HomeVulnerabilityMicrosoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws

At this time is Microsoft’s September 2024 Patch Tuesday, which incorporates security updates for 79 flaws, together with 4 actively exploited and one publicly disclosed zero-days.

This Patch Tuesday mounted seven important vulnerabilities, which have been both distant code execution or elevation of privileges flaws.

The variety of bugs in every vulnerability class is listed beneath:

  • 30 Elevation of Privilege Vulnerabilities
  • 4 Safety Characteristic Bypass Vulnerabilities
  • 23 Distant Code Execution Vulnerabilities
  • 11 Info Disclosure Vulnerabilities
  • 8 Denial of Service Vulnerabilities
  • 3 Spoofing Vulnerabilities

To study extra concerning the non-security updates launched at present, you possibly can assessment our devoted articles on the brand new Home windows 11 KB5043076 cumulative replace and Home windows 10 KB5043064 replace.

4 zero-days disclosed

This month’s Patch Tuesday fixes 4 actively exploited, one in every of which was publicly disclosed. 

Microsoft classifies a zero-day flaw as one that’s publicly disclosed or actively exploited whereas no official repair is on the market.

The 4 actively exploited zero-day vulnerabilities in at present’s updates are:

CVE-2024-38014 – Home windows Installer Elevation of Privilege Vulnerability

This vulnerability permits assaults to achieve SYSTEM privileges on Home windows programs.

Microsoft has not shared any particulars on the way it was exploited in assaults.

The flaw was found by Michael Baer with SEC Seek the advice of Vulnerability Lab. 

CVE-2024-38217 – Home windows Mark of the Internet Safety Characteristic Bypass Vulnerability

This flaw was publicly disclosed final month by Joe Desimone of Elastic Safety and is believed to have been actively exploited since 2018.

Within the report, Desimone outlined a way known as LNK stomping that permits specifically crafted LNK recordsdata with non-standard goal paths or inner constructions to trigger the file to be opened whereas bypassing Good App Management and the Mark of the Internet security warnings.

“An attacker can craft a malicious file that will evade Mark of the Internet (MOTW) defenses, leading to a restricted lack of integrity and availability of security options resembling SmartScreen Utility Repute security verify and/or the legacy Home windows Attachment Companies security immediate,” explains Microsoft’s advisory.

When exploited, it causes the command within the LNK file to be executed with no warning, as demonstrated on this video.

LNK stomping demonstration

CVE-2024-38226 – Microsoft Writer Safety Characteristic Bypass Vulnerability

Microsoft mounted a Microsoft Writer flaw that bypasses the security protections towards embedded macros in downloaded paperwork.

“An attacker who efficiently exploited this vulnerability may bypass Workplace macro insurance policies used to dam untrusted or malicious recordsdata,” explains Microsoft’s advisory.

Microsoft has not shared who disclosed the flaw and the way it was exploited.

CVE-2024-43491 – Microsoft Home windows Replace Distant Code Execution Vulnerability

Microsoft mounted a servicing stack flaw that permits distant code execution.

“Microsoft is conscious of a vulnerability in Servicing Stack that has rolled again the fixes for some vulnerabilities affecting Elective Parts on Home windows 10, model 1507 (preliminary model launched July 2015),” explains Microsoft’s advisory.

See also  New Python-Based mostly Snake Data Stealer Spreading By way of Fb Messages

“Which means that an attacker may exploit these beforehand mitigated vulnerabilities on Home windows 10, model 1507 (Home windows 10 Enterprise 2015 LTSB and Home windows 10 IoT Enterprise 2015 LTSB) programs which have put in the Home windows security replace launched on March 12, 2024—KB5035858 (OS Construct 10240.20526) or different updates launched till August 2024. All later variations of Home windows 10 are usually not impacted by this vulnerability.”

“This servicing stack vulnerability is addressed by putting in the September 2024 Servicing stack replace (SSU KB5043936) AND the September 2024 Home windows security replace (KB5043083), in that order.”

This flaw solely impacts Home windows 10, model 1507, which reached the tip of life in 2017. Nevertheless, it additionally impacts Home windows 10 Enterprise 2015 LTSB and Home windows 10 IoT Enterprise 2015 LTSB editions, that are nonetheless below assist.

This flaw is attention-grabbing as a result of it prompted Elective Parts, resembling Energetic Listing Light-weight Listing Companies, XPS Viewer, Web Explorer 11, LPD Print Service, IIS, and Home windows Media Participant to roll again to their authentic RTM variations.

This prompted any earlier CVE to be reintroduced into this system, which may then be exploited.

Extra particulars concerning the flaw and the entire record of affected elements can present in Microsoft’s advisory.

Microsoft has not shared who disclosed the flaw and the way it was exploited.

