: CVE-2024-7025 Integer overflow in Format Unknown
Microsoft Graphics Element CVE-2024-43534 Home windows Graphics Element Data Disclosure Vulnerability Vital
Microsoft Graphics Element CVE-2024-43508 Home windows Graphics Element Data Disclosure Vulnerability Vital
Microsoft Graphics Element CVE-2024-43556 Home windows Graphics Element Elevation of Privilege Vulnerability Vital
Microsoft Graphics Element CVE-2024-43509 Home windows Graphics Element Elevation of Privilege Vulnerability Vital
Microsoft Administration Console CVE-2024-43572 Microsoft Administration Console Distant Code Execution Vulnerability Vital
Microsoft Workplace CVE-2024-43616 Microsoft Workplace Distant Code Execution Vulnerability Vital
Microsoft Workplace CVE-2024-43576 Microsoft Workplace Distant Code Execution Vulnerability Vital
Microsoft Workplace CVE-2024-43609 Microsoft Workplace Spoofing Vulnerability Vital
Microsoft Workplace Excel CVE-2024-43504 Microsoft Excel Distant Code Execution Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-43503 Microsoft SharePoint Elevation of Privilege Vulnerability Vital
Microsoft Workplace Visio CVE-2024-43505 Microsoft Workplace Visio Distant Code Execution Vulnerability Vital
Microsoft Easy Certificates Enrollment Protocol CVE-2024-43544 Microsoft Easy Certificates Enrollment Protocol Denial of Service Vulnerability Vital
Microsoft Easy Certificates Enrollment Protocol CVE-2024-43541 Microsoft Easy Certificates Enrollment Protocol Denial of Service Vulnerability Vital
Microsoft WDAC OLE DB supplier for SQL CVE-2024-43519 Microsoft WDAC OLE DB supplier for SQL Server Distant Code Execution Vulnerability Vital
Microsoft Home windows Speech CVE-2024-43574 Microsoft Speech Software Programming Interface (SAPI) Distant Code Execution Vulnerability Vital
OpenSSH for Home windows CVE-2024-43615 Microsoft OpenSSH for Home windows Distant Code Execution Vulnerability Vital
OpenSSH for Home windows CVE-2024-43581 Microsoft OpenSSH for Home windows Distant Code Execution Vulnerability Vital
OpenSSH for Home windows CVE-2024-38029 Microsoft OpenSSH for Home windows Distant Code Execution Vulnerability Vital
Outlook for Android CVE-2024-43604 Outlook for Android Elevation of Privilege Vulnerability Vital
Energy BI CVE-2024-43612 Energy BI Report Server Spoofing Vulnerability Vital
Energy BI CVE-2024-43481 Energy BI Report Server Spoofing Vulnerability Vital
Distant Desktop Consumer CVE-2024-43533 Distant Desktop Consumer Distant Code Execution Vulnerability Vital
Distant Desktop Consumer CVE-2024-43599 Distant Desktop Consumer Distant Code Execution Vulnerability Vital
Function: Home windows Hyper-V CVE-2024-43521 Home windows Hyper-V Denial of Service Vulnerability Vital
Function: Home windows Hyper-V CVE-2024-20659 Home windows Hyper-V Safety Function Bypass Vulnerability Vital
Function: Home windows Hyper-V CVE-2024-43567 Home windows Hyper-V Denial of Service Vulnerability Vital
Function: Home windows Hyper-V CVE-2024-43575 Home windows Hyper-V Denial of Service Vulnerability Vital
RPC Endpoint Mapper Service CVE-2024-43532 Distant Registry Service Elevation of Privilege Vulnerability Vital
Service Material CVE-2024-43480 Azure Service Material for Linux Distant Code Execution Vulnerability Vital
Sudo for Home windows CVE-2024-43571 Sudo for Home windows Spoofing Vulnerability Vital
Visible C++ Redistributable Installer CVE-2024-43590 Visible C++ Redistributable Installer Elevation of Privilege Vulnerability Vital
Visible Studio CVE-2024-43603 Visible Studio Collector Service Denial of Service Vulnerability Vital
Visible Studio Code CVE-2024-43488 Visible Studio Code extension for Arduino Distant Code Execution Vulnerability Important
Visible Studio Code CVE-2024-43601 Visible Studio Code for Linux Distant Code Execution Vulnerability Vital
Home windows Ancillary Perform Driver for WinSock CVE-2024-43563 Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability Vital
Home windows BitLocker CVE-2024-43513 BitLocker Safety Function Bypass Vulnerability Vital
Home windows Frequent Log File System Driver CVE-2024-43501 Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability Vital
Home windows Cryptographic Companies CVE-2024-43546 Home windows Cryptographic Data Disclosure Vulnerability Vital
Home windows cURL Implementation CVE-2024-6197 Open Supply Curl Distant Code Execution Vulnerability Vital
Home windows EFI Partition CVE-2024-37982 Home windows Resume Extensible Firmware Interface Safety Function Bypass Vulnerability Vital
Home windows EFI Partition CVE-2024-37976 Home windows Resume Extensible Firmware Interface Safety Function Bypass Vulnerability Vital
Home windows EFI Partition CVE-2024-37983 Home windows Resume Extensible Firmware Interface Safety Function Bypass Vulnerability Vital
Home windows Hyper-V CVE-2024-30092 Home windows Hyper-V Distant Code Execution Vulnerability Vital
Home windows Kerberos CVE-2024-43547 Home windows Kerberos Data Disclosure Vulnerability Vital
Home windows Kerberos CVE-2024-38129 Home windows Kerberos Elevation of Privilege Vulnerability Vital
Home windows Kernel CVE-2024-43502 Home windows Kernel Elevation of Privilege Vulnerability Vital
Home windows Kernel CVE-2024-43511 Home windows Kernel Elevation of Privilege Vulnerability Vital
Home windows Kernel CVE-2024-43520 Home windows Kernel Denial of Service Vulnerability Vital
