Wtorkowa aktualizacja Microsoftu z lipca 2024 r. zawiera aktualizacje zabezpieczeń dotyczące 142 luk, w tym dwóch aktywnie wykorzystywanych i dwóch publicznie ujawnionych błędów typu zero-day.
Dwie aktywnie wykorzystywane luki typu zero-day w dzisiejszych aktualizacjach to:
CVE-2024-38080 — Luka w zabezpieczeniach funkcji Windows Hyper-V umożliwiająca podniesienie uprawnień
Firma Microsoft naprawiła aktywnie wykorzystywaną lukę w zabezpieczeniach funkcji Hyper-V umożliwiającą podniesienie uprawnień, która zapewnia atakującym uprawnienia SYSTEMOWE.
„Osoba atakująca, której uda się wykorzystać tę lukę, może uzyskać uprawnienia SYSTEMOWE” – wyjaśnia Microsoft.
Chociaż Microsoft twierdzi, iż luka jest aktywnie wykorzystywana, nie udostępnił żadnych dalszych szczegółów na temat luki, w tym tego, kto ją odkrył.
CVE-2024-38112 — Luka w zabezpieczeniach platformy Windows MSHTML związana z fałszowaniem
Firma Microsoft naprawiła aktywnie wykorzystywaną lukę w zabezpieczeniach Windows MSHTML polegającą na fałszowaniu.
„Pomyślne wykorzystanie tej luki wymaga od osoby atakującej podjęcia dodatkowych działań przed wykorzystaniem w celu przygotowania środowiska docelowego” – wyjaśnia Microsoft.
„Napastnik musiałby wysłać ofierze złośliwy plik, który ofiara musiałaby uruchomić” – kontynuował Microsoft.
Dwie publicznie ujawnione luki to:
CVE-2024-35264 — Luka w zabezpieczeniach .NET i Visual Studio umożliwiająca zdalne wykonanie kodu
Firma Microsoft naprawiła publicznie ujawnione .NET i Visual Studio RCE.
„Osoba atakująca może to wykorzystać, zamykając strumień http/3 podczas przetwarzania treści żądania, co prowadzi do sytuacji wyścigu. Może to skutkować zdalnym wykonaniem kodu” – wyjaśnia Microsoft.
CVE-2024-37985 — Arm: CVE-2024-37985 Systematyczna identyfikacja i charakterystyka zastrzeżonych modułów pobierania wstępnego
Firma Microsoft naprawiła ujawniony wcześniej atak z kanałem bocznym „FetchBench”, który można wykorzystać do kradzieży „tajnych informacji”.
„Osoba atakująca, której uda się wykorzystać tę lukę, może wyświetlić pamięć sterty z uprzywilejowanego procesu działającego na serwerze” – wyjaśnia Microsoft.
„Pomyślne wykorzystanie tej luki wymaga od osoby atakującej podjęcia dodatkowych działań przed wykorzystaniem w celu przygotowania środowiska docelowego” – kontynuował Microsoft.
Tag | CVE ID | CVE Title | Krytyczność |
.NET and Visual Studio | CVE-2024-30105 | .NET Core and Visual Studio Denial of Service Vulnerability | Ważna |
.NET and Visual Studio | CVE-2024-38081 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | Ważna |
.NET and Visual Studio | CVE-2024-35264 | .NET and Visual Studio Remote Code Execution Vulnerability | Ważna |
.NET and Visual Studio | CVE-2024-38095 | .NET and Visual Studio Denial of Service Vulnerability | Ważna |
Active Directory Rights Management Services | CVE-2024-39684 | Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability | Umiarkowana |
Active Directory Rights Management Services | CVE-2024-38517 | Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability | Umiarkowana |
Azure CycleCloud | CVE-2024-38092 | Azure CycleCloud Elevation of Privilege Vulnerability | Ważna |
Azure DevOps | CVE-2024-35266 | Azure DevOps Server Spoofing Vulnerability | Ważna |
Azure DevOps | CVE-2024-35267 | Azure DevOps Server Spoofing Vulnerability | Ważna |
Azure Kinect SDK | CVE-2024-38086 | Azure Kinect SDK Remote Code Execution Vulnerability | Ważna |
Azure Network Watcher | CVE-2024-35261 | Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | Ważna |
Intel | CVE-2024-37985 | Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers | Ważna |
Line Printer Daemon Service (LPD) | CVE-2024-38027 | Windows Line Printer Daemon Service Denial of Service Vulnerability | Ważna |
Microsoft Defender for IoT | CVE-2024-38089 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Ważna |
Microsoft Dynamics | CVE-2024-30061 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | Ważna |
Microsoft Graphics Component | CVE-2024-38079 | Windows Graphics Component Elevation of Privilege Vulnerability | Ważna |
Microsoft Graphics Component | CVE-2024-38051 | Windows Graphics Component Remote Code Execution Vulnerability | Ważna |
Microsoft Office | CVE-2024-38021 | Microsoft Office Remote Code Execution Vulnerability | Ważna |
Microsoft Office Outlook | CVE-2024-38020 | Microsoft Outlook Spoofing Vulnerability | Umiarkowana |
Microsoft Office SharePoint | CVE-2024-38024 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Ważna |
Microsoft Office SharePoint | CVE-2024-38023 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Krytyczna |
Microsoft Office SharePoint | CVE-2024-32987 | Microsoft SharePoint Server Information Disclosure Vulnerability | Ważna |
Microsoft Office SharePoint | CVE-2024-38094 | Microsoft SharePoint Remote Code Execution Vulnerability | Ważna |
Microsoft Streaming Service | CVE-2024-38057 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Ważna |
Microsoft Streaming Service | CVE-2024-38054 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Ważna |