Latest updates from different corporations

Different distributors who launched updates or advisories in September 2024 embrace:

The September 2024 Patch Tuesday Safety Updates

Under is the entire record of resolved vulnerabilities within the September 2024 Patch Tuesday updates.

To entry the total description of every vulnerability and the programs it impacts, you possibly can view the full report right here.

Tag CVE ID CVE Title Severity
Azure CycleCloud CVE-2024-43469 Azure CycleCloud Distant Code Execution Vulnerability Vital
Azure Community Watcher CVE-2024-38188 Azure Community Watcher VM Agent Elevation of Privilege Vulnerability Vital
Azure Community Watcher CVE-2024-43470 Azure Community Watcher VM Agent Elevation of Privilege Vulnerability Vital
Azure Stack CVE-2024-38216 Azure Stack Hub Elevation of Privilege Vulnerability Vital
Azure Stack CVE-2024-38220 Azure Stack Hub Elevation of Privilege Vulnerability Vital
Azure Internet Apps CVE-2024-38194 Azure Internet Apps Elevation of Privilege Vulnerability Vital
Dynamics Enterprise Central CVE-2024-38225 Microsoft Dynamics 365 Enterprise Central Elevation of Privilege Vulnerability Vital
Microsoft AutoUpdate (MAU) CVE-2024-43492 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Vital
Microsoft Dynamics 365 (on-premises) CVE-2024-43476 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Vital
Microsoft Graphics Element CVE-2024-38247 Home windows Graphics Element Elevation of Privilege Vulnerability Vital
Microsoft Graphics Element CVE-2024-38250 Home windows Graphics Element Elevation of Privilege Vulnerability Vital
Microsoft Graphics Element CVE-2024-38249 Home windows Graphics Element Elevation of Privilege Vulnerability Vital
Microsoft Administration Console CVE-2024-38259 Microsoft Administration Console Distant Code Execution Vulnerability Vital
Microsoft Workplace Excel CVE-2024-43465 Microsoft Excel Elevation of Privilege Vulnerability Vital
Microsoft Workplace Writer CVE-2024-38226 Microsoft Writer Safety Characteristic Bypass Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-38227 Microsoft SharePoint Server Distant Code Execution Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-43464 Microsoft SharePoint Server Distant Code Execution Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-38018 Microsoft SharePoint Server Distant Code Execution Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-38228 Microsoft SharePoint Server Distant Code Execution Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-43466 Microsoft SharePoint Server Denial of Service Vulnerability Vital
Microsoft Workplace Visio CVE-2024-43463 Microsoft Workplace Visio Distant Code Execution Vulnerability Vital
Microsoft Outlook for iOS CVE-2024-43482 Microsoft Outlook for iOS Info Disclosure Vulnerability Vital
Microsoft Streaming Service CVE-2024-38245 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Vital
Microsoft Streaming Service CVE-2024-38241 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Vital
Microsoft Streaming Service CVE-2024-38242 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Vital
Microsoft Streaming Service CVE-2024-38244 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Vital
Microsoft Streaming Service CVE-2024-38243 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Vital
Microsoft Streaming Service CVE-2024-38237 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Vital
Microsoft Streaming Service CVE-2024-38238 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Vital
Energy Automate CVE-2024-43479 Microsoft Energy Automate Desktop Distant Code Execution Vulnerability Vital
Function: Home windows Hyper-V CVE-2024-38235 Home windows Hyper-V Denial of Service Vulnerability Vital
SQL Server CVE-2024-37338 Microsoft SQL Server Native Scoring Distant Code Execution Vulnerability Vital
SQL Server CVE-2024-37980 Microsoft SQL Server Elevation of Privilege Vulnerability Vital
SQL Server CVE-2024-26191 Microsoft SQL Server Native Scoring Distant Code Execution Vulnerability Vital
SQL Server CVE-2024-37339 Microsoft SQL Server Native Scoring Distant Code Execution Vulnerability Vital
SQL Server CVE-2024-37337 Microsoft SQL Server Native Scoring Info Disclosure Vulnerability Vital
SQL Server CVE-2024-26186 Microsoft SQL Server Native Scoring Distant Code Execution Vulnerability Vital
SQL Server CVE-2024-37342 Microsoft SQL Server Native Scoring Info Disclosure Vulnerability Vital
SQL Server CVE-2024-43474 Microsoft SQL Server Info Disclosure Vulnerability Vital
SQL Server CVE-2024-37335 Microsoft SQL Server Native Scoring Distant Code Execution Vulnerability Vital
SQL Server CVE-2024-37966 Microsoft SQL Server Native Scoring Info Disclosure Vulnerability Vital
