Microsoft Patch Tuesday – Major Flaws In Office, Exchange And SQL Server
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Microsoft published its March 2024 Patch Tuesday, which addressed almost 59 vulnerabilities in its products and none of them were Zero-day or publicly known vulnerabilities.
Out of the newly released patches, two are classified as Critical and 57 are classified as Important in severity.
The vulnerabilities in Skype, Microsoft Components for Android, Microsoft Windows and Windows Components, Office and Office Components, Azure,.NET Framework and Visual Studio, SQL Server, Windows Hyper-V, and Microsoft Dynamics have all been addressed.
The release will also include several Chromium issues in addition to the new CVEs. Considering that this is the final patch cycle before the Pwn2Own competition next week, this is a rather low volume for March.
Critical Vulnerabilities Addressed
CVE-2024-21408- Windows Hyper-V Denial Of Service Vulnerability
With a CVSS base score of 5.5, this bug is classified as Critical and has the potential to cause Denial of Service.
A Windows Hyper-V denial-of-service vulnerability can enable an attacker to attack a host device from within a virtual machine (VM).
However, Microsoft did not provide any further information about how this denial-of-service might happen.
CVE-2024-21407 Windows Hyper-V Remote Code Execution Vulnerability
This critical issue is tracked as CVE-2024-21407, a remote code execution in Hyper-V with a CVSS base score of 8.1.
An attacker within the VM environment might remotely execute code on the host device by submitting carefully constructed file operation requests to the hardware resources on the virtual machine.
“Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment,” reads the security updates published by Microsoft.
Other Vulnerabilities Addressed
This release has 18 vulnerabilities that may be used to allow remote code execution and 24 vulnerabilities that may allow privilege elevation.
The Microsoft Exchange Server Remote Code Execution Vulnerability, identified as CVE-2024-26198, is one of the notable vulnerabilities.
A specially constructed file must be stored in a local network location or an online directory to carry out this attack. This file loads the malicious DLL when the victim launches it.
Furthermore, the Elevation of Privilege Vulnerability in Microsoft Azure Kubernetes Service Confidential Container is tracked under CVE-2024-21400.
“Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability”, Microsoft.
Here is the complete list of patched vulnerabilities, which provides detailed information about the exploitation methods, vulnerability descriptions, and other information.
TagCVEWindows DefenderCVE-2024-20671Open Management InfrastructureCVE-2024-21330Open Management InfrastructureCVE-2024-21334Microsoft AuthenticatorCVE-2024-21390.NETCVE-2024-21392Microsoft Azure Kubernetes ServiceCVE-2024-21400Role: Windows Hyper-VCVE-2024-21407Role: Windows Hyper-VCVE-2024-21408Skype for ConsumerCVE-2024-21411Software for Open Networking in the Cloud (SONiC)CVE-2024-21418Microsoft DynamicsCVE-2024-21419Azure SDKCVE-2024-21421Microsoft Office SharePointCVE-2024-21426Windows KerberosCVE-2024-21427Windows USB Hub DriverCVE-2024-21429Windows USB Serial DriverCVE-2024-21430Windows Hypervisor-Protected Code IntegrityCVE-2024-21431Windows Update StackCVE-2024-21432Windows Print Spooler ComponentsCVE-2024-21433Microsoft Windows SCSI Class System FileCVE-2024-21434Windows OLECVE-2024-21435Windows InstallerCVE-2024-21436Microsoft Graphics ComponentCVE-2024-21437Windows AllJoyn APICVE-2024-21438Windows Telephony ServerCVE-2024-21439Windows ODBC DriverCVE-2024-21440Microsoft WDAC OLE DB provider for SQLCVE-2024-21441Windows USB Print DriverCVE-2024-21442Windows KernelCVE-2024-21443Microsoft WDAC OLE DB provider for SQLCVE-2024-21444Windows USB Print DriverCVE-2024-21445Windows NTFSCVE-2024-21446Microsoft Teams for AndroidCVE-2024-21448Microsoft WDAC OLE DB provider for SQLCVE-2024-21450Microsoft WDAC ODBC DriverCVE-2024-21451Windows ODBC DriverCVE-2024-26159Windows Cloud Files Mini Filter DriverCVE-2024-26160Microsoft WDAC OLE DB provider for SQLCVE-2024-26161Windows ODBC DriverCVE-2024-26162SQL ServerCVE-2024-26164Visual Studio CodeCVE-2024-26165Microsoft WDAC OLE DB provider for SQLCVE-2024-26166Microsoft Edge for AndroidCVE-2024-26167Windows Error ReportingCVE-2024-26169Windows Composite Image File SystemCVE-2024-26170Windows KernelCVE-2024-26173Windows KernelCVE-2024-26174Windows KernelCVE-2024-26176Windows KernelCVE-2024-26177Windows KernelCVE-2024-26178Windows KernelCVE-2024-26181Windows KernelCVE-2024-26182Windows Compressed FolderCVE-2024-26185Microsoft QUICCVE-2024-26190Windows Standards-Based Storage Management ServiceCVE-2024-26197Microsoft Exchange ServerCVE-2024-26198Microsoft OfficeCVE-2024-26199Microsoft IntuneCVE-2024-26201Azure Data StudioCVE-2024-26203Outlook for AndroidCVE-2024-26204
All users should update their products to the latest version to prevent threat actors from exploiting these vulnerabilities.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
#Cyber_Security #Security_Updates #Vulnerability #cyber_security #Patch_Management #Vulnerability_Management #windows
Оригинальная версия на сайте:
Microsoft Patch Tuesday – Major Flaws In Office, Exchange And SQL Server
Author: Guru BaranMicrosoft published its March 2024 Patch Tuesday, which addressed almost 59 vulnerabilities in its products and none of them were Zero-day or publicly known vulnerabilities.
