{"id":24671,"date":"2024-06-11T19:20:54","date_gmt":"2024-06-12T03:20:54","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/06\/11\/news-18401\/"},"modified":"2024-06-11T19:20:54","modified_gmt":"2024-06-12T03:20:54","slug":"news-18401","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/06\/11\/news-18401\/","title":{"rendered":"June Patch Tuesday squares up with 49 patches"},"content":{"rendered":"<p><strong>Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 01:21:01 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\">\n<p>June\u2019s Patch Tuesday set eases Windows admins gently into summer, as Microsoft on Tuesday released 49 patches touching 7 product families. Windows as usual takes the lion\u2019s share of patches with 34. The rest relate to Azure, 365 Apps for Enterprise, Dynamics 365, Office, Visual Studio, and SharePoint.<\/p>\n<p>At patch time, none of the issues addressed are known to be under exploit in the wild. That said, eleven vulnerabilities in Windows are by the company\u2019s estimation more likely to be exploited in the next 30 days; one of those is the month\u2019s sole critical-severity issue, which we\u2019ll discuss at some length below. Six of this month\u2019s issues are amenable to detection by Sophos protections, and we include information on those in a table below.<\/p>\n<p>In addition to these patches, the release includes advisory information on seven patches related to the Edge browser, one related to GitHub, one fascinating item from MITRE that affects not just Windows but much of the internet, and two from Adobe. We don\u2019t include advisories in the CVE counts and graphics below, but we provide information on all of them in an appendix at the end of the article, and we will dig into the MITRE advisory below. We are as usual including at the end of this post three other appendices listing all Microsoft\u2019s patches, sorted by severity, by predicted exploitability, and by product family.<\/p>\n<p><strong>By the numbers<\/strong><\/p>\n<ul>\n<li>Total Microsoft CVEs: 49<\/li>\n<li>Total Edge \/ Chrome advisory issues covered in update: 7<\/li>\n<li>Total non-Edge Microsoft advisory issues covered in update: 2<\/li>\n<li>Total Adobe issues covered in update: 2<\/li>\n<li>Publicly disclosed: 0*<\/li>\n<li>Exploited: 0<\/li>\n<li>Severity\n<ul>\n<li>Critical: 1<\/li>\n<li>Important: 48<\/li>\n<\/ul>\n<\/li>\n<li>Impact:\n<ul>\n<li>Elevation of Privilege: 24<\/li>\n<li>Remote Code Execution: 18<\/li>\n<li>Denial of Service: 4<\/li>\n<li>Information Disclosure: 3<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>* One advisory-only CVE is publicly disclosed; see below<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-955748\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-1.png\" alt=\"A bar chart showing the distribution of impacts among the June 2024 patches, as covered in text\" width=\"640\" height=\"411\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-1.png 840w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-1.png?resize=300,193 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-1.png?resize=768,494 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 1: Just four categories of vulnerability are represented in June\u2019s Patch Tuesday batch<\/em><\/p>\n<p><strong>Products<\/strong><\/p>\n<ul>\n<li>Windows: 34<\/li>\n<li>Azure: 5<\/li>\n<li>365 Apps for Enterprise: 4 (including one shared with Office)<\/li>\n<li>Dynamics 365: 3<\/li>\n<li>Office: 3 (shared with 365 Apps for Enterprise)<\/li>\n<li>Visual Studio: 2<\/li>\n<li><span style=\"font-size: 1em\">SharePoint: 1<\/span><\/li>\n<\/ul>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-2.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-955749\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-2.png\" alt=\"A bar chart showing the distribution of affected product families among the June 2024 patches, as covered in text\" width=\"640\" height=\"449\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-2.png 767w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-2.png?resize=300,210 300w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 2: Windows accounts for two-thirds of June\u2019s patches, as well as the sole Critical-level issue<\/em><\/p>\n<p><strong>Notable June updates<\/strong><\/p>\n<p>In addition to the issues discussed above, a few specific items merit attention.<\/p>\n<p><strong>CVE-2024-30080 &#8211; Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/strong><\/p>\n<p>Microsoft has marked 11 CVEs this month as more likely to be exploited within 30 days of Patch Tuesday; this critical-severity RCE \u2013 the month\u2019s only critical-class issue &#8212; should be considered top of the class. It affects both clients and servers that have enabled the Windows message-queuing service. With that switched on and listening (default port is 1801), an attacker could send a maliciously crafted MSMQ packet to the server and gain RCE. (Yes, Sophos has a detection for this; please see the table immediately below Figure 3.)<\/p>\n<p><strong>CVE-2023-50868 &#8211; MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU<\/strong><\/p>\n<p>This is an advisory-only CVE, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-50868\">issued by MITRE<\/a> and of concern to the industry at large, not only Microsoft. It covers a publicly disclosed issue with DNSSEC and how it proves the non-existence of a specified zone. (Unfamiliar with the details of DNSSEC, or perplexed as to how an NSEC record can prove a negative? The DNS Institute has a <a href=\"https:\/\/dnsinstitute.com\/documentation\/dnssec-guide\/ch06s02.html\">delightfully readable story<\/a> that explains it.) The bug in question is an important-severity denial-of-service issue; it\u2019s not thought to be under exploit in the wild, but it\u2019s DNS and therefore worth your time.