Microsoft Patch Tuesday - October 2024, (Tue, Oct 8th)
SANS Internet Storm Center, InfoCON: green 2024-10-08
Microsoft today released patches for 117 vulnerabilities. Three additional vulnerabilities apply to Chromium/Edge. Another three vulnerabilities are rated critical.
Five of the vulnerabilities were disclosed before today. Two vulnerabilities were not only disclosed but also exploited, according to Microsoft
Notable Vulnerabilities:
Microsoft Management Console Remote Code Execution Vulnerability (CVE-2024-43572)
To Exploit this vulnerability, the attacker must convince the victim to open a malicious file.
Open Source Curl Remote Code Execution Vulnerability (CVE-2024-6197)
This vulnerability was disclosed and patched in libcurl back in July. Accordng to curl.se, the most likely outcome is a crash, but code execution can not be ruled out.
Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2024-20659)
The vulnerability allows an attacker to bypass the UEFI on the host machine and compromise the hypervisor and the secure kernel. Exploitation requires a reboot at the right time.
Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43573)
yet another Windows MSHTML Platform Spoofing vulnerability. Fourth 0-day just this year in this component. APT actors usually use these issues to make downloading and executing malware more likely.
Description CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG) .NET and Visual Studio Denial of Service Vulnerability %%cve:2024-43485%% No No - - Important 7.5 6.5 .NET and Visual Studio Remote Code Execution Vulnerability %%cve:2024-38229%% No No - - Important 8.1 7.1 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability %%cve:2024-43483%% No No - - Important 7.5 6.5 %%cve:2024-43484%% No No - - Important 7.5 6.5 Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability %%cve:2024-43591%% No No - - Important 8.7 7.6 Azure Monitor Agent Elevation of Privilege Vulnerability %%cve:2024-38097%% No No - - Important 7.1 6.2 Azure Service Fabric for Linux Remote Code Execution Vulnerability %%cve:2024-43480%% No No - - Important 6.6 5.8 Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability %%cve:2024-38179%% No No - - Important 8.8 7.7 BitLocker Security Feature Bypass Vulnerability %%cve:2024-43513%% No No - - Important 6.4 5.6 BranchCache Denial of Service Vulnerability %%cve:2024-43506%% No No - - Important 7.5 6.5 %%cve:2024-38149%% No No - - Important 7.5 6.5 Chromium: CVE-2024-7025 Integer overflow in Layout %%cve:2024-7025%% No No - - - Chromium: CVE-2024-9369 Insufficient data validation in Mojo %%cve:2024-9369%% No No - - - Chromium: CVE-2024-9370 Inappropriate implementation in V8 %%cve:2024-9370%% No No - - - Code Integrity Guard Security Feature Bypass Vulnerability %%cve:2024-43585%% No No - - Important 5.5 4.8 DeepSpeed Remote Code Execution Vulnerability %%cve:2024-43497%% No No - - Important 8.4 7.3 Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability %%cve:2024-43515%% No No - - Important 7.5 6.5 Microsoft ActiveX Data Objects Remote Code Execution Vulnerability %%cve:2024-43517%% No No - - Important 8.8 7.7 Microsoft Configuration Manager Remote Code Execution Vulnerability %%cve:2024-43468%% No No - - Critical 9.8 8.5 Microsoft Defender for Endpoint for Linux Spoofing Vulnerability %%cve:2024-43614%% No No - - Important 5.5 4.8 Microsoft Excel Remote Code Execution Vulnerability %%cve:2024-43504%% No No - - Important 7.8 6.8 Microsoft Management Console Remote Code Execution Vulnerability %%cve:2024-43572%% Yes Yes - - Important 7.8 7.2 Microsoft Office Remote Code Execution Vulnerability %%cve:2024-43576%% No No - - Important 7.8 6.8 %%cve:2024-43616%% No No - - Important 7.8 6.8 Microsoft Office Spoofing Vulnerability %%cve:2024-43609%% No No - - Important 6.5 5.7 Microsoft Office Visio Remote Code Execution Vulnerability %%cve:2024-43505%% No No - - Important 