Microsoft Patch Tuesday 2024 Released with Fixes for 49 vulnerabilities – Update Now!

by Esmeralda McKenzie
Microsoft Patch Tuesday 2024 Released with Fixes for 49 vulnerabilities – Update Now!

Microsoft Patch Tuesday 2024 Released with Fixes for 49 vulnerabilities – Update Now!

Microsoft Patch 2024 addresses 49 Vulnerabilities, 2 of that are Serious

Microsoft launched its first patch on Tuesday, 2024, in which nearly 49 vulnerabilities were mounted in Microsoft merchandise and 5 vulnerabilities in non-Microsoft merchandise. Among these 49 vulnerabilities, there were 12 a ways away code execution vulnerabilities.

Alternatively, solely two vulnerabilities were classified as serious by Microsoft, which were CVE-2024-20674 and CVE-2024-20700. These two vulnerabilities were realized to be connected to the protection characteristic bypass.

EHA

Doc

Free Webinar

Fastrack Compliance: The Route to ZERO-Vulnerability

Compounding the device are zero-day vulnerabilities worship the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that score realized every month. Delays in fixing these vulnerabilities result in compliance disorders, these lengthen could well also be minimized with a odd characteristic on AppTrana that helps you to score “Zero vulnerability picture” within 72 hours.

Vulnerability Prognosis

In accordance to the reports shared with Cyber Security Files, several vulnerabilities existed in numerous Microsoft merchandise,, including Microsoft Server, .NET framework, Azure Storage Hobble, Visual Studio, Identification Mannequin, Microsoft Office, and quite a bit others.

The vulnerabilities were classified as the next:

  • Elevation of Privilege (10)
  • Security Feature Bypass (7)
  • Denial of Provider (6)
  • A ways flung Code Execution (12)
  • Spoofing (3) and
  • Files Disclosure (11)

Moreover, of the two serious vulnerabilities mentioned by Microsoft, CVE-2024-20674 used to be associated with the Windows Kerberos Security Feature Bypass, and CVE-2024-20700 used to be connected to a ways away code execution in Windows Hyper-V.

In addition, there used to be but every other serious severity vulnerability with CVE-2024-0057 and but every other security characteristic bypass vulnerability affecting the.NET Framework and Visual Studio.

Furthermore, Microsoft moreover mentioned that there were 9 vulnerabilities in these 49, that customarily are customarily exploited by risk actors. The severity of these vulnerabilities ranges between 7.5 (excessive) and 9 (serious). They are,

  • Windows Authentication Programs (CVE-2024-20674)
  • Microsoft Office SharePoint (CVE-2024-21318)
  • Windows Frequent Log File Machine Driver (CVE-2024-20653)
  • Windows Win32K (CVE-2024-20683)
  • Windows Win32 Kernel Subsystem (CVE-2024-20686)
  • Windows Kernel (CVE-2024-20698)
  • Windows Cloud Files Mini Filter Driver (CVE-2024-21310)
  • Windows Scripting (CVE-2024-20652)
  • A ways flung Desktop Shopper (CVE-2024-21307)

Alternatively, there were no publicly exploited vulnerabilities among the patched checklist and 5 different non-Microsoft vulnerabilities belonging to SQLite (owned by MITRE company) and Google Chrome as per the Microsoft unencumber notes for Jan 2024.

Microsoft has printed a full checklist of patched vulnerabilities, which provides detailed recordsdata in regards to the exploitation strategies, vulnerability descriptions, and different recordsdata. All users could well also calm update their merchandise to the most fresh model to stop these vulnerabilities from being exploited by risk actors.

Source credit : cybersecuritynews.com

Related Posts