SQL Server CVE-2024-37340 Microsoft SQL Server Native Scoring Distant Code Execution Vulnerability Vital
SQL Server CVE-2024-37965 Microsoft SQL Server Elevation of Privilege Vulnerability Vital
SQL Server CVE-2024-37341 Microsoft SQL Server Elevation of Privilege Vulnerability Vital
Home windows Admin Middle CVE-2024-43475 Microsoft Home windows Admin Middle Info Disclosure Vulnerability Vital
Home windows AllJoyn API CVE-2024-38257 Microsoft AllJoyn API Info Disclosure Vulnerability Vital
Home windows Authentication Strategies CVE-2024-38254 Home windows Authentication Info Disclosure Vulnerability Vital
Home windows DHCP Server CVE-2024-38236 DHCP Server Service Denial of Service Vulnerability Vital
Home windows Installer CVE-2024-38014 Home windows Installer Elevation of Privilege Vulnerability Vital
Home windows Kerberos CVE-2024-38239 Home windows Kerberos Elevation of Privilege Vulnerability Vital
Home windows Kernel-Mode Drivers CVE-2024-38256 Home windows Kernel-Mode Driver Info Disclosure Vulnerability Vital
Home windows Libarchive CVE-2024-43495 Home windows libarchive Distant Code Execution Vulnerability Vital
Home windows Mark of the Internet (MOTW) CVE-2024-38217 Home windows Mark of the Internet Safety Characteristic Bypass Vulnerability Vital
Home windows Mark of the Internet (MOTW) CVE-2024-43487 Home windows Mark of the Internet Safety Characteristic Bypass Vulnerability Average
Home windows MSHTML Platform CVE-2024-43461 Home windows MSHTML Platform Spoofing Vulnerability Vital
Home windows Community Handle Translation (NAT) CVE-2024-38119 Home windows Community Handle Translation (NAT) Distant Code Execution Vulnerability Vital
Home windows Community Virtualization CVE-2024-38232 Home windows Networking Denial of Service Vulnerability Vital
Home windows Community Virtualization CVE-2024-38233 Home windows Networking Denial of Service Vulnerability Vital
Home windows Community Virtualization CVE-2024-38234 Home windows Networking Denial of Service Vulnerability Vital
Home windows Community Virtualization CVE-2024-43458 Home windows Networking Info Disclosure Vulnerability Vital
Home windows PowerShell CVE-2024-38046 PowerShell Elevation of Privilege Vulnerability Vital
Home windows Distant Entry Connection Supervisor CVE-2024-38240 Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability Vital
Home windows Distant Desktop Licensing Service CVE-2024-38231 Home windows Distant Desktop Licensing Service Denial of Service Vulnerability Vital
Home windows Distant Desktop Licensing Service CVE-2024-38258 Home windows Distant Desktop Licensing Service Info Disclosure Vulnerability Vital
Home windows Distant Desktop Licensing Service CVE-2024-43467 Home windows Distant Desktop Licensing Service Distant Code Execution Vulnerability Vital
Home windows Distant Desktop Licensing Service CVE-2024-43454 Home windows Distant Desktop Licensing Service Distant Code Execution Vulnerability Vital
Home windows Distant Desktop Licensing Service CVE-2024-38263 Home windows Distant Desktop Licensing Service Distant Code Execution Vulnerability Vital
Home windows Distant Desktop Licensing Service CVE-2024-38260 Home windows Distant Desktop Licensing Service Distant Code Execution Vulnerability Vital
Home windows Distant Desktop Licensing Service CVE-2024-43455 Home windows Distant Desktop Licensing Service Spoofing Vulnerability Vital
Home windows Safety Zone Mapping CVE-2024-30073 Home windows Safety Zone Mapping Safety Characteristic Bypass Vulnerability Vital
Home windows Setup and Deployment CVE-2024-43457 Home windows Setup and Deployment Elevation of Privilege Vulnerability Vital
Home windows Requirements-Primarily based Storage Administration Service CVE-2024-38230 Home windows Requirements-Primarily based Storage Administration Service Denial of Service Vulnerability Vital
Home windows Storage CVE-2024-38248 Home windows Storage Elevation of Privilege Vulnerability Vital
Home windows TCP/IP CVE-2024-21416 Home windows TCP/IP Distant Code Execution Vulnerability Vital
Home windows TCP/IP CVE-2024-38045 Home windows TCP/IP Distant Code Execution Vulnerability Vital
Home windows Replace CVE-2024-43491 Microsoft Home windows Replace Distant Code Execution Vulnerability Vital
Home windows Win32K – GRFX CVE-2024-38246 Win32k Elevation of Privilege Vulnerability Vital
Home windows Win32K – ICOMP CVE-2024-38252 Home windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Vital
Home windows Win32K – ICOMP CVE-2024-38253 Home windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Vital
See also  Malicious package deal marketing campaign on NuGet abuses MSBuild integrations
- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular