{"id":24506,"date":"2024-05-14T21:20:56","date_gmt":"2024-05-15T05:20:56","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/05\/14\/news-18236\/"},"modified":"2024-05-14T21:20:56","modified_gmt":"2024-05-15T05:20:56","slug":"news-18236","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/05\/14\/news-18236\/","title":{"rendered":"No mayday call necessary for the year\u2019s fifth Patch Tuesday"},"content":{"rendered":"<p><strong>Credit to Author: Angela Gunn| Date: Wed, 15 May 2024 03:53:24 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\">\n<p>The deluge of patches in April dried up substantially in May, as Microsoft on Tuesday released 59 patches touching 11 product families. Windows as usual takes the lion\u2019s share of patches with 48, with the rest spread among .NET, 365 Apps for Enterprise, Azure, Bing Search for iOS, Dynamics 365, Intune, Office, Power BI, SharePoint, and Visual Studio. There is just one critical-severity issue, affecting SharePoint.<\/p>\n<p>At patch time, two issues, both important-severity faults affecting Windows, are known to be under active exploit in the wild. Ten additional important-severity vulnerabilities in Windows and SharePoint are by the company\u2019s estimation more likely to be exploited in the next 30 days. Eight of the issues are amenable to detection by Sophos protections, and we include information on those in a table below.<\/p>\n<p>In addition to these patches, the release includes advisory information on six patches related to the Edge browser; two related to Visual Studio but managed by GitHub, not Microsoft; and four from Adobe. We don\u2019t include advisories in the CVE counts and graphics below, but we provide information on all of them in an appendix at the end of the article. We are as usual including at the end of this post three other appendices listing all Microsoft\u2019s patches, sorted by severity, by predicted exploitability, and by product family.<\/p>\n<h3><strong>By the numbers<\/strong><\/h3>\n<ul>\n<li>Total Microsoft CVEs: 59<\/li>\n<li>Total Edge \/ Chrome advisory issues covered in update: 6<\/li>\n<li>Total non-Microsoft Visual Studio advisory issues covered in update: 2<\/li>\n<li>Total Adobe issues covered in update: 4<\/li>\n<li>Publicly disclosed: 2<\/li>\n<li>Exploited: 2<\/li>\n<li>Severity\n<ul>\n<li>Critical: 1<\/li>\n<li>Important: 57<\/li>\n<li>Moderate: 1<\/li>\n<\/ul>\n<\/li>\n<li>Impact:\n<ul>\n<li>Remote Code Execution: 25<\/li>\n<li>Elevation of Privilege: 17<\/li>\n<li>Information Disclosure: 7<\/li>\n<li>Spoofing: 4<a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-01.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-955287\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-01.png\" alt=\"\" width=\"640\" height=\"414\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-01.png 836w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-01.png?resize=300,194 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-01.png?resize=768,497 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/li>\n<li>Denial of Service: 3<\/li>\n<li>Security Feature Bypass: 2<\/li>\n<li>Tampering: 1<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><em>Figure 1: May continues the previous month\u2019s emphasis on RCE issues, though all seven of Microsoft\u2019s usual impact categories put in an appearance<\/em><\/p>\n<h3><strong>Products<\/strong><\/h3>\n<ul>\n<li>Windows: 48<\/li>\n<li>Dynamics 365: 2<\/li>\n<li>SharePoint: 2<\/li>\n<li>Visual Studio: 2 (including one shared with .NET; in addition, two advisory issues apply to VS)<\/li>\n<li>.NET: 1 (shared with Visual Studio)<\/li>\n<li>365 Apps for Enterprise: 1 (shared with Office)<\/li>\n<li>Azure: 1<\/li>\n<li>Bing Search for iOS: 1<\/li>\n<li>Intune: 1<\/li>\n<li>Office: 1 (shared with 365 Apps for Enterprise)<\/li>\n<li>Power BI: 1<\/li>\n<\/ul>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-02.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-955288\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-02.png\" alt=\"\" width=\"640\" height=\"458\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-02.png 752w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-02.png?resize=300,215 300w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 2: Windows takes the overwhelming number of May patches, but only SharePoint has a critical-severity issue to manage<\/em><\/p>\n<h3><strong>Notable May updates and themes<\/strong><\/h3>\n<p>In addition to the issues discussed above, a few specific items merit attention.<\/p>\n<p><strong>CVE-2024-4559 &#8211; Chromium: CVE-2024-4671 Use after free in Visuals<\/strong><\/p>\n<p>Are we really leading this section with an advisory this month? Yes. This Chrome bug was technically patched Friday (one day after an anonymous researcher reported it to Google), and it\u2019s mentioned in Microsoft\u2019s Patch Tuesday release simply to assure Edge users that the latest version addresses this high-severity issue. That said, Edge \u2013 and <em>all browsers using Chromium OSS<\/em> \u2013 need to patch immediately, as this one was found in the wild. Go.<\/p>\n<p><strong>CVE-2024-30040 \u2013 Windows MSHTML Platform Security Feature Bypass Vulnerability<br \/> CVE-2024-30051 &#8212; Windows DWM Core Library Elevation of Privilege Vulnerability<\/strong><\/p>\n<p>Two additional issues have been detected under exploit in the wild. The MSHTML issue has a base CVSS value of 8.8; the bug bypasses a feature in Microsoft 365 called OLE Auto-Activation Block, which allows admins to prevent abuse of OLE\/COM. An attacker would abuse this bug by sending the targeted user a maliciously crafted file and then convincing them, to quote the bulletin, \u201cto manipulate the specially crafted file, but not necessarily click or open the malicious file.\u201d The DWM Core Library issue has a lower 7.8 base CVSS \u2013 and shares the stage with three other fixes addressing that component \u2013 but the list of credited finders is various and startling, including researchers from Kaspersky, Google Threat Analysis Group, Google Mandiant, and DBAPPSecurity WeBin Lab.<\/p>\n<p><strong>CVE-2024-30050 \u2013 Windows Mark of the Web Security Feature Bypass Vulnerability<\/strong><\/p>\n<p>April showers may be over, but the steady pitter-pat of Mark of the Web issues continues. This one\u2019s Moderate in impact and limited in scope \u2013 a successful attack would lead to limited losses of integrity and availability of security features that rely on MotW, including Protected Mode in Office. Still, Microsoft assesses this one to be more likely to be exploited within the next 30 days, and the uses of a vulnerability like this in a chained attack should be kept in mind. Sophos has developed Intercept X\/Endpoint IPS and XGS Firewall protections against this issue, as covered in the table below.<\/p>\n<p><strong>CVE-2024-30044 \u2013 Microsoft SharePoint Server Remote Code Execution Vulnerability<\/strong><\/p>\n<p>The month\u2019s sole Critical-severity vulnerability affects SharePoint and is believed by Microsoft to be more likely to see exploitation in the next 30 days. Once again, Sophos has developed Intercept X\/Endpoint IPS and XGS Firewall protections against this issue, as covered in the table below.<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-03.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-955289\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-03.png\" alt=\"\" width=\"640\" height=\"413\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-03.png 835w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-03.png?resize=300,194 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/pt2405-figure-03.png?resize=768,496 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 3: RCE issues continue to outpace all other types of vulnerability in 2024<\/em><\/p>\n<h3><strong>Sophos protections<\/strong><\/h3>\n<p>&nbsp;<\/p>\n<p>As you can every month, if you don\u2019t want to wait for your system to pull down Microsoft\u2019s updates itself, you can download them manually from the Windows Update Catalog website. Run the <strong>winver.exe <\/strong>tool to determine which build of Windows 10 or 11 you\u2019re running, then download the Cumulative Update package for your specific system\u2019s architecture and build number.<\/p>\n<h3><strong>Appendix A: Vulnerability Impact and Severity<\/strong><\/h3>\n<p>This is a list of May patches sorted by impact, then sub-sorted by severity. Each list is further arranged by CVE.<\/p>\n<p><strong>Remote Code Execution (25 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30044<\/td>\n<td width=\"472\">Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29997<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29998<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29999<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30000<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30001<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30002<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30003<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30004<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30005<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30006<\/td>\n<td width=\"472\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30009<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30010<\/td>\n<td width=\"472\">Windows Hyper-V Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30012<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30014<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30015<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30017<\/td>\n<td width=\"472\">Windows Hyper-V Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30020<\/td>\n<td width=\"472\">Windows Cryptographic Services Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30021<\/td>\n<td width=\"472\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30022<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30023<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30024<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30029<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30042<\/td>\n<td width=\"472\">Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30045<\/td>\n<td width=\"472\">.NET and Visual Studio Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Elevation of Privilege (17 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-26238<\/td>\n<td width=\"472\">Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29994<\/td>\n<td width=\"472\">Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29996<\/td>\n<td width=\"472\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30007<\/td>\n<td width=\"472\">Microsoft Brokering File System Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30018<\/td>\n<td width=\"472\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30025<\/td>\n<td width=\"472\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30027<\/td>\n<td width=\"472\">NTFS Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30028<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30030<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30031<\/td>\n<td width=\"472\">Windows CNG Key Isolation Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30032<\/td>\n<td width=\"472\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30033<\/td>\n<td width=\"472\">Windows Search Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30035<\/td>\n<td width=\"472\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30037<\/td>\n<td width=\"472\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30038<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30049<\/td>\n<td width=\"472\">Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30051<\/td>\n<td width=\"472\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Information Disclosure (7 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30008<\/td>\n<td width=\"472\">Windows DWM Core Library Information Disclosure\u00a0 Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30016<\/td>\n<td width=\"472\">Windows Cryptographic Services Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30034<\/td>\n<td width=\"472\">Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30036<\/td>\n<td width=\"472\">Windows Deployment Services Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30039<\/td>\n<td width=\"472\">Windows Remote Access Connection Manager Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30043<\/td>\n<td width=\"472\">Microsoft SharePoint Server Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30054<\/td>\n<td width=\"472\">Microsoft Power BI Client Javascript SDK Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Spoofing (4 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30041<\/td>\n<td width=\"472\">Microsoft Bing Search Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30047<\/td>\n<td width=\"472\">Dynamics 365 Customer Insights Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30048<\/td>\n<td width=\"472\">Dynamics 365 Customer Insights Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30053<\/td>\n<td width=\"472\">Azure Migrate Cross-Site Scripting Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Denial of Service (3 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30011<\/td>\n<td width=\"472\">Windows Hyper-V Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30019<\/td>\n<td width=\"472\">DHCP Server Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30046<\/td>\n<td width=\"472\">Visual Studio Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Security Feature Bypass (2 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30040<\/td>\n<td width=\"472\">Windows MSHTML Platform Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Moderate severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30050<\/td>\n<td width=\"472\">Windows Mark of the Web Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Tampering (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30059<\/td>\n<td width=\"472\">Microsoft Intune for Android Mobile Application Management Tampering Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<h3><strong>Appendix B: Exploitability<\/strong><\/h3>\n<p>This is a list of the May CVEs already under exploit in the wild, and those judged by Microsoft to be more likely to be exploited in the wild within the first 30 days post-release. The list is arranged by CVE.<\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Exploitation detected<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30040<\/td>\n<td width=\"472\">Windows MSHTML Platform Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30051<\/td>\n<td width=\"472\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Exploitation more likely within the next 30 days<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29996<\/td>\n<td width=\"472\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30025<\/td>\n<td width=\"472\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30032<\/td>\n<td width=\"472\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30034<\/td>\n<td width=\"472\">Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30035<\/td>\n<td width=\"472\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30037<\/td>\n<td width=\"472\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30038<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30044<\/td>\n<td width=\"472\">Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30049<\/td>\n<td width=\"472\">Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30050<\/td>\n<td width=\"472\">Windows Mark of the Web Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<h3><strong>\u00a0<\/strong><strong>Appendix C: Products Affected<\/strong><\/h3>\n<p>This is a list of May\u2019s patches sorted by product family, then sub-sorted by severity. Each list is further arranged by CVE. Patches that are shared among multiple product families are listed multiple times, once for each product family.<\/p>\n<p><strong>Windows (48 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-26238<\/td>\n<td width=\"469\">Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29994<\/td>\n<td width=\"469\">Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29996<\/td>\n<td width=\"469\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29997<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29998<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29999<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30000<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30001<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30002<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30003<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30004<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30005<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30006<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30007<\/td>\n<td width=\"469\">Microsoft Brokering File System Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30008<\/td>\n<td width=\"469\">Windows DWM Core Library Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30009<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30010<\/td>\n<td width=\"469\">Windows Hyper-V Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30011<\/td>\n<td width=\"469\">Windows Hyper-V Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30012<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30014<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30015<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30016<\/td>\n<td width=\"469\">Windows Cryptographic Services Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30017<\/td>\n<td width=\"469\">Windows Hyper-V Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30018<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30019<\/td>\n<td width=\"469\">DHCP Server Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30020<\/td>\n<td width=\"469\">Windows Cryptographic Services Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30021<\/td>\n<td width=\"469\">Windows Mobile Broadband Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30022<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30023<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30024<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30025<\/td>\n<td width=\"469\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30027<\/td>\n<td width=\"469\">NTFS Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30028<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30029<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30030<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30031<\/td>\n<td width=\"469\">Windows CNG Key Isolation Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30032<\/td>\n<td width=\"469\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30033<\/td>\n<td width=\"469\">Windows Search Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30034<\/td>\n<td width=\"469\">Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30035<\/td>\n<td width=\"469\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30036<\/td>\n<td width=\"469\">Windows Deployment Services Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30037<\/td>\n<td width=\"469\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30038<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30039<\/td>\n<td width=\"469\">Windows Remote Access Connection Manager Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30040<\/td>\n<td width=\"469\">Windows MSHTML Platform Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30049<\/td>\n<td width=\"469\">Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30051<\/td>\n<td width=\"469\">Windows DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Moderate severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30050<\/td>\n<td width=\"469\">Windows Mark of the Web Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Dynamics 365 (2 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30047<\/td>\n<td width=\"469\">Dynamics 365 Customer Insights Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30048<\/td>\n<td width=\"469\">Dynamics 365 Customer Insights Spoofing Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>SharePoint (2 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30044<\/td>\n<td width=\"469\">Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30043<\/td>\n<td width=\"469\">Microsoft SharePoint Server Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Visual Studio (2* CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30045<\/td>\n<td width=\"469\">.NET and Visual Studio Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30046<\/td>\n<td width=\"469\">Visual Studio Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>* In addition, this release includes information on two GitHub-issued advisories affecting Visual Studio; please see Appendix D for details.<\/p>\n<p><strong>.NET (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30045<\/td>\n<td width=\"469\">.NET and Visual Studio Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>365 Apps for Enterprise (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30042<\/td>\n<td width=\"469\">Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Azure (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30053<\/td>\n<td width=\"469\">Azure Migrate Cross-Site Scripting Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Bing Search for iOS (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30041<\/td>\n<td width=\"469\">Microsoft Bing Search Spoofing Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Intune (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30059<\/td>\n<td width=\"469\">Microsoft Intune for Android Mobile Application Management Tampering Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Office (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30042<\/td>\n<td width=\"469\">Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Power BI (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30054<\/td>\n<td width=\"469\">Microsoft Power BI Client Javascript SDK Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<h3><strong>Appendix D: Advisories and Other Products<\/strong><\/h3>\n<p>This is a list of advisories and information on other relevant CVEs in the May Microsoft release, sorted by product.<\/p>\n<p><strong>Relevant to Edge \/ Chromium (6 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2024-4331<\/td>\n<td width=\"469\">Chromium: CVE-2024-4331 Use after free in Picture In Picture<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-4368<\/td>\n<td width=\"469\">Chromium: CVE-2024-4368 Use after free in Dawn<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-4558<\/td>\n<td width=\"469\">Chromium: CVE-2024-4558 Use after free in ANGLE<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-4559<\/td>\n<td width=\"469\">Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-4671<\/td>\n<td width=\"469\">Chromium: CVE-2024-4671 Use after free in Visuals<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30055<\/td>\n<td width=\"469\">Microsoft Edge (Chromium-based) Spoofing Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Relevant to Visual Studio (non-Microsoft CVE issuer) (2 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2024-32002<\/td>\n<td width=\"469\">Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-32004<\/td>\n<td width=\"469\">GitHub: CVE-2023-32004 Remote Code Execution while cloning special-crafted local repositories<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Relevant to Adobe (non-Microsoft release) (4 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2024-30284<\/td>\n<td width=\"469\">Use After Free (CWE-416)<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30310<\/td>\n<td width=\"469\">Out-of-bounds Write (CWE-787)<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30311<\/td>\n<td width=\"469\">Out-of-bounds Read (CWE-125)<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30312<\/td>\n<td width=\"469\">Out-of-bounds Read (CWE-125)<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2024\/05\/14\/no-mayday-call-necessary-for-the-years-fifth-patch-tuesday\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/shutterstock_71791933.jpg\"\/><\/p>\n<p><strong>Credit to Author: Angela Gunn| Date: Wed, 15 May 2024 03:53:24 +0000<\/strong><\/p>\n<p>A return to pre-April CVE volumes, mostly for Windows, though two vulns \u2013 or is it three? &#8212; are already under exploit<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[31388,31389,31392,31390,31393,129,10516,19245,16771],"class_list":["post-24506","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-cve-2024-30040","tag-cve-2024-30044","tag-cve-2024-30050","tag-cve-2024-30051","tag-cve-2024-4559","tag-featured","tag-microsoft","tag-patch-tuesday","tag-threat-research"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24506","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24506"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24506\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24506"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24506"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24506"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}