Microsoft Patch Tuesday - March 2024
This month's patches are oddly "light". We have patches for 60 vulnerabilities and 4 Chromium patches affecting Microsoft Edge. But only two of the vulnerabilities are rated as "Critical":
CVE-2024-21408: Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21407: Windows Hyper-V Remote Code Execution Vulnerability
Oddly, Microsoft considers a DoS vulnerability "critical". However, a DoS against Hyper-V could have a significant impact, which may justify the rating. The code execution vulnerability justifies a rating of critical. However, exploitation requires an attacker to first gain a foothold inside a virtual machine.
Other vulnerabilities of interest:
CVE-2024-26198: A remote code execution vulnerability for Exchange Server. This is a DLL loading issue that is typically more difficult to exploit. Authentication is required to exploit the vulnerability.
Overall, this Patch Tuesday doesn't look too bad. Follow your normal patch management process. There is no need to get all worked up; tomorrow morning: Have some coffee, test... and later deploy once the tests are completed successfully.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET and Visual Studio Denial of Service Vulnerability | |||||||
CVE-2024-21392 | No | No | - | - | Important | 7.5 | 6.7 |
Azure Data Studio Elevation of Privilege Vulnerability | |||||||
CVE-2024-26203 | No | No | - | - | Important | 7.3 | 7.0 |
Azure SDK Spoofing Vulnerability | |||||||
CVE-2024-21421 | No | No | - | - | Important | 7.5 | 6.5 |
Chromium: CVE-2024-2173 Out of bounds memory access in V8 | |||||||
CVE-2024-2173 | No | No | - | - | - | ||
Chromium: CVE-2024-2174 Inappropriate implementation in V8 | |||||||
CVE-2024-2174 | No | No | - | - | - | ||
Chromium: CVE-2024-2176 Use after free in FedCM | |||||||
CVE-2024-2176 | No | No | - | - | - | ||
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | |||||||
CVE-2024-21431 | No | No | - | - | Important | 7.8 | 6.8 |
Intel: CVE-2023-28746 Register File Data Sampling (RFDS) | |||||||
CVE-2023-28746 | No | No | - | - | Important | ||
Microsoft AllJoyn API Denial of Service Vulnerability | |||||||
CVE-2024-21438 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Authenticator Elevation of Privilege Vulnerability | |||||||
CVE-2024-21390 | No | No | - | - | Important | 7.1 | 6.2 |
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | |||||||
CVE-2024-21400 | No | No | - | - | Important | 9.0 | 8.1 |
Microsoft Defender Security Feature Bypass Vulnerability | |||||||
CVE-2024-20671 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2024-26164 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||||
CVE-2024-21419 | No | No | - | - | Important | 7.6 | 6.6 |
Microsoft Edge for Android Spoofing Vulnerability | |||||||
CVE-2024-26167 | No | No | Less Likely | Less Likely | - | 4.3 | 3.8 |
Microsoft Exchange Server Remote Code Execution Vulnerability | |||||||
CVE-2024-26198 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | |||||||
CVE-2024-26201 | No | No | - | - | Important | 6.6 | 5.9 |
Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||||
CVE-2024-21451 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-26159 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21440 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-26162 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Office Elevation of Privilege Vulnerability | |||||||
CVE-2024-26199 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft QUIC Denial of Service Vulnerability | |||||||
CVE-2024-26190 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2024-21426 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Teams for Android Information Disclosure Vulnerability | |||||||
CVE-2024-21448 | No | No | - | - | Important | 5.0 | 4.4 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2024-21441 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21444 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-21450 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-26161 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2024-26166 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability | |||||||
CVE-2024-21434 | No | No | - | - | Important | 7.8 | 6.8 |
NTFS Elevation of Privilege Vulnerability | |||||||
CVE-2024-21446 | No | No | - | - | Important | 7.8 | 6.8 |
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | |||||||
CVE-2024-21330 | No | No | - | - | Important | 7.8 | 7.0 |
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability | |||||||
CVE-2024-21334 | No | No | - | - | Important | 9.8 | 8.5 |
Outlook for Android Information Disclosure Vulnerability | |||||||
CVE-2024-26204 | No | No | - | - | Important | 7.5 | 6.5 |
Skype for Consumer Remote Code Execution Vulnerability | |||||||
CVE-2024-21411 | No | No | - | - | Important | 8.8 | 7.7 |
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability | |||||||
CVE-2024-21418 | No | No | - | - | Important | 7.8 | 6.8 |
Visual Studio Code Elevation of Privilege Vulnerability | |||||||
CVE-2024-26165 | No | No | - | - | Important | 8.8 | 7.7 |
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | |||||||
CVE-2024-26160 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability | |||||||
CVE-2024-26170 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Compressed Folder Tampering Vulnerability | |||||||
CVE-2024-26185 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Error Reporting Service Elevation of Privilege Vulnerability | |||||||
CVE-2024-26169 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||||
CVE-2024-21437 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2024-21408 | No | No | - | - | Critical | 5.5 | 4.8 |
Windows Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2024-21407 | No | No | - | - | Critical | 8.1 | 7.1 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2024-21436 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Kerberos Security Feature Bypass Vulnerability | |||||||
CVE-2024-21427 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Kernel Denial of Service Vulnerability | |||||||
CVE-2024-26181 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2024-21443 | No | No | - | - | Important | 7.3 | 6.4 |
CVE-2024-26173 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26176 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26178 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-26182 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2024-26174 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2024-26177 | No | No | - | - | Important | 5.5 | 4.8 |
Windows OLE Remote Code Execution Vulnerability | |||||||
CVE-2024-21435 | No | No | - | - | Important | 8.8 | 7.7 |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||||
CVE-2024-21433 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Standards-Based Storage Management Service Denial of Service Vulnerability | |||||||
CVE-2024-26197 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Telephony Server Elevation of Privilege Vulnerability | |||||||
CVE-2024-21439 | No | No | - | - | Important | 7.0 | 6.1 |
Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability | |||||||
CVE-2024-21430 | No | No | - | - | Important | 5.7 | 5.1 |
Windows USB Hub Driver Remote Code Execution Vulnerability | |||||||
CVE-2024-21429 | No | No | - | - | Important | 6.8 | 5.9 |
Windows USB Print Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-21442 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-21445 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Update Stack Elevation of Privilege Vulnerability | |||||||
CVE-2024-21432 | No | No | - | - | Important | 7.0 | 6.1 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Comments