<\/p>\n<p><strong>CVE-2024-37325 &#8211; Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability<\/strong><\/p>\n<p>There is only one vulnerability this month that Microsoft considers critical in severity (CVE-2024-30800, above), but for those who go by CVSS scores, this Azure EoP merits a look \u2013 but only if you\u2019re running a version of Linux\/Ubuntu Data Science Virtual Machines (DSVM) prior to 24.05.24. If that\u2019s your situation, this 9.8 CVSS bug requires neither privileges nor user interaction; all the attacker need do is send a specially crafted request to the target machine to gain access to authorized users\u2019 credentials. Affected users should <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/machine-learning\/data-science-virtual-machine\/ubuntu-upgrade?view=azureml-api-2\">read up on the details<\/a> and get moving.<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-3.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-955750\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-3.png\" alt=\"A bar chart showing the distribution of impacts among the 2024 patches so far; RCE leads, followed in order by EoP, information disclosure, security feature bypass, denial of service, spoofing, and tampering\" width=\"640\" height=\"408\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-3.png 840w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-3.png?resize=300,191 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/pt2406-figure-3.png?resize=768,490 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 3: As we round the curve on calendar year 2024, Information Disclosure vulns pull slightly ahead of Security Feature Bypass issues, but RCE continues to lead the pack<\/em><\/p>\n<p><strong>Sophos protections<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p>As you can every month, if you don\u2019t want to wait for your system to pull down Microsoft\u2019s updates itself, you can download them manually from the Windows Update Catalog website. Run the <strong>winver.exe <\/strong>tool to determine which build of Windows 10 or 11 you\u2019re running, then download the Cumulative Update package for your specific system\u2019s architecture and build number.<\/p>\n<p><strong>Appendix A: Vulnerability Impact and Severity<\/strong><\/p>\n<p>This is a list of June patches sorted by impact, then sub-sorted by severity. Each list is further arranged by CVE.<\/p>\n<p><strong>Elevation of Privilege (24 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29060<\/td>\n<td width=\"472\">Visual Studio Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30064<\/td>\n<td width=\"472\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30066<\/td>\n<td width=\"472\">Winlogon Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30067<\/td>\n<td width=\"472\">WinLogon Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30068<\/td>\n<td width=\"472\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30076<\/td>\n<td width=\"472\">Windows Container Manager Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30082<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30084<\/td>\n<td width=\"472\">Windows Kernel-Mode Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30085<\/td>\n<td width=\"472\">Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30086<\/td>\n<td width=\"472\">Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30087<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30088<\/td>\n<td width=\"472\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30089<\/td>\n<td width=\"472\">Microsoft Streaming Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30090<\/td>\n<td width=\"472\">Microsoft Streaming Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30091<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30093<\/td>\n<td width=\"472\">Windows Storage Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30099<\/td>\n<td width=\"472\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35248<\/td>\n<td width=\"472\">Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35250<\/td>\n<td width=\"472\">Windows Kernel-Mode Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35253<\/td>\n<td width=\"472\">Microsoft Azure File Sync Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35254<\/td>\n<td width=\"472\">Azure Monitor Agent Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35255<\/td>\n<td width=\"472\">Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35265<\/td>\n<td width=\"472\">Windows Perception Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-37325<\/td>\n<td width=\"472\">Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Remote Code Execution (18 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"614\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30080<\/td>\n<td width=\"472\">Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"614\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30052<\/td>\n<td width=\"472\">Visual Studio Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30062<\/td>\n<td width=\"472\">Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30063<\/td>\n<td width=\"472\">Windows Distributed File System (DFS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30072<\/td>\n<td width=\"472\">Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30074<\/td>\n<td width=\"472\">Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30075<\/td>\n<td width=\"472\">Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30077<\/td>\n<td width=\"472\">Windows OLE Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30078<\/td>\n<td width=\"472\">Windows WiFi Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30094<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30095<\/td>\n<td width=\"472\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30097<\/td>\n<td width=\"472\">Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30100<\/td>\n<td width=\"472\">Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30101<\/td>\n<td width=\"472\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30102<\/td>\n<td width=\"472\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30103<\/td>\n<td width=\"472\">Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-30104<\/td>\n<td width=\"472\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"142\">CVE-2024-35249<\/td>\n<td width=\"472\">Microsoft Dynamics Business Central Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Denial of Service (4 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30065<\/td>\n<td width=\"472\">Windows Themes Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30070<\/td>\n<td width=\"472\">DHCP Server Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30083<\/td>\n<td width=\"472\">Windows Standards-Based Storage Management Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35252<\/td>\n<td width=\"472\">Azure Storage Movement Client Library Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Information Disclosure (3 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30069<\/td>\n<td width=\"472\">Windows Remote Access Connection Manager Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30096<\/td>\n<td width=\"472\">Windows Cryptographic Services Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35263<\/td>\n<td width=\"472\">Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Appendix B: Exploitability<\/strong><\/p>\n<p>This is a list of the June CVEs judged by Microsoft to be more likely to be exploited in the wild within the first 30 days post-release. The list is arranged by CVE. This month does not address any vulnerabilities already under exploit.<\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"604\"><strong>Exploitation more likely within the next 30 days<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30080<\/td>\n<td width=\"472\">Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30082<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30084<\/td>\n<td width=\"472\">Windows Kernel-Mode Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30085<\/td>\n<td width=\"472\">Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30086<\/td>\n<td width=\"472\">Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30087<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30088<\/td>\n<td width=\"472\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30089<\/td>\n<td width=\"472\">Microsoft Streaming Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30091<\/td>\n<td width=\"472\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30099<\/td>\n<td width=\"472\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35250<\/td>\n<td width=\"472\">Windows Kernel-Mode Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Appendix C: Products Affected<\/strong><\/p>\n<p>This is a list of June\u2019s patches sorted by product family, then sub-sorted by severity. Each list is further arranged by CVE. Patches that are shared among multiple product families are listed multiple times, once for each product family.<\/p>\n<p><strong>Windows (34 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30080<\/td>\n<td width=\"469\">Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30062<\/td>\n<td width=\"469\">Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30063<\/td>\n<td width=\"469\">Windows Distributed File System (DFS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30064<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30065<\/td>\n<td width=\"469\">Windows Themes Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30066<\/td>\n<td width=\"469\">Winlogon Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30067<\/td>\n<td width=\"469\">WinLogon Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30068<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30069<\/td>\n<td width=\"469\">Windows Remote Access Connection Manager Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30070<\/td>\n<td width=\"469\">DHCP Server Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30072<\/td>\n<td width=\"469\">Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30074<\/td>\n<td width=\"469\">Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30075<\/td>\n<td width=\"469\">Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30076<\/td>\n<td width=\"469\">Windows Container Manager Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30077<\/td>\n<td width=\"469\">Windows OLE Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30078<\/td>\n<td width=\"469\">Windows WiFi Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30082<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30083<\/td>\n<td width=\"469\">Windows Standards-Based Storage Management Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30084<\/td>\n<td width=\"469\">Windows Kernel-Mode Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30085<\/td>\n<td width=\"469\">Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30086<\/td>\n<td width=\"469\">Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30087<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30088<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30089<\/td>\n<td width=\"469\">Microsoft