Microsoft Could 2024 Patch Tuesday fixes 3 zero-days, 61 flaws

At the moment is Microsoft’s Could 2024 Patch Tuesday, which incorporates safety updates for 61 flaws and three actively exploited or publicly disclosed zero days.

This Patch Tuesday solely fixes one crucial vulnerability, a Microsoft SharePoint Server Distant Code Execution Vulnerability.

The variety of bugs in every vulnerability class is listed beneath:

  • 17 Elevation of Privilege Vulnerabilities
  • 2 Safety Characteristic Bypass Vulnerabilities
  • 27 Distant Code Execution Vulnerabilities
  • 7 Data Disclosure Vulnerabilities
  • 3 Denial of Service Vulnerabilities
  • 4 Spoofing Vulnerabilities

The overall rely of 61 flaws doesn’t embrace 2 Microsoft Edge flaws mounted on Could 2nd and 4 mounted on Could tenth.

To study extra in regards to the non-security updates launched at the moment, you possibly can overview our devoted articles on the brand new Home windows 11 KB5037771 cumulative replace and the Home windows 10 KB5037768 replace.

Three zero-days mounted

This month’s Patch Tuesday fixes two actively exploited and one publicly disclosed zero-day vulnerabilities.

Microsoft classifies a zero-day as a flaw publicly disclosed or actively exploited with no official repair accessible.

The 2 actively exploited zero-day vulnerabilities in at the moment’s updates are:

CVE-2024-30040 – Home windows MSHTML Platform Safety Characteristic Bypass Vulnerability

Microsoft has mounted an actively exploited bypass to OLE mitigations, which had been added to Microsoft 365 and Microsoft Workplace to guard customers from weak COM/OLE controls.

“An attacker would have to convince the user to load a malicious file onto a vulnerable system, typically by way of an enticement in an Email or Instant Messenger message, and then convince the user to manipulate the specially crafted file, but not necessarily click or open the malicious file,” explains Microsoft.

“An unauthenticated attacker who successfully exploited this vulnerability could gain code execution through convincing a user to open a malicious document at which point the attacker could execute arbitrary code in the context of the user,” continued Microsoft.

It isn’t recognized how the flaw was abused in assaults or who found it.

CVE-2024-30051 – Home windows DWM Core Library Elevation of Privilege Vulnerability

Microsoft has mounted an actively exploited Home windows DWM Core Library flaw that gives SYSTEM privileges.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” explains Microsoft.

Kaspersky states that latest Qakbot malware phishing assaults used malicious paperwork to use the flaw and achieve SYSTEM privileges on Home windows gadgets.

Microsoft stated the flaw was disclosed by the next researchers: Mert Degirmenci and Boris Larin with Kaspersky, Quan Jin with DBAPPSecurity WeBin Lab Guoxian Zhong with DBAPPSecurity WeBin Lab, and Vlad Stolyarov and Benoit Sevens of Google Risk Evaluation Group Bryce Abdo and Adam Brunner of Google Mandiant.

Microsoft states that the CVE-2024-30051 was additionally publicly disclosed, but it surely’s unclear the place that was finished. As well as, Microsoft says a denial of service flaw in Microsoft Visible Studio tracked as CVE-2024-30046 was publicly disclosed as properly.

Current updates from different corporations

Different distributors who launched updates or advisories in Could 2024 embrace:

Sadly, we’ll not be linking to SAP’s Patch Tuesday safety updates as they’ve positioned them behind a buyer login.

The Could 2024 Patch Tuesday Safety Updates

Beneath is the entire listing of resolved vulnerabilities within the Could 2024 Patch Tuesday updates.

To entry the complete description of every vulnerability and the methods it impacts, you possibly can view the full report right here.

Tag CVE ID CVE Title Severity
.NET and Visible Studio CVE-2024-30045 .NET and Visible Studio Distant Code Execution Vulnerability Vital
Azure Migrate CVE-2024-30053 Azure Migrate Cross-Website Scripting Vulnerability Vital
Microsoft Bing CVE-2024-30041 Microsoft Bing Search Spoofing Vulnerability Vital
Microsoft Brokering File System CVE-2024-30007 Microsoft Brokering File System Elevation of Privilege Vulnerability Vital
Microsoft Dynamics 365 Buyer Insights CVE-2024-30048 Dynamics 365 Buyer Insights Spoofing Vulnerability Vital
Microsoft Dynamics 365 Buyer Insights CVE-2024-30047 Dynamics 365 Buyer Insights Spoofing Vulnerability Vital
Microsoft Edge (Chromium-based) CVE-2024-4558 Chromium: CVE-2024-4558 Use after free in ANGLE Unknown
Microsoft Edge (Chromium-based) CVE-2024-4331 Chromium: CVE-2024-4331 Use after free in Image In Image Unknown
Microsoft Edge (Chromium-based) CVE-2024-4671 Chromium: CVE-2024-4671 Use after free in Visuals Unknown
Microsoft Edge (Chromium-based) CVE-2024-30055 Microsoft Edge (Chromium-based) Spoofing Vulnerability Low
Microsoft Edge (Chromium-based) CVE-2024-4368 Chromium: CVE-2024-4368 Use after free in Daybreak Unknown
Microsoft Edge (Chromium-based) CVE-2024-4559 Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio Unknown
Microsoft Intune CVE-2024-30059 Microsoft Intune for Android Cell Utility Administration Tampering Vulnerability Vital
Microsoft Workplace Excel CVE-2024-30042 Microsoft Excel Distant Code Execution Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-30044 Microsoft SharePoint Server Distant Code Execution Vulnerability Vital
Microsoft Workplace SharePoint CVE-2024-30043 Microsoft SharePoint Server Data Disclosure Vulnerability Vital
Microsoft WDAC OLE DB supplier for SQL CVE-2024-30006 Microsoft WDAC OLE DB supplier for SQL Server Distant Code Execution Vulnerability Vital
Microsoft Home windows SCSI Class System File CVE-2024-29994 Microsoft Home windows SCSI Class System File Elevation of Privilege Vulnerability Vital
Microsoft Home windows Search Element CVE-2024-30033 Home windows Search Service Elevation of Privilege Vulnerability Vital
Energy BI CVE-2024-30054 Microsoft Energy BI Shopper JavaScript SDK Data Disclosure Vulnerability Vital
Visible Studio CVE-2024-30046 Visible Studio Denial of Service Vulnerability Vital
Visible Studio CVE-2024-32004 GitHub: CVE-2024-32004 Distant Code Execution whereas cloning special-crafted native repositories Vital
Visible Studio CVE-2024-32002 CVE-2024-32002 Recursive clones on case-insensitive filesystems that help symlinks are prone to Distant Code Execution Vital
Home windows Cloud Information Mini Filter Driver CVE-2024-30034 Home windows Cloud Information Mini Filter Driver Data Disclosure Vulnerability Vital
Home windows CNG Key Isolation Service CVE-2024-30031 Home windows CNG Key Isolation Service Elevation of Privilege Vulnerability Vital
Home windows Widespread Log File System Driver CVE-2024-29996 Home windows Widespread Log File System Driver Elevation of Privilege Vulnerability Vital
Home windows Widespread Log File System Driver CVE-2024-30037 Home windows Widespread Log File System Driver Elevation of Privilege Vulnerability Vital
Home windows Widespread Log File System Driver CVE-2024-30025 Home windows Widespread Log File System Driver Elevation of Privilege Vulnerability Vital
Home windows Cryptographic Companies CVE-2024-30020 Home windows Cryptographic Companies Distant Code Execution Vulnerability Vital
Home windows Cryptographic Companies CVE-2024-30016 Home windows Cryptographic Companies Data Disclosure Vulnerability Vital
Home windows Deployment Companies CVE-2024-30036 Home windows Deployment Companies Data Disclosure Vulnerability Vital
Home windows DHCP Server CVE-2024-30019 DHCP Server Service Denial of Service Vulnerability Vital
Home windows DWM Core Library CVE-2024-30008 Home windows DWM Core Library Data Disclosure Vulnerability Vital
Home windows DWM Core Library CVE-2024-30051 Home windows DWM Core Library Elevation of Privilege Vulnerability Vital
Home windows DWM Core Library CVE-2024-30035 Home windows DWM Core Library Elevation of Privilege Vulnerability Vital
Home windows DWM Core Library CVE-2024-30032 Home windows DWM Core Library Elevation of Privilege Vulnerability Vital
Home windows Hyper-V CVE-2024-30011 Home windows Hyper-V Denial of Service Vulnerability Vital
Home windows Hyper-V CVE-2024-30017 Home windows Hyper-V Distant Code Execution Vulnerability Vital
Home windows Hyper-V CVE-2024-30010 Home windows Hyper-V Distant Code Execution Vulnerability Vital
Home windows Kernel CVE-2024-30018 Home windows Kernel Elevation of Privilege Vulnerability Vital
Home windows Mark of the Net (MOTW) CVE-2024-30050 Home windows Mark of the Net Safety Characteristic Bypass Vulnerability Reasonable
Home windows Cell Broadband CVE-2024-30002 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-29997 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-30003 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-30012 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-29999 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-29998 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-30000 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-30005 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-30004 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-30021 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows Cell Broadband CVE-2024-30001 Home windows Cell Broadband Driver Distant Code Execution Vulnerability Vital
Home windows MSHTML Platform CVE-2024-30040 Home windows MSHTML Platform Safety Characteristic Bypass Vulnerability Vital
Home windows NTFS CVE-2024-30027 NTFS Elevation of Privilege Vulnerability Vital
Home windows Distant Entry Connection Supervisor CVE-2024-30039 Home windows Distant Entry Connection Supervisor Data Disclosure Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-30009 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-30024 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-30015 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-30029 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-30023 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-30014 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Routing and Distant Entry Service (RRAS) CVE-2024-30022 Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability Vital
Home windows Activity Scheduler CVE-2024-26238 Microsoft PLUGScheduler Scheduled Activity Elevation of Privilege Vulnerability Vital
Home windows Win32K – GRFX CVE-2024-30030 Win32k Elevation of Privilege Vulnerability Vital
Home windows Win32K – ICOMP CVE-2024-30038 Win32k Elevation of Privilege Vulnerability Vital
Home windows Win32K – ICOMP CVE-2024-30049 Home windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Vital
Home windows Win32K – ICOMP CVE-2024-30028 Win32k Elevation of Privilege Vulnerability Vital

Recent articles

Hackers Use Microsoft MSC Information to Deploy Obfuscated Backdoor in Pakistan Assaults

î ‚Dec 17, 2024î „Ravie LakshmananCyber Assault / Malware A brand new...

INTERPOL Pushes for

î ‚Dec 18, 2024î „Ravie LakshmananCyber Fraud / Social engineering INTERPOL is...

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

î ‚Dec 18, 2024î „Ravie LakshmananCyber Assault / Vulnerability Risk actors are...