Microsoft Streaming Service | CVE-2024-38052 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Ważna |
Microsoft Windows Codecs Library | CVE-2024-38055 | Microsoft Windows Codecs Library Information Disclosure Vulnerability | Ważna |
Microsoft Windows Codecs Library | CVE-2024-38056 | Microsoft Windows Codecs Library Information Disclosure Vulnerability | Ważna |
Microsoft WS-Discovery | CVE-2024-38091 | Microsoft WS-Discovery Denial of Service Vulnerability | Ważna |
NDIS | CVE-2024-38048 | Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability | Ważna |
NPS RADIUS Server | CVE-2024-3596 | CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability | Ważna |
Role: Active Directory Certificate Services; Active Directory Domain Services | CVE-2024-38061 | DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability | Ważna |
Role: Windows Hyper-V | CVE-2024-38080 | Windows Hyper-V Elevation of Privilege Vulnerability | Ważna |
SQL Server | CVE-2024-28928 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-38088 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-20701 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21317 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21331 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21308 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21333 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-35256 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21303 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21335 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-35271 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-35272 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21332 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-38087 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21425 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21449 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37324 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37330 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37326 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37329 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37328 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37327 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37334 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37321 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37320 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37319 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37322 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37333 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37336 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37323 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37331 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21398 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21373 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37318 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21428 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21415 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-37332 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
SQL Server | CVE-2024-21414 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Ważna |
Windows BitLocker | CVE-2024-38058 | BitLocker Security Feature Bypass Vulnerability | Ważna |
Windows COM Session | CVE-2024-38100 | Windows File Explorer Elevation of Privilege Vulnerability | Ważna |
Windows CoreMessaging | CVE-2024-21417 | Windows Text Services Framework Elevation of Privilege Vulnerability | Ważna |
Windows Cryptographic Services | CVE-2024-30098 | Windows Cryptographic Services Security Feature Bypass Vulnerability | Ważna |
Windows DHCP Server | CVE-2024-38044 | DHCP Server Service Remote Code Execution Vulnerability | Ważna |
Windows Distributed Transaction Coordinator | CVE-2024-38049 | Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | Ważna |
Windows Enroll Engine | CVE-2024-38069 | Windows Enroll Engine Security Feature Bypass Vulnerability | Ważna |
Windows Fax and Scan Service | CVE-2024-38104 | Windows Fax Service Remote Code Execution Vulnerability | Ważna |
Windows Filtering | CVE-2024-38034 | Windows Filtering Platform Elevation of Privilege Vulnerability | Ważna |
Windows Image Acquisition | CVE-2024-38022 | Windows Image Acquisition Elevation of Privilege Vulnerability | Ważna |
Windows Imaging Component | CVE-2024-38060 | Windows Imaging Component Remote Code Execution Vulnerability | Krytyczna |
Windows Internet Connection Sharing (ICS) | CVE-2024-38105 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Ważna |
Windows Internet Connection Sharing (ICS) | CVE-2024-38053 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | Ważna |
Windows Internet Connection Sharing (ICS) | CVE-2024-38102 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Ważna |
Windows Internet Connection Sharing (ICS) | CVE-2024-38101 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Ważna |
Windows iSCSI | CVE-2024-35270 | Windows iSCSI Service Denial of Service Vulnerability | Ważna |
Windows Kernel | CVE-2024-38041 | Windows Kernel Information Disclosure Vulnerability | Ważna |
Windows Kernel-Mode Drivers | CVE-2024-38062 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Ważna |
Windows LockDown Policy (WLDP) | CVE-2024-38070 | Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability | Ważna |
Windows Message Queuing | CVE-2024-38017 | Microsoft Message Queuing Information Disclosure Vulnerability | Ważna |
Windows MSHTML Platform | CVE-2024-38112 | Windows MSHTML Platform Spoofing Vulnerability | Ważna |
Windows MultiPoint Services | CVE-2024-30013 | Windows MultiPoint Services Remote Code Execution Vulnerability | Ważna |
Windows NTLM | CVE-2024-30081 | Windows NTLM Spoofing Vulnerability | Ważna |
Windows Online Certificate Status Protocol (OCSP) | CVE-2024-38068 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Ważna |
Windows Online Certificate Status Protocol (OCSP) | CVE-2024-38067 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Ważna |
Windows Online Certificate Status Protocol (OCSP) | CVE-2024-38031 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Ważna |
Windows Performance Monitor | CVE-2024-38028 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Ważna |
Windows Performance Monitor | CVE-2024-38019 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Ważna |
Windows Performance Monitor | CVE-2024-38025 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Ważna |
Windows PowerShell | CVE-2024-38043 | PowerShell Elevation of Privilege Vulnerability | Ważna |
Windows PowerShell | CVE-2024-38047 | PowerShell Elevation of Privilege Vulnerability | Ważna |
Windows PowerShell | CVE-2024-38033 | PowerShell Elevation of Privilege Vulnerability | Ważna |
Windows Remote Access Connection Manager | CVE-2024-30071 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | Ważna |
Windows Remote Access Connection Manager | CVE-2024-30079 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Ważna |
Windows Remote Desktop | CVE-2024-38076 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Krytyczna |
Windows Remote Desktop | CVE-2024-38015 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Ważna |
Windows Remote Desktop Licensing Service | CVE-2024-38071 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Ważna |
Windows Remote Desktop Licensing Service | CVE-2024-38073 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Ważna |
Windows Remote Desktop Licensing Service | CVE-2024-38074 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Krytyczna |
Windows Remote Desktop Licensing Service | CVE-2024-38072 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Ważna |
Windows Remote Desktop Licensing Service | CVE-2024-38077 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Krytyczna |
Windows Remote Desktop Licensing Service | CVE-2024-38099 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-38065 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37986 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37981 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37987 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-28899 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-26184 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-38011 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37984 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37988 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37977 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37978 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37974 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-38010 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37989 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37970 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37975 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37972 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37973 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37971 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Secure Boot | CVE-2024-37969 | Secure Boot Security Feature Bypass Vulnerability | Ważna |
Windows Server Backup | CVE-2024-38013 | Microsoft Windows Server Backup Elevation of Privilege Vulnerability | Ważna |
Windows TCP/IP | CVE-2024-38064 | Windows TCP/IP Information Disclosure Vulnerability | Ważna |
Windows Themes | CVE-2024-38030 | Windows Themes Spoofing Vulnerability | Ważna |
Windows Win32 Kernel Subsystem | CVE-2024-38085 | Windows Graphics Component Elevation of Privilege Vulnerability | Ważna |
Windows Win32K – GRFX | CVE-2024-38066 | Windows Win32k Elevation of Privilege Vulnerability | Ważna |
Windows Win32K – ICOMP | CVE-2024-38059 | Win32k Elevation of Privilege Vulnerability | Ważna |
Windows Workstation Service | CVE-2024-38050 | Windows Workstation Service Elevation of Privilege Vulnerability | Ważna |
XBox Crypto Graphic Services | CVE-2024-38032 | Microsoft Xbox Remote Code Execution Vulnerability | Ważna |
XBox Crypto Graphic Services | CVE-2024-38078 | Xbox Wireless Adapter Remote Code Execution Vulnerability | Ważna |