Streaming Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30090<\/td>\n<td width=\"469\">Microsoft Streaming Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30091<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30093<\/td>\n<td width=\"469\">Windows Storage Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30094<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30095<\/td>\n<td width=\"469\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30096<\/td>\n<td width=\"469\">Windows Cryptographic Services Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30097<\/td>\n<td width=\"469\">Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30099<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35250<\/td>\n<td width=\"469\">Windows Kernel-Mode Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35265<\/td>\n<td width=\"469\">Windows Perception Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Azure (5 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35252<\/td>\n<td width=\"469\">Azure Storage Movement Client Library Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35253<\/td>\n<td width=\"469\">Microsoft Azure File Sync Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35254<\/td>\n<td width=\"469\">Azure Monitor Agent Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35255<\/td>\n<td width=\"469\">Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-37325<\/td>\n<td width=\"469\">Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>365 Apps for Enterprise (4 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30101<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30102<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30103<\/td>\n<td width=\"469\">Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30104<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Dynamics 365 (3 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35248<\/td>\n<td width=\"469\">Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35249<\/td>\n<td width=\"469\">Microsoft Dynamics Business Central Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-35263<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Office (3 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30101<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30103<\/td>\n<td width=\"469\">Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30104<\/td>\n<td width=\"469\">Microsoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Visual Studio (2 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-29060<\/td>\n<td width=\"469\">Visual Studio Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30052<\/td>\n<td width=\"469\">Visual Studio Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>SharePoint (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-30100<\/td>\n<td width=\"469\">Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Appendix D: Advisories and Other Products<\/strong><\/p>\n<p>This is a list of advisories and information on other relevant CVEs in the June Microsoft release, sorted by product.<\/p>\n<p><strong>Relevant to Edge \/ Chromium (7 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2024-5493<\/td>\n<td width=\"469\">Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-5494<\/td>\n<td width=\"469\">Chromium: CVE-2024-5494 Use after free in Dawn<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-5495<\/td>\n<td width=\"469\">Chromium: CVE-2024-5495 Use after free in Dawn<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-5496<\/td>\n<td width=\"469\">Chromium: CVE-2024-5496 Use after free in Media Session<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-5497<\/td>\n<td width=\"469\">Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-5498<\/td>\n<td width=\"469\">Chromium: CVE-2024-5498 Use after free in Presentation API<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2024-5499<\/td>\n<td width=\"469\">Chromium: CVE-2024-5499 Out of bounds write in Streams API<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Relevant to GitHub (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2024-29187<\/td>\n<td width=\"469\">GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Relevant to Visual Studio (non-Microsoft CVE issuer) (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2023-50868<\/td>\n<td width=\"469\">MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Relevant to Adobe (non-Microsoft release) (2 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"85\">APSB24-41<\/td>\n<td width=\"179\">CVE-2024-34112<\/td>\n<td width=\"340\">Improper Access Control (CWE-284)<\/td>\n<\/tr>\n<tr>\n<td width=\"85\">APSB24-41<\/td>\n<td width=\"179\">CVE-2024-34113<\/td>\n<td width=\"340\">Weak Cryptography for Passwords (CWE-261)<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2024\/06\/11\/june-patch-tuesday-squares-up-with-49-patches\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/06\/shutterstock_1983366083-e1718155218808.jpg\"\/><\/p>\n<p><strong>Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 01:21:01 +0000<\/strong><\/p>\n<p>Just one critical-severity issue addressed, but don\u2019t sleep on an industry-wide DNS issue<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[31529,31530,31531,129,19245,27030,16771,10525],"class_list":["post-24671","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-cve-2024-30080","tag-cve-2024-37325","tag-cve-2024-50868","tag-featured","tag-patch-tuesday","tag-sophos-x-ops","tag-threat-research","tag-windows"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24671","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24671"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24671\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}