{"id":23937,"date":"2024-02-14T03:20:54","date_gmt":"2024-02-14T11:20:54","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/02\/14\/news-17667\/"},"modified":"2024-02-14T03:20:54","modified_gmt":"2024-02-14T11:20:54","slug":"news-17667","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2024\/02\/14\/news-17667\/","title":{"rendered":"February\u2019s Patch Tuesday treats customers to 72 patches"},"content":{"rendered":"<p><strong>Credit to Author: Angela Gunn| Date: Wed, 14 Feb 2024 09:23:10 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\">\n<p>After a light start to the year, February delivered 72 patches and 21 advisories to Microsoft customers. The CVEs addressed in this month\u2019s Patch Tuesday release included 43 for Windows. Twelve other product groups or tools are also affected. Of the CVEs addressed, five are considered Critical in severity by Microsoft; these affect Windows, Office, Exchange, and Dynamics 365.<\/p>\n<p>At patch time, two of the issues are known to be under exploit in the wild, and none has been publicly disclosed. (However, one of the advisory items most certainly has; more on that in a minute.) Eight of the addressed vulnerabilities in Windows, Office, and Exchange (including a Critical-severity elevation-of-privilege issue with an attention-getting 9.8 CVSS base score) are by the company\u2019s estimation more likely to be exploited in the next 30 days. Six of the issues addressed are covered by Sophos protections, and we include information on those in a table below.<\/p>\n<p>In addition to these patches the release included information on six Chromium\/Edge-related CVEs, including an RCE that could lead to sandbox escapes; one MITRE-issued CVE concerning a DNS issue that could lead to denial of service; one Github-issued CVE addressing the recent CVE-2024-21626 \u201cLeaky Vessel\u201d issue affecting Mariner, disclosed in a lengthy <a href=\"https:\/\/snyk.io\/blog\/cve-2024-21626-runc-process-cwd-container-breakout\/\">public post<\/a> by Snyk two weeks ago and patched by various other affected companies since then; and 13 Adobe advisories, all related to Acrobat Reader.<\/p>\n<p>We don\u2019t include advisories in the CVE counts and graphics below, but we provide information on everything in an appendix at the end of the article. We are as usual including at the end of this post three other appendices listing all Microsoft\u2019s patches, sorted by severity, by predicted exploitability, and by product family.<\/p>\n<ul>\n<li>Total Microsoft CVEs: 72<\/li>\n<li>Total Adobe advisories covered in update: 13<\/li>\n<li>Total Edge \/ Chromium issues covered in update: 6<\/li>\n<li>Total Mariner advisories covered in update: 1<\/li>\n<li>Total MITRE advisories covered in update: 1<\/li>\n<li>Publicly disclosed: 0<\/li>\n<li>Exploited: 2<\/li>\n<li>Severity\n<ul>\n<li>Critical: 5<\/li>\n<li>Important: 65<\/li>\n<li>Moderate: 2<\/li>\n<\/ul>\n<\/li>\n<li>Impact\n<ul>\n<li>Remote Code Execution: 30<\/li>\n<li>Elevation of Privilege: 16<\/li>\n<li>Spoofing: 10<\/li>\n<li>Denial of Service: 8<\/li>\n<li>Information Disclosure: 5<\/li>\n<li>Security Feature Bypass: 3<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-01.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-953631\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-01.png\" alt=\"A bar chart showing the severity of the issues addressed in the February 2024 Microsoft patch release, sorted by impact; data is reproduced in the text of the article.\" width=\"640\" height=\"412\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-01.png 843w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-01.png?resize=300,193 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-01.png?resize=768,495 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 1: After January\u2019s big month for information disclosure bugs, a wealth of OLE-related fixes put remote code execution back on top for February<\/em><\/p>\n<p><strong>Products<\/strong><\/p>\n<ul>\n<li>Windows: 43<\/li>\n<li>Azure: 8<\/li>\n<li>Dynamics 365: 8<\/li>\n<li>Office: 5<\/li>\n<li>.NET: 1<\/li>\n<li>ASP.NET: 1 (shared with Visual Studio)<\/li>\n<li>Defender: 1<\/li>\n<li>Entra [Azure AD]: 1<\/li>\n<li>Exchange: 1<\/li>\n<li>Outlook 365: 1<\/li>\n<li>Skype: 1<\/li>\n<li>Teams for Android: 1<\/li>\n<li>Visual Studio: 1 (shared with ASP.NET)<\/li>\n<\/ul>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-02.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-953632\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-02.png\" alt=\"A bar chart showing the distribution of product families among the patches by Microsoft for February 2024; material is reiterated in the article.\" width=\"640\" height=\"428\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-02.png 810w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-02.png?resize=300,201 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-02.png?resize=768,514 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 2: It\u2019s a Windows-heavy month, thanks in part to a large number of fixes for Windows Defender Application Control (WDAC)<\/em><\/p>\n<p><strong>Notable February updates<\/strong><\/p>\n<p>In addition to the issues discussed above, a few specific items are worth noting.<\/p>\n<p><strong>CVE-2024-21350, CVE-2024-21352, CVE-2024-21358, CVE-2024-21359, CVE-2024-21360, CVE-2024-21361, CVE-2024-21365, CVE-2024-21366, CVE-2024-21367, CVE-2024-21368, CVE-2024-21369, CVE-2024-21370, CVE-2024-21375, CVE-2024-21391 <\/strong>(15 CVEs)<\/p>\n<p><strong>Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/strong><\/p>\n<p>Fifteen CVEs that share not only a name but a severity (Important), an impact (RCE), a lofty CVSS base score (8.8), and a finder non-identification (Microsoft credits all 15 to \u201cAnonymous\u201d). They\u2019re accompanied by one additional (but related?) patch that shares everything but the number and name \u2013 CVE-2024-21353, Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability.<\/p>\n<p><strong>CVE-2024-21404<br \/> Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability<\/strong><\/p>\n<p>This extra-spicy EoP \u2013 Microsoft assigns it only an Important severity rating, but its base CVSS is a critical-level 9.8 \u2013 targets the Azure AD Jira SSO plugin. Significantly, it doesn\u2019t even require the attacker to authenticate to cause trouble; all it takes is a script to access a targeted Jira server, and the attacker will be able to update Entra ID SAML metadata and information for the plugin \u2013 allowing them to change the authentication of the application as they wish. The fix is an update to version 1.1.2; it\u2019s available from either the <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=56506\">Microsoft Download Center<\/a> or from the <a href=\"https:\/\/marketplace.atlassian.com\/apps\/1224430\/microsoft-azure-active-directory-single-sign-on-for-jira?hosting=datacenter&amp;tab=overview\">Atlassian Marketplace<\/a>.<\/p>\n<p><strong>CVE-2024-21410<br \/> Microsoft Exchange Server Elevation of Privilege Vulnerability<\/strong><\/p>\n<p>The other CVE with a 9.8 CVSS this month is a NTLM relay (pass-the-hash) vulnerability. It could allow the attacker to relay a user&#8217;s leaked Net-NTLMv2 hash against a vulnerable Exchange Server and authenticate as the user. It affects a hodge-podge of versions: Exchange Server 2016, cumulative update 23; Exchange Server 2019, cumulative update 13; and Exchange Server 2019, cumulative update 14. More information is available on Microsoft\u2019s <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-2024-h1-cumulative-update-for-exchange-server\/ba-p\/4047506\">Exchange Team Blog<\/a>, but know that the company believes this one is more likely to be exploited within the next 30 days.<\/p>\n<p><strong>CVE-2024-21378<br \/> Microsoft Outlook Remote Code Execution Vulnerability<\/strong><\/p>\n<p>Preview Pane is an attack vector for this important-severity RCE, and Microsoft believes that exploitation is more likely in the next 30 days. The race is on.<\/p>\n<p><strong>CVE-2024-21374<br \/> Microsoft Teams for Android Information Disclosure<\/strong><\/p>\n<p>The patch for this important-severity information disclosure issue is available via <a href=\"https:\/\/play.google.com\/store\/apps\/details?id=com.microsoft.teams\">Google Play<\/a>.<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-03.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-953633\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-03.png\" alt=\"A bar chart showing cumulative patch counts for 2024 by impact and severity; in descending order of frequency, RCE, EoP, information disclosure, DoS, spoofing, security feature bypass.\" width=\"640\" height=\"412\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-03.png 841w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-03.png?resize=300,193 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/figure-03.png?resize=768,495 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 3: 2024\u2019s off and trotting \u2013 though, with just 120 patches so far, totals are running substantially behind other years. (The first two months of 2023 brought 173 patches; 2022, 154; 2021, 139; and 2020, 150.) <\/em><\/p>\n<p><strong>Sophos protections<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p>As you can every month, if you don\u2019t want to wait for your system to pull down Microsoft\u2019s updates itself, you can download them manually from the Windows Update Catalog website. Run the <strong>winver.exe <\/strong>tool to determine which build of Windows 10 or 11 you\u2019re running, then download the Cumulative Update package for your specific system\u2019s architecture and build number.<\/p>\n<p><strong>Appendix A: Vulnerability Impact and Severity<\/strong><\/p>\n<p>This is a list of February patches sorted by impact, then sub-sorted by severity. Each list is further arranged by CVE.<\/p>\n<p><strong>Remote Code Execution (30 CVEs)<\/strong><\/p>\n<table width=\"601\">\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21357<\/td>\n<td width=\"469\">Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21413<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20667<\/td>\n<td width=\"469\">Azure DevOps Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20673<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21339<\/td>\n<td width=\"469\">Windows USB Generic Parent Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21341<\/td>\n<td width=\"469\">Windows Kernel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21347<\/td>\n<td width=\"469\">Microsoft ODBC Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21349<\/td>\n<td width=\"469\">Microsoft ActiveX Data Objects Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21350<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21352<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21353<\/td>\n<td width=\"469\">Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21358<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21359<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21360<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21361<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21363<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21365<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21366<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21367<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21368<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21369<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21370<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21372<\/td>\n<td