Out of the newly released patches, two are classified as Critical and 57 are classified as Important in severity.
The vulnerabilities in Skype, Microsoft Components for Android, Microsoft Windows and Windows Components, Office and Office Components, Azure,.NET Framework and Visual Studio, SQL Server, Windows Hyper-V, and Microsoft Dynamics have all been addressed.
The release will also include several Chromium issues in addition to the new CVEs. Considering that this is the final patch cycle before the Pwn2Own competition next week, this is a rather low volume for March.
Critical Vulnerabilities Addressed
CVE-2024-21408- Windows Hyper-V Denial Of Service Vulnerability
With a CVSS base score of 5.5, this bug is classified as Critical and has the potential to cause Denial of Service.
A Windows Hyper-V denial-of-service vulnerability can enable an attacker to attack a host device from within a virtual machine (VM).
However, Microsoft did not provide any further information about how this denial-of-service might happen.
CVE-2024-21407 Windows Hyper-V Remote Code Execution Vulnerability
This critical issue is tracked as CVE-2024-21407, a remote code execution in Hyper-V with a CVSS base score of 8.1.
An attacker within the VM environment might remotely execute code on the host device by submitting carefully constructed file operation requests to the hardware resources on the virtual machine.
“Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment,” reads the security updates published by Microsoft.
Other Vulnerabilities Addressed
This release has 18 vulnerabilities that may be used to allow remote code execution and 24 vulnerabilities that may allow privilege elevation.
The Microsoft Exchange Server Remote Code Execution Vulnerability, identified as CVE-2024-26198, is one of the notable vulnerabilities.
A specially constructed file must be stored in a local network location or an online directory to carry out this attack. This file loads the malicious DLL when the victim launches it.
Furthermore, the Elevation of Privilege Vulnerability in Microsoft Azure Kubernetes Service Confidential Container is tracked under CVE-2024-21400.
“Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability”, Microsoft.
Here is the complete list of patched vulnerabilities, which provides detailed information about the exploitation methods, vulnerability descriptions, and other information.
TagCVEWindows DefenderCVE-2024-20671Open Management InfrastructureCVE-2024-21330Open Management InfrastructureCVE-2024-21334Microsoft AuthenticatorCVE-2024-21390.NETCVE-2024-21392Microsoft Azure Kubernetes ServiceCVE-2024-21400Role: Windows Hyper-VCVE-2024-21407Role: Windows Hyper-VCVE-2024-21408Skype for ConsumerCVE-2024-21411Software for Open Networking in the Cloud (SONiC)CVE-2024-21418Microsoft DynamicsCVE-2024-21419Azure SDKCVE-2024-21421Microsoft Office SharePointCVE-2024-21426Windows KerberosCVE-2024-21427Windows USB Hub DriverCVE-2024-21429Windows USB Serial DriverCVE-2024-21430Windows Hypervisor-Protected Code IntegrityCVE-2024-21431Windows Update StackCVE-2024-21432Windows Print Spooler ComponentsCVE-2024-21433Microsoft Windows SCSI Class System FileCVE-2024-21434Windows OLECVE-2024-21435Windows InstallerCVE-2024-21436Microsoft Graphics ComponentCVE-2024-21437Windows AllJoyn APICVE-2024-21438Windows Telephony ServerCVE-2024-21439Windows ODBC DriverCVE-2024-21440Microsoft WDAC OLE DB provider for SQLCVE-2024-21441Windows USB Print DriverCVE-2024-21442Windows KernelCVE-2024-21443Microsoft WDAC OLE DB provider for SQLCVE-2024-21444Windows USB Print DriverCVE-2024-21445Windows NTFSCVE-2024-21446Microsoft Teams for AndroidCVE-2024-21448Microsoft WDAC OLE DB provider for SQLCVE-2024-21450Microsoft WDAC ODBC DriverCVE-2024-21451Windows ODBC DriverCVE-2024-26159Windows Cloud Files Mini Filter DriverCVE-2024-26160Microsoft WDAC OLE DB provider for SQLCVE-2024-26161Windows ODBC DriverCVE-2024-26162SQL ServerCVE-2024-26164Visual Studio CodeCVE-2024-26165Microsoft WDAC OLE DB provider for SQLCVE-2024-26166Microsoft Edge for AndroidCVE-2024-26167Windows Error ReportingCVE-2024-26169Windows Composite Image File SystemCVE-2024-26170Windows KernelCVE-2024-26173Windows KernelCVE-2024-26174Windows KernelCVE-2024-26176Windows KernelCVE-2024-26177Windows KernelCVE-2024-26178Windows KernelCVE-2024-26181Windows KernelCVE-2024-26182Windows Compressed FolderCVE-2024-26185Microsoft QUICCVE-2024-26190Windows Standards-Based Storage Management ServiceCVE-2024-26197Microsoft Exchange ServerCVE-2024-26198Microsoft OfficeCVE-2024-26199Microsoft IntuneCVE-2024-26201Azure Data StudioCVE-2024-26203Outlook for AndroidCVE-2024-26204
All users should update their products to the latest version to prevent threat actors from exploiting these vulnerabilities.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
#Cyber_Security #Security_Updates #Vulnerability #cyber_security #Patch_Management #Vulnerability_Management #windows
Оригинальная версия на сайте:
