Patch Tuesday Update - July 2024

By Mieng Lim

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.46.0 and FVM Agent 2.9 releases.
Microsoft addressed 142 vulnerabilities in this release, including 5 rated as critical, and 59 remote code execution vulnerabilities.

This release represents a huge increase in the number of CVEs, as opposed to last month’s count.

Notable Vulnerabilities from this patch Tuesday release:

CVE-2024-38080 – Windows Hyper-V Elevation of Privilege Vulnerability

This is a critical zero-day vulnerability identified in Microsoft’s Hyper-V. This flaw is classified as an Elevation of Privilege vulnerability with a CVSS rating of 7.8, indicating a significant threat to systems leveraging Hyper-V.

Technical Details: CVE-2024-38080 stems from an Integer Overflow within Hyper-V. Successful exploitation could result in arbitrary code execution with elevated privileges, granting SYSTEM-level access.

Attack Vector:  Local Access Required

Attack Sophistication:  Low Complexity

Privilege Level Required:  Minimal Privileges

Microsoft SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

This month, Microsoft has addressed 38 CVEs related to its SQL Server database products. While the specific CVEs are numerous, the patches target a common exploit scenario: an attacker could deceive an authenticated MS-SQL database user into connecting to a malicious MS-SQL server, resulting in the execution of arbitrary code on the client machine. This exploit necessitates that attackers set up a malicious database server, target a database admin, and successfully use social engineering tactics. It's crucial for users to update their SQL Server client software with the latest cumulative update to avoid falling victim to this exploit.

CVE-2024-38060 – Microsoft Windows Codecs Library Remote Code Execution Vulnerability

The TIFF image file format is the focus of this critical vulnerability. A specially-crafted, malicious TIFF file could cause a vulnerable server to execute embedded malicious code. It is essential to patch servers to eliminate this risk and protect against potential attacks.

CVE-2024-38032 – Microsoft Xbox Remote Code Execution Vulnerability

Xbox users with wireless adapters need to be wary of potential network threats. An attacker on the same local network could send a malicious packet to the Xbox, resulting in arbitrary command execution. To mitigate this risk, ensure network security and avoid allowing untrusted devices to connect to your WLAN.

CVE/Advisory Title Tag Microsoft Severity Rating Base Score Microsoft Impact Exploited Publicly Disclosed
CVE-2024-30061 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Microsoft Dynamics Important 7.3 Information Disclosure No No
CVE-2024-21417 Windows Text Services Framework Elevation of Privilege Vulnerability Windows CoreMessaging Important 8.8 Elevation of Privilege No No
CVE-2024-28899 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8.8 Security Feature Bypass No No
CVE-2024-30081 Windows NTLM Spoofing Vulnerability Windows NTLM Important 7.1 Spoofing No No
CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability Windows Cryptographic Services Important 7.5 Security Feature Bypass No No
CVE-2024-35264 .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Important 8.1 Remote Code Execution No Yes
CVE-2024-35270 Windows iSCSI Service Denial of Service Vulnerability Windows iSCSI Important 5.3 Denial of Service No No
CVE-2024-38088 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-38087 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21335 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21373 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21398 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21414 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21415 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21428 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37318 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37969 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37970 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37974 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37981 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37986 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37987 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-38013 Microsoft Windows Server Backup Elevation of Privilege Vulnerability Windows Server Backup Important 6.7 Elevation of Privilege No No
CVE-2024-38015 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Windows Remote Desktop Important 7.5 Denial of Service No No
CVE-2024-38022 Windows Image Acquisition Elevation of Privilege Vulnerability Windows Image Acquisition Important 7 Elevation of Privilege No No
CVE-2024-38023 Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft Office SharePoint Critical 7.2 Remote Code Execution No No
CVE-2024-38024 Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft Office SharePoint Important 7.2 Remote Code Execution No No
CVE-2024-38025 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability Windows Performance Monitor Important 7.2 Remote Code Execution No No
CVE-2024-38034 Windows Filtering Platform Elevation of Privilege Vulnerability Windows Filtering Important 7.8 Elevation of Privilege No No
CVE-2024-38041 Windows Kernel Information Disclosure Vulnerability Windows Kernel Important 5.5 Information Disclosure No No
CVE-2024-38043 PowerShell Elevation of Privilege Vulnerability Windows PowerShell Important 7.8 Elevation of Privilege No No
CVE-2024-38517 Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability Active Directory Rights Management Services Moderate 7.8 Elevation of Privilege No No
CVE-2024-38051 Windows Graphics Component Remote Code Execution Vulnerability Microsoft Graphics Component Important 7.8 Remote Code Execution No No
CVE-2024-38054 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Microsoft Streaming Service Important 7.8 Elevation of Privilege No No
CVE-2024-38055 Microsoft Windows Codecs Library Information Disclosure Vulnerability Microsoft Windows Codecs Library Important 5.5 Information Disclosure No No
CVE-2024-38056 Microsoft Windows Codecs Library Information Disclosure Vulnerability Microsoft Windows Codecs Library Important 5.5 Information Disclosure No No
CVE-2024-38059 Win32k Elevation of Privilege Vulnerability Windows Win32K - ICOMP Important 7.8 Elevation of Privilege No No
CVE-2024-38060 Windows Imaging Component Remote Code Execution Vulnerability Windows Imaging Component Critical 8.8 Remote Code Execution No No
CVE-2024-38061 DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability Role: Active Directory Certificate Services; Active Directory Domain Services Important 7.5 Elevation of Privilege No No
CVE-2024-38062 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Windows Kernel-Mode Drivers Important 7.8 Elevation of Privilege No No
CVE-2024-38064 Windows TCP/IP Information Disclosure Vulnerability Windows TCP/IP Important 7.5 Information Disclosure No No
CVE-2024-38071 Windows Remote Desktop Licensing Service Denial of Service Vulnerability Windows Remote Desktop Licensing Service Important 7.5 Denial of Service No No
CVE-2024-38072 Windows Remote Desktop Licensing Service Denial of Service Vulnerability Windows Remote Desktop Licensing Service Important 7.5 Denial of Service No No
CVE-2024-38077 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Windows Remote Desktop Licensing Service Critical 9.8 Remote Code Execution No No
CVE-2024-38080 Windows Hyper-V Elevation of Privilege Vulnerability Role: Windows Hyper-V Important 7.8 Elevation of Privilege Yes No
CVE-2024-38085 Windows Graphics Component Elevation of Privilege Vulnerability Windows Win32 Kernel Subsystem Important 7.8 Elevation of Privilege No No
CVE-2024-38086 Azure Kinect SDK Remote Code Execution Vulnerability Azure Kinect SDK Important 6.4 Remote Code Execution No No
CVE-2024-38091 Microsoft WS-Discovery Denial of Service Vulnerability Microsoft WS-Discovery Important 7.5 Denial of Service No No
CVE-2024-38100 Windows File Explorer Elevation of Privilege Vulnerability Windows COM Session Important 7.8 Elevation of Privilege No No
CVE-2024-38102 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Windows Internet Connection Sharing (ICS) Important 6.5 Denial of Service No No
CVE-2024-38104 Windows Fax Service Remote Code Execution Vulnerability Windows Fax and Scan Service Important 8.8 Remote Code Execution No No
CVE-2024-38112 Windows MSHTML Platform Spoofing Vulnerability Windows MSHTML Platform Important 7.5 Spoofing Yes No
CVE-2024-26184 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 6.8 Security Feature Bypass No No
CVE-2024-30013 Windows MultiPoint Services Remote Code Execution Vulnerability Windows MultiPoint Services Important 8.8 Remote Code Execution No No
CVE-2024-32987 Microsoft SharePoint Server Information Disclosure Vulnerability Microsoft Office SharePoint Important 7.5 Information Disclosure No No
CVE-2024-30071 Windows Remote Access Connection Manager Information Disclosure Vulnerability Windows Remote Access Connection Manager Important 4.7 Information Disclosure No No
CVE-2024-30079 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Important 7.8 Elevation of Privilege No No
CVE-2024-30105 .NET Core and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Important 7.5 Denial of Service No No
CVE-2024-35261 Azure Network Watcher VM Extension Elevation of Privilege Vulnerability Azure Network Watcher Important 7.8 Elevation of Privilege No No
CVE-2024-35266 Azure DevOps Server Spoofing Vulnerability Azure DevOps Important 7.6 Spoofing No No
CVE-2024-35267 Azure DevOps Server Spoofing Vulnerability Azure DevOps Important 7.6 Spoofing No No