7.8 6.8 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability %%cve:2024-43581%% No No - - Important 7.1 6.2 %%cve:2024-43615%% No No - - Important 7.1 6.2 %%cve:2024-38029%% No No - - Important 7.5 6.5 Microsoft SharePoint Elevation of Privilege Vulnerability %%cve:2024-43503%% No No - - Important 7.8 6.8 Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability %%cve:2024-43541%% No No - - Important 7.5 6.5 %%cve:2024-43544%% No No - - Important 7.5 6.5 Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability %%cve:2024-43574%% No No - - Important 8.3 7.2 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability %%cve:2024-43519%% No No - - Important 8.8 7.7 Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability %%cve:2024-43560%% No No - - Important 7.8 6.8 NT OS Kernel Elevation of Privilege Vulnerability %%cve:2024-43553%% No No - - Important 7.4 6.4 Open Source Curl Remote Code Execution Vulnerability %%cve:2024-6197%% Yes No - - Important 8.8 7.7 Outlook for Android Elevation of Privilege Vulnerability %%cve:2024-43604%% No No - - Important 5.7 5.0 Power BI Report Server Spoofing Vulnerability %%cve:2024-43481%% No No - - Important 6.5 5.7 %%cve:2024-43612%% No No - - Important 6.9 6.0 Remote Desktop Client Remote Code Execution Vulnerability %%cve:2024-43533%% No No - - Important 8.8 7.7 %%cve:2024-43599%% No No - - Important 8.8 7.7 Remote Desktop Protocol Server Remote Code Execution Vulnerability %%cve:2024-43582%% No No - - Critical 8.1 7.1 Remote Registry Service Elevation of Privilege Vulnerability %%cve:2024-43532%% No No - - Important 8.8 7.7 Sudo for Windows Spoofing Vulnerability %%cve:2024-43571%% No No - - Important 5.6 4.9 Visual C++ Redistributable Installer Elevation of Privilege Vulnerability %%cve:2024-43590%% No No - - Important 7.8 6.8 Visual Studio Code extension for Arduino Remote Code Execution Vulnerability %%cve:2024-43488%% No No - - Critical 8.8 7.7 Visual Studio Code for Linux Remote Code Execution Vulnerability %%cve:2024-43601%% No No - - Important 7.1 6.2 Visual Studio Collector Service Denial of Service Vulnerability %%cve:2024-43603%% No No - - Important 5.5 4.8 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability %%cve:2024-43563%% No No - - Important 7.8 6.8 Windows Common Log File System Driver Elevation of Privilege Vulnerability %%cve:2024-43501%% No No - - Important 7.8 6.8 Windows Cryptographic Information Disclosure Vulnerability %%cve:2024-43546%% No No - - Important 5.6 4.9 Windows Graphics Component Elevation of Privilege Vulnerability %%cve:2024-43509%% No No - - Important 7.8 6.8 %%cve:2024-43556%% No No - - Important 7.8 6.8 Windows Graphics Component Information Disclosure Vulnerability %%cve:2024-43508%% No No - - Important 5.5 4.8 %%cve:2024-43534%% No No - - Important 6.5 5.7 Windows Hyper-V Denial of Service Vulnerability %%cve:2024-43521%% No No - - Important 7.5 6.5 %%cve:2024-43567%% No No - - Important 7.5 6.5 %%cve:2024-43575%% No No - - Important 7.5 6.5 Windows Hyper-V Remote Code Execution Vulnerability %%cve:2024-30092%% No No - - Important 8.0 7.0 Windows Hyper-V Security Feature Bypass Vulnerability %%cve:2024-20659%% Yes No - - Important 7.1 6.6 Windows Kerberos Elevation of Privilege Vulnerability %%cve:2024-38129%% No No - - Important 7.5 6.5 Windows Kerberos Information Disclosure Vulnerability %%cve:2024-43547%% No No - - Important 6.5 5.7 Windows Kernel Denial of Service Vulnerability %%cve:2024-43520%% No No - - Important 5.0 4.4 Windows Kernel Elevation of Privilege Vulnerability %%cve:2024-43502%% No No - - Important 7.1 6.2 %%cve:2024-43527%% No No - - Important 7.8 6.8 %%cve:2024-37979%% No No - - Important 6.7 5.8 %%cve:2024-43511%% No No - - Important 7.0 6.1 %%cve:2024-43570%% No No - - Important 6.4 5.6 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability %%cve:2024-43535%% No No - - Important 7.0 6.1 Windows