Microsoft September 2024 Patch Tuesday, (Tue, Sep 10th)

Microsoft September 2024 Patch Tuesday, (Tue, Sep 10th)

Today, Microsoft released its scheduled September set of patches. This update addresses 79 different vulnerabilities. Seven of these vulnerabilities are rated critical. Four vulnerabilities are already being exploited and have been made public. 

Noteworthy Vulnerabilities:

CVE-2024-43491: This “downgrade” vulnerabilities. An attacker can remove previously applied patches and exploit older vulnerabilities. This issue only affects Windows 15 Version 1507, which is EOL. It appears to differ from the similar vulnerabilities (CVE-2024-38202 and CVE-2024-21302) made public by Alon Leviev during Blackhat this year. These two vulnerabilities appear to remain unpatched.

CVE-2024-38014: A Windows Installer issue could lead to attackers gaining System access.

CVE-2024-38217: Yet another “Mark of the Web” bypass that is already exploited and could be used to trick a victim into installing malware.

CVE-2024-38226: Similar to the above vulnerability, a security feature bypass in Publisher.

Microsoft also patched four remote code execution vulnerabilities in Sharepoint, but the lower CVSS score indicates that exploitation will require access and specific prerequisites.

CVE-2024-38119: A critical vulnerability in the Windows NAT code. The low CVSS score is likely because this is not enabled by default.

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-43469 No No Important 8.8 7.7
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-38188 No No Important 7.1 6.2
CVE-2024-43470 No No Important 7.3 6.4
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38216 No No Critical 8.2 7.1
CVE-2024-38220 No No Critical 9.0 7.8
Azure Web Apps Elevation of Privilege Vulnerability
CVE-2024-38194 No No Critical 8.4 7.3
DHCP Server Service Denial of Service Vulnerability
CVE-2024-38236 No No Important 7.5 6.5
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38241 No No Important 7.8 6.8
CVE-2024-38242 No No Important 7.8 6.8
CVE-2024-38238 No No Important 7.8 6.8
CVE-2024-38243 No No Important 7.8 6.8
CVE-2024-38244 No No Important 7.8 6.8
CVE-2024-38245 No No Important 7.8 6.8
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38237 No No Important 7.8 6.8
Microsoft AllJoyn API Information Disclosure Vulnerability
CVE-2024-38257 No No Important 7.5 6.5
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVE-2024-43492 No No Important 7.8 6.8
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-43476 No No Important 7.6 6.6
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-38225 No No Important 8.8 7.7
Microsoft Excel Elevation of Privilege Vulnerability
CVE-2024-43465 No No Important 7.8 6.8
Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-38259 No No Important 8.8 7.7
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43463 No No Important 7.8 6.8
Microsoft Outlook for iOS Information Disclosure Vulnerability
CVE-2024-43482 No No Important 6.5 5.7
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
CVE-2024-43479 No No Important 8.5 7.4
Microsoft Publisher Security Feature Bypass Vulnerability
CVE-2024-38226 No Yes Important 7.3 6.4
Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-37965 No No Important 8.8 7.7
CVE-2024-37341 No No Important 8.8 7.7
CVE-2024-37980 No No Important 8.8 7.7
Microsoft SQL Server Information Disclosure Vulnerability
CVE-2024-43474 No No Important 7.6 6.6
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37966 No No Important 7.1 6.2
CVE-2024-37337 No No Important 7.1 6.2
CVE-2024-37342 No No Important 7.1 6.2
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37338 No No Important 8.8 7.7
CVE-2024-37335 No No Important 8.8 7.7
CVE-2024-37340 No No Important 8.8 7.7
CVE-2024-37339 No No Important 8.8 7.7
CVE-2024-26186 No No Important 8.8 7.7
CVE-2024-26191 No No Important 8.8 7.7
Microsoft SharePoint Server Denial of Service Vulnerability
CVE-2024-43466 No No Important 6.5 5.7
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38018 No No Critical 8.8 7.7
CVE-2024-43464 No No Critical 7.2 6.3
CVE-2024-38227 No No Important 7.2 6.3
CVE-2024-38228 No No Important 7.2 6.3
Microsoft Windows Admin Center Information Disclosure Vulnerability
CVE-2024-43475 No No Important 7.3 6.4
Microsoft Windows Update Remote Code Execution Vulnerability
CVE-2024-43491 No Yes Critical 9.8 8.5
PowerShell Elevation of Privilege Vulnerability
CVE-2024-38046 No No Important 7.8 6.8
Win32k Elevation of Privilege Vulnerability
CVE-2024-38246 No No Important 7.0 6.1
Windows Authentication Information Disclosure Vulnerability
CVE-2024-38254 No No Important 5.5 4.8
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38249 No No Important 7.8 6.8
CVE-2024-38250 No No Important 7.8 6.8
CVE-2024-38247 No No Important 7.8 6.8
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-38235 No No Important 6.5 5.7
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-38014 No Yes Important 7.8 6.8
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38239 No No Important 7.2 6.3
Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-38256 No No Important 5.5 4.8
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43461 No No Important 8.8 7.7
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38217 Yes Yes Important 5.4 5.0
CVE-2024-43487 No No Moderate 6.5 6.0
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
CVE-2024-38119 No No Critical 7.5 6.5
Windows Networking Denial of Service Vulnerability
CVE-2024-38232 No No Important 7.5 6.5
CVE-2024-38233 No No Important 7.5 6.5
CVE-2024-38234 No No Important 6.5 5.7
Windows Networking Information Disclosure Vulnerability
CVE-2024-43458 No No Important 7.7 6.7
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-38240 No No Important 8.1 7.1
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38231 No No Important 6.5 5.7
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
CVE-2024-38258 No No Important 6.5 5.7
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43467 No No Important 7.5 6.5
CVE-2024-38260 No No Important 8.8 7.7
CVE-2024-38263 No No Important 7.5 6.5
CVE-2024-43454 No No Important 7.1 6.2
Windows Remote Desktop Licensing Service Spoofing Vulnerability
CVE-2024-43455 No No Important 8.8 7.7
Windows Security Zone Mapping Security Feature Bypass Vulnerability
CVE-2024-30073 No No Important 7.8 6.8
Windows Setup and Deployment Elevation of Privilege Vulnerability
CVE-2024-43457 No No Important 7.8 6.8
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-38230 No No Important 6.5 5.7
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-38248 No No Important 7.0 6.3
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-21416 No No Important 8.1 7.1
CVE-2024-38045 No No Important 8.1 7.1
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38252 No No Important 7.8 6.8
CVE-2024-38253 No No Important 7.8 6.8
Windows libarchive Remote Code Execution Vulnerability
CVE-2024-43495 No No Important 7.3 6.4

Vulnerabilities: 79


Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

Published at Tue, 10 Sep 2024 17:59:45 +0000

More Articles & Posts