CVE-2024-35271 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-35272 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-20701 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21303 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21308 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21317 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21425 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37319 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37320 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37321 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37322 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37323 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37324 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-21449 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37326 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37327 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37328 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37329 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37330 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37334 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37336 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-28928 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-35256 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Important 8.8 Remote Code Execution No No
CVE-2024-37971 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37972 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37973 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8.4 Security Feature Bypass No No
CVE-2024-37975 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37977 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37978 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37984 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8.4 Security Feature Bypass No No
CVE-2024-37988 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-37989 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-38010 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-38011 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 8 Security Feature Bypass No No
CVE-2024-38017 Microsoft Message Queuing Information Disclosure Vulnerability Windows Message Queuing Important 5.5 Information Disclosure No No
CVE-2024-38019 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability Windows Performance Monitor Important 7.2 Remote Code Execution No No
CVE-2024-38020 Microsoft Outlook Spoofing Vulnerability Microsoft Office Outlook Moderate 6.5 Spoofing No No
CVE-2024-38021 Microsoft Office Remote Code Execution Vulnerability Microsoft Office Important 8.8 Remote Code Execution No No
CVE-2024-38027 Windows Line Printer Daemon Service Denial of Service Vulnerability Line Printer Daemon Service (LPD) Important 6.5 Denial of Service No No
CVE-2024-38028 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability Windows Performance Monitor Important 7.2 Remote Code Execution No No
CVE-2024-38030 Windows Themes Spoofing Vulnerability Windows Themes Important 6.5 Spoofing No No
CVE-2024-38031 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Windows Online Certificate Status Protocol (OCSP) Important 7.5 Denial of Service No No
CVE-2024-38032 Microsoft Xbox Remote Code Execution Vulnerability XBox Crypto Graphic Services Important 7.1 Remote Code Execution No No
CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability Windows PowerShell Important 7.3 Elevation of Privilege No No
CVE-2024-38044 DHCP Server Service Remote Code Execution Vulnerability Windows DHCP Server Important 7.2 Remote Code Execution No No
CVE-2024-38047 PowerShell Elevation of Privilege Vulnerability Windows PowerShell Important 7.8 Elevation of Privilege No No
CVE-2024-38048 Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability NDIS Important 6.5 Denial of Service No No
CVE-2024-38049 Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability Windows Distributed Transaction Coordinator Important 6.6 Remote Code Execution No No
CVE-2024-38050 Windows Workstation Service Elevation of Privilege Vulnerability Windows Workstation Service Important 7.8 Elevation of Privilege No No
CVE-2024-38052 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Microsoft Streaming Service Important 7.8 Elevation of Privilege No No
CVE-2024-38053 Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability Windows Internet Connection Sharing (ICS) Important 8.8 Remote Code Execution No No
CVE-2024-38057 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Microsoft Streaming Service Important 7.8 Elevation of Privilege No No
CVE-2024-38058 BitLocker Security Feature Bypass Vulnerability Windows BitLocker Important 6.8 Security Feature Bypass No No
CVE-2024-38065 Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Important 6.8 Security Feature Bypass No No
CVE-2024-38066 Windows Win32k Elevation of Privilege Vulnerability Windows Win32K - GRFX Important 7.8 Elevation of Privilege No No
CVE-2024-38067 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Windows Online Certificate Status Protocol (OCSP) Important 7.5 Denial of Service No No
CVE-2024-38068 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Windows Online Certificate Status Protocol (OCSP) Important 7.5 Denial of Service No No
CVE-2024-38069 Windows Enroll Engine Security Feature Bypass Vulnerability Windows Enroll Engine Important 7 Security Feature Bypass No No
CVE-2024-38070 Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability Windows LockDown Policy (WLDP) Important 7.8 Security Feature Bypass No No
CVE-2024-38073 Windows Remote Desktop Licensing Service Denial of Service Vulnerability Windows Remote Desktop Licensing Service Important 7.5 Denial of Service No No
CVE-2024-38074 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Windows Remote Desktop Licensing Service Critical 9.8 Remote Code Execution No No
CVE-2024-38076 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Windows Remote Desktop Critical 9.8 Remote Code Execution No No
CVE-2024-38078 Xbox Wireless Adapter Remote Code Execution Vulnerability XBox Crypto Graphic Services Important 7.5 Remote Code Execution No No
CVE-2024-38079 Windows Graphics Component Elevation of Privilege Vulnerability Microsoft Graphics Component Important 7.8 Elevation of Privilege No No
CVE-2024-38081 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET and Visual Studio Important 7.3 Elevation of Privilege No No
CVE-2024-38089 Microsoft Defender for IoT Elevation of Privilege Vulnerability Microsoft Defender for IoT Important 9.1 Elevation of Privilege No No
CVE-2024-38092 Azure CycleCloud Elevation of Privilege Vulnerability Azure CycleCloud Important 8.8 Elevation of Privilege No No
CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability Microsoft Office SharePoint Important 7.2 Remote Code Execution No No
CVE-2024-38095 .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Important 7.5 Denial of Service No No
CVE-2024-38099 Windows Remote Desktop Licensing Service Denial of Service Vulnerability Windows Remote Desktop Licensing Service Important 5.9 Denial of Service No No
CVE-2024-38101 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Windows Internet Connection Sharing (ICS) Important 6.5 Denial of Service No No
CVE-2024-38105 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Windows Internet Connection Sharing (ICS) Important 6.5 Denial of Service No No
CVE-2024-39684 Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability Active Directory Rights Management Services Moderate 7.8 Elevation of Privilege No No

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Fortra VM can help.

WATCH THE VIDEO

Share This