Kernel-Mode Driver Information Disclosure Vulnerability %%cve:2024-43554%% No No - - Important 5.5 4.8 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability %%cve:2024-43522%% No No - - Important 7.0 6.1 Windows MSHTML Platform Spoofing Vulnerability %%cve:2024-43573%% Yes Yes - - Moderate 6.5 6.0 Windows Mobile Broadband Driver Denial of Service Vulnerability %%cve:2024-43537%% No No - - Important 6.5 5.7 %%cve:2024-43538%% No No - - Important 6.5 5.7 %%cve:2024-43540%% No No - - Important 6.5 5.7 %%cve:2024-43542%% No No - - Important 6.5 5.7 %%cve:2024-43555%% No No - - Important 6.5 5.7 %%cve:2024-43557%% No No - - Important 6.5 5.7 %%cve:2024-43558%% No No - - Important 6.5 5.7 %%cve:2024-43559%% No No - - Important 6.5 5.7 %%cve:2024-43561%% No No - - Important 6.5 5.7 Windows Mobile Broadband Driver Remote Code Execution Vulnerability %%cve:2024-43525%% No No - - Important 6.8 5.9 %%cve:2024-43526%% No No - - Important 6.8 5.9 %%cve:2024-43543%% No No - - Important 6.8 5.9 %%cve:2024-43523%% No No - - Important 6.8 5.9 %%cve:2024-43524%% No No - - Important 6.8 5.9 %%cve:2024-43536%% No No - - Important 6.8 5.9 Windows Netlogon Elevation of Privilege Vulnerability %%cve:2024-38124%% No No - - Important 9.0 7.8 Windows Network Address Translation (NAT) Denial of Service Vulnerability %%cve:2024-43562%% No No - - Important 7.5 6.5 %%cve:2024-43565%% No No - - Important 7.5 6.5 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability %%cve:2024-43545%% No No - - Important 7.5 6.5 Windows Print Spooler Elevation of Privilege Vulnerability %%cve:2024-43529%% No No - - Important 7.3 6.4 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability %%cve:2024-38262%% No No - - Important 7.5 6.5 Windows Remote Desktop Services Tampering Vulnerability %%cve:2024-43456%% No No - - Important 4.8 4.2 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability %%cve:2024-43514%% No No - - Important 7.8 6.8 Windows Resilient File System (ReFS) Information Disclosure Vulnerability %%cve:2024-43500%% No No - - Important 5.5 4.8 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability %%cve:2024-37976%% No No - - Important 6.7 5.8 %%cve:2024-37982%% No No - - Important 6.7 5.8 %%cve:2024-37983%% No No - - Important 6.7 5.8 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability %%cve:2024-38261%% No No - - Important 7.8 6.8 %%cve:2024-43608%% No No - - Important 8.8 7.7 %%cve:2024-43607%% No No - - Important 8.8 7.7 %%cve:2024-38265%% No No - - Important 8.8 7.7 %%cve:2024-43453%% No No - - Important 8.8 7.7 %%cve:2024-38212%% No No - - Important 8.8 7.7 %%cve:2024-43549%% No No - - Important 8.8 7.7 %%cve:2024-43564%% No No - - Important 8.8 7.7 %%cve:2024-43589%% No No - - Important 8.8 8.1 %%cve:2024-43592%% No No - - Important 8.8 7.7 %%cve:2024-43593%% No No - - Important 8.8 7.7 %%cve:2024-43611%% No No - - Important 8.8 7.7 Windows Scripting Engine Security Feature Bypass Vulnerability %%cve:2024-43584%% No No - - Important 7.7 6.7 Windows Secure Channel Spoofing Vulnerability %%cve:2024-43550%% No No - - Important 7.4 6.4 Windows Secure Kernel Mode Elevation of Privilege Vulnerability %%cve:2024-43516%% No No - - Important 7.8 6.8 %%cve:2024-43528%% No No - - Important 7.8 6.8 Windows Shell Remote Code Execution Vulnerability %%cve:2024-43552%% No No - - Important 7.3 6.4 Windows Standards-Based Storage Management Service Denial of Service Vulnerability %%cve:2024-43512%% No No - - Important 6.5 5.7 Windows Storage Elevation of Privilege Vulnerability %%cve:2024-43551%% No No - - Important 7.8 6.8 Windows Telephony Server Remote Code Execution Vulnerability %%cve:2024-43518%% No No - - Important 8.8 7.7 Winlogon Elevation of Privilege Vulnerability %%cve:2024-43583%% Yes No - - Important 7.8 6.8
--- Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu Twitter|
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.