Sierpniowy Wtorek Microsoftu 2024. (P24-268)

cert.pse-online.pl 4 miesięcy temu

13 sierpnia 2024 r. firma Microsoft opublikowała ostrzeżenia dotyczące bezpieczeństwa, aby rozwiązać problemy z lukami w zabezpieczeniach wielu produktów. Obejmowały one aktualizacje dla następujących produktów:

  • Azure Connected Machine Agent
  • Azure Health Bot
  • Azure Stack Hub
  • Azure CycleCloud – wiele wersji i platform
  • Microsoft 365 Apps for Enterprise – wiele platform
  • Microsoft Copilot Studio
  • Microsoft Dynamics 365 (lokalnie) – wersja 9.1
  • Microsoft Office – wiele wersji i platform
  • Microsoft Outlook 2016
  • Microsoft Project 2016 – wiele platform
  • Microsoft Teams
  • Microsoft Visual Studio – wiele wersji i platform
  • .NET – wersja 8.0
  • Klient pulpitu zdalnego dla komputerów stacjonarnych z systemem Windows
  • Windows 10 – wiele wersji i platform
  • Windows 11 – wiele wersji i platform
  • Windows Server – wiele wersji i platform
NazwaCVEKrytycznośćWektor CVSS
Windows Secure Kernel ModeCVE-2024-213026.7AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C
Windows KerberosCVE-2024-299958.1AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Windows DNSCVE-2024-379687.5AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Windows TCP/IPCVE-2024-380639.8AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft OfficeCVE-2024-380847.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Azure Connected Machine AgentCVE-2024-380987.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows KernelCVE-2024-381067.0AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Windows Power Dependency CoordinatorCVE-2024-381077.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Azure StackCVE-2024-381089.3AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
Azure Health BotCVE-2024-381099.1AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
Windows IP Routing Management SnapinCVE-2024-381148.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows IP Routing Management SnapinCVE-2024-381158.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows IP Routing Management SnapinCVE-2024-381168.8AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows NTFSCVE-2024-381177.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Local Security Authority Server (lsasrv)CVE-2024-381185.5AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows Routing and Remote Access Service (RRAS)CVE-2024-381208.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Routing and Remote Access Service (RRAS)CVE-2024-381218.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Local Security Authority Server (lsasrv)CVE-2024-381225.5AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Microsoft Bluetooth DriverCVE-2024-381234.4AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Microsoft Streaming ServiceCVE-2024-381257.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Network Address Translation (NAT)CVE-2024-381267.5AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows KernelCVE-2024-381277.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Routing and Remote Access Service (RRAS)CVE-2024-381288.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Routing and Remote Access Service (RRAS)CVE-2024-381308.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Clipboard Virtual Channel ExtensionCVE-2024-381318.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Network Address Translation (NAT)CVE-2024-381327.5AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows KernelCVE-2024-381337.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Streaming ServiceCVE-2024-381347.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows NT OS KernelCVE-2024-381357.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Resource ManagerCVE-2024-381367.0AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Resource ManagerCVE-2024-381377.0AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Deployment ServicesCVE-2024-381387.5AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Reliable Multicast Transport Driver (RMCAST)CVE-2024-381409.8AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Ancillary Function Driver for WinSockCVE-2024-381417.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Secure Kernel ModeCVE-2024-381427.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows WLAN Auto Config ServiceCVE-2024-381434.2AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Microsoft Streaming ServiceCVE-2024-381448.8AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Layer-2 Bridge Network DriverCVE-2024-381457.5AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows Layer-2 Bridge Network DriverCVE-2024-381467.5AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows DWM Core LibraryCVE-2024-381477.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Transport Security Layer (TLS)CVE-2024-381487.5AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Windows DWM Core LibraryCVE-2024-381507.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows KernelCVE-2024-381515.5AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Microsoft WDAC OLE DB provider for SQLCVE-2024-381527.8AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows KernelCVE-2024-381537.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Routing and Remote Access Service (RRAS)CVE-2024-381548.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Security CenterCVE-2024-381555.5AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Azure IoT SDKCVE-2024-381577.0AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Azure IoT SDKCVE-2024-381587.0AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Network VirtualizationCVE-2024-381599.1AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Network VirtualizationCVE-2024-381609.1AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Mobile BroadbandCVE-2024-381616.8AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Azure Connected Machine AgentCVE-2024-381627.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Update StackCVE-2024-381637.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Compressed FolderCVE-2024-381656.5AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
Microsoft DynamicsCVE-2024-381668.2AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
.NET and Visual StudioCVE-2024-381676.5AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
.NET and Visual StudioCVE-2024-381687.5AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Microsoft Office VisioCVE-2024-381697.8AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Office ExcelCVE-2024-381707.1AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Microsoft Office PowerPointCVE-2024-381717.8AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Office ExcelCVE-2024-381727.8AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Office OutlookCVE-2024-381736.7AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows App InstallerCVE-2024-381777.8AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows ScriptingCVE-2024-381787.5AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Windows SmartScreenCVE-2024-381808.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Kernel-Mode DriversCVE-2024-381847.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Kernel-Mode DriversCVE-2024-381857.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Kernel-Mode DriversCVE-2024-381867.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Kernel-Mode DriversCVE-2024-381877.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Office ProjectCVE-2024-381898.8AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Windows Kernel-Mode DriversCVE-2024-381917.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Ancillary Function Driver for WinSockCVE-2024-381937.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Azure CycleCloudCVE-2024-381957.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Common Log File System DriverCVE-2024-381967.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft TeamsCVE-2024-381976.5AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
Windows Print Spooler ComponentsCVE-2024-381987.5AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Line Printer Daemon Service (LPD)CVE-2024-381999.8AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft OfficeCVE-2024-382006.5AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Azure StackCVE-2024-382017.0AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Windows Update StackCVE-2024-382027.3AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
Microsoft Copilot StudioCVE-2024-382068.5AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
Microsoft DynamicsCVE-2024-382118.2AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
Windows Mark of the Web (MOTW)CVE-2024-382136.5AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:F/RL:O/RC:C
Windows Routing and Remote Access Service (RRAS)CVE-2024-382146.5AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Windows Cloud Files Mini Filter DriverCVE-2024-382157.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Edge (Chromium-based)CVE-2024-382188.4AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft Edge (Chromium