width=\"469\">Windows OLE Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21375<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21376<\/td>\n<td width=\"469\">Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21378<\/td>\n<td width=\"469\">Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21379<\/td>\n<td width=\"469\">Microsoft Word Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21384<\/td>\n<td width=\"469\">Microsoft Office OneNote Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21391<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21420<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Elevation of Privilege (16 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21410<\/td>\n<td width=\"469\">Microsoft Exchange Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21304<\/td>\n<td width=\"469\">Trusted Compute Base Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21315<\/td>\n<td width=\"469\">Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21329<\/td>\n<td width=\"469\">Azure Connected Machine Agent Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21338<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21345<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21346<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21354<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21355<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21371<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21397<\/td>\n<td width=\"469\">Microsoft Azure File Sync Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21401<\/td>\n<td width=\"469\">Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21402<\/td>\n<td width=\"469\">Microsoft Outlook Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21403<\/td>\n<td width=\"469\">Microsoft Azure Kubernetes Services Confidential Container Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21405<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Moderate severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21364<\/td>\n<td width=\"469\">Microsoft Azure Site Recovery Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Spoofing (10 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20679<\/td>\n<td width=\"469\">Azure Stack Hub Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21327<\/td>\n<td width=\"469\">Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21328<\/td>\n<td width=\"469\">Dynamics 365 Sales Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21381<\/td>\n<td width=\"469\">Microsoft Azure Active Directory B2C Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21389<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21393<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21394<\/td>\n<td width=\"469\">Dynamics 365 Field Service Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21395<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21396<\/td>\n<td width=\"469\">Dynamics 365 Sales Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21406<\/td>\n<td width=\"469\">Windows Print Spooler Spoofing Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Denial of Service (8 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20684<\/td>\n<td width=\"469\">Windows Hyper-V Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21342<\/td>\n<td width=\"469\">Windows DNS Client Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21343<\/td>\n<td width=\"469\">Windows Network Address Translation (NAT) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21344<\/td>\n<td width=\"469\">Windows Network Address Translation (NAT) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21348<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21356<\/td>\n<td width=\"469\">Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21386<\/td>\n<td width=\"469\">.NET Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21404<\/td>\n<td width=\"469\">.NET Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Information Disclosure (5 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21380<\/td>\n<td width=\"469\">Microsoft Dynamics Business Central\/NAV Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20695<\/td>\n<td width=\"469\">Skype for Business Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21340<\/td>\n<td width=\"469\">Windows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21374<\/td>\n<td width=\"469\">Microsoft Teams for Android Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21377<\/td>\n<td width=\"469\">Windows DNS Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Security Feature Bypass (3 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21362<\/td>\n<td width=\"469\">Windows Kernel Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21412<\/td>\n<td width=\"469\">Internet Shortcut Files Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Moderate Severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21351<\/td>\n<td width=\"469\">Windows SmartScreen Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Appendix B: Exploitability<\/strong><\/p>\n<p>This is a list of the February CVEs judged by Microsoft to be either already under active exploit in the wild\u00a0 or more likely to be exploited in the wild within the first 30 days post-release. Each list is further arranged by CVE.<\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Exploitation detected<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21351<\/td>\n<td width=\"469\">Windows SmartScreen Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21412<\/td>\n<td width=\"469\">Internet Shortcut Files Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Exploitation more likely within the next 30 days<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21338<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21345<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21346<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21357<\/td>\n<td width=\"469\">Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21371<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21378<\/td>\n<td width=\"469\">Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21379<\/td>\n<td width=\"469\">Microsoft Word Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21410<\/td>\n<td width=\"469\">Microsoft Exchange Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>\u00a0<\/strong><strong>Appendix C: Products Affected<\/strong><\/p>\n<p>This is a list of February\u2019s patches sorted by product family, then sub-sorted by severity. Each list is further arranged by CVE. Patches that are shared among multiple product families are listed multiple times, once for each product family.<\/p>\n<p><strong>Windows (43 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20684<\/td>\n<td width=\"469\">Windows Hyper-V Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21357<\/td>\n<td width=\"469\">Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21304<\/td>\n<td width=\"469\">Trusted Compute Base Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21338<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21339<\/td>\n<td width=\"469\">Windows USB Generic Parent Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21340<\/td>\n<td width=\"469\">Windows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21341<\/td>\n<td width=\"469\">Windows Kernel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21342<\/td>\n<td width=\"469\">Windows DNS Client Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21343<\/td>\n<td width=\"469\">Windows Network Address Translation (NAT) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21344<\/td>\n<td width=\"469\">Windows Network Address Translation (NAT) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21345<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21346<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21347<\/td>\n<td width=\"469\">Microsoft ODBC Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21348<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21349<\/td>\n<td width=\"469\">Microsoft ActiveX Data Objects Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21350<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21352<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21353<\/td>\n<td width=\"469\">Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21354<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21355<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21356<\/td>\n<td width=\"469\">Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21358<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21359<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21360<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21361<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21362<\/td>\n<td width=\"469\">Windows Kernel Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21363<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21365<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21366<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21367<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21368<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21369<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21370<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21371<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21372<\/td>\n<td width=\"469\">Windows OLE Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21375<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21377<\/td>\n<td width=\"469\">Windows DNS Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21391<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21405<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21406<\/td>\n<td width=\"469\">Windows Print Spooler Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21412<\/td>\n<td width=\"469\">Internet Shortcut Files Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21420<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21351<\/td>\n<td width=\"469\">Windows SmartScreen Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Azure (8 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20667<\/td>\n<td width=\"469\">Azure DevOps Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20679<\/td>\n<td width=\"469\">Azure Stack Hub Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21329<\/td>\n<td width=\"469\">Azure Connected Machine Agent Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21376<\/td>\n<td width=\"469\">Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21381<\/td>\n<td width=\"469\">Microsoft Azure Active Directory B2C Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21397<\/td>\n<td width=\"469\">Microsoft Azure File Sync Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21403<\/td>\n<td width=\"469\">Microsoft Azure Kubernetes Services Confidential Container Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Moderate severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21364<\/td>\n<td width=\"469\">Microsoft Azure Site Recovery Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Dynamics 365 (8 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21380<\/td>\n<td width=\"469\">Microsoft Dynamics Business Central\/NAV Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21327<\/td>\n<td width=\"469\">Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21328<\/td>\n<td width=\"469\">Dynamics 365 Sales Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21389<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21393<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21394<\/td>\n<td width=\"469\">Dynamics 365 Field Service Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21395<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21396<\/td>\n<td width=\"469\">Dynamics 365 Sales Spoofing Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Office (5 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21413<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20673<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21378<\/td>\n<td width=\"469\">Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21379<\/td>\n<td width=\"469\">Microsoft Word Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21384<\/td>\n<td width=\"469\">Microsoft Office OneNote Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>.NET (1 CVE, shared with Visual Studio)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21404<\/td>\n<td width=\"469\">.NET Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>ASP.NET (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21386<\/td>\n<td width=\"469\">.NET Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Defender (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21315<\/p>\n<p>&nbsp;<\/td>\n<td width=\"469\">Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Entra (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21401<\/td>\n<td width=\"469\">Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Exchange (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21410<\/td>\n<td width=\"469\">Microsoft Exchange Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Outlook 365 (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21402<\/td>\n<td width=\"469\">Microsoft Outlook Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Skype (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20695<\/td>\n<td width=\"469\">Skype for Business Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Teams for Android (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21374<\/td>\n<td width=\"469\">Microsoft Teams for Android Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Visual Studio (1 CVE, shared with ASP.NET)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21386<\/td>\n<td width=\"469\">.NET Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Appendix D: Advisories and Other Products<\/strong><\/p>\n<p>This is a list of advisories and information on other relevant CVEs in the February Microsoft release, sorted by product.<\/p>\n<p><strong>Relevant to Edge \/ Chromium (6 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2024-1059<\/td>\n<td width=\"469\">Chromium: CVE-2024-1059 Use after free in WebRTC<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-1060<\/td>\n<td width=\"469\">Chromium: CVE-2024-1060 Use after free in Canvas<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-1077<\/td>\n<td width=\"469\">Chromium: CVE-2024-1077 Use after free in Network<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-1283<\/td>\n<td width=\"469\">Chromium: CVE-2024-1283 Heap buffer overflow in Skia<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-1284<\/td>\n<td width=\"469\">Chromium: CVE-2024-1284 Use after free in Mojo<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-21399<\/td>\n<td width=\"469\">Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Relevant to Windows (non-Microsoft release) (one CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2023-50387<\/td>\n<td width=\"469\">MITRE: CVE-2023-50387 DNS RRSIGs and DNSKEYs validation can be abused to remotely consume DNS server resources<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Relevant to Adobe (13 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2024-20726<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20727<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20728<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20729<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20730<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20731<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20733<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20734<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20735<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20736<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20747<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20748<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-20749<\/td>\n<td width=\"469\">Security updates available for Acrobat Reader<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2024\/02\/14\/februarys-patch-tuesday-treats-customers-to-72-patches\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/02\/shutterstock_377425018.jpg\"\/><\/p>\n<p><strong>Credit to Author: Angela Gunn| Date: Wed, 14 Feb 2024 09:23:10 +0000<\/strong><\/p>\n<p>Two issues under active exploit in the wild headline fixes across 13 product groups<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[11414,129,30879,30880,10516,19245,16771],"class_list":["post-23937","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-adobe","tag-featured","tag-leaky-vessel","tag-mariner","tag-microsoft","tag-patch-tuesday","tag-threat-research"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23937","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23937"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23937\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23937"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23937"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23937"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}