Home windows Kernel CVE-2024-43527 Home windows Kernel Elevation of Privilege Vulnerability Vital
Home windows Kernel CVE-2024-43570 Home windows Kernel Elevation of Privilege Vulnerability Vital
Home windows Kernel CVE-2024-37979 Home windows Kernel Elevation of Privilege Vulnerability Vital
Home windows Kernel-Mode Drivers CVE-2024-43554 Home windows Kernel-Mode Driver Data Disclosure Vulnerability Vital
Home windows Kernel-Mode Drivers CVE-2024-43535 Home windows Kernel-Mode Driver Elevation of Privilege Vulnerability Vital
Home windows Native Safety Authority (LSA) CVE-2024-43522 Home windows Native Safety Authority (LSA) Elevation of Privilege Vulnerability Vital
Home windows Cell Broadband CVE-2024-43555 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43540 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43536 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-43538 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43525 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-43559 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43561 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43558 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43542 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43557 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows Cell Broadband CVE-2024-43526 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-43543 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-43523 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-43524 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-43537 Home windows Cell Broadband Driver Denial of Service Vulnerability Vital
Home windows MSHTML Platform CVE-2024-43573 Home windows MSHTML Platform Spoofing Vulnerability Reasonable
Home windows Netlogon CVE-2024-38124 Home windows Netlogon Elevation of Privilege Vulnerability Vital
Home windows Community Deal with Translation (NAT) CVE-2024-43562 Home windows Community Deal with Translation (NAT) Denial of Service Vulnerability Vital
Home windows Community Deal with Translation (NAT) CVE-2024-43565 Home windows Community Deal with Translation (NAT) Denial of Service Vulnerability Vital
Home windows NT OS Kernel CVE-2024-43553 NT OS Kernel Elevation of Privilege Vulnerability Vital
Home windows NTFS CVE-2024-43514 Home windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Vital
Home windows On-line Certificates Standing Protocol (OCSP) CVE-2024-43545 Home windows On-line Certificates Standing Protocol (OCSP) Server Denial of Service Vulnerability Vital
Home windows Print Spooler Elements CVE-2024-43529 Home windows Print Spooler Elevation of Privilege Vulnerability Vital
Home windows Distant Desktop CVE-2024-43582 Distant Desktop Protocol Server Distant Code Execution Vulnerability Important
Home windows Distant Desktop Licensing Service CVE-2024-38262 Home windows Distant Desktop Licensing Service Distant Code Execution Vulnerability Vital
Home windows Distant Desktop Companies CVE-2024-43456 Home windows Distant Desktop Companies Tampering Vulnerability Vital
Home windows Resilient File System (ReFS) CVE-2024-43500 Home windows Resilient File System (ReFS) Data Disclosure Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43592 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43589 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-38212 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43593 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-38261 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43611 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43453 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-38265 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43607 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43549 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43608 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-43564 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Scripting CVE-2024-43584 Home windows Scripting Engine Safety Function Bypass Vulnerability Vital
Home windows Safe Channel CVE-2024-43550 Home windows Safe Channel Spoofing Vulnerability Vital
Home windows Safe Kernel Mode CVE-2024-43516 Home windows Safe Kernel Mode Elevation of Privilege Vulnerability Vital
Home windows Safe Kernel Mode CVE-2024-43528 Home windows Safe Kernel Mode Elevation of Privilege Vulnerability Vital
Home windows Shell CVE-2024-43552 Home windows Shell Distant Code Execution Vulnerability Vital
Home windows Requirements-Primarily based Storage Administration Service CVE-2024-43512 Home windows Requirements-Primarily based Storage Administration Service Denial of Service Vulnerability Vital
Home windows Storage CVE-2024-43551 Home windows Storage Elevation of Privilege Vulnerability Vital
Home windows Storage Port Driver CVE-2024-43560 Microsoft Home windows Storage Port Driver Elevation of Privilege Vulnerability Vital
Home windows Telephony Server CVE-2024-43518 Home windows Telephony Server Distant Code Execution Vulnerability Vital
Winlogon CVE-2024-43583 Winlogon Elevation of Privilege Vulnerability Vital
See also  HelloKitty ransomware now exploiting Apache ActiveMQ flaw in assaults

Replace 9/11/24: Up to date to clarify that solely three flaws had been actively exploited and why CVE-2024-43491 was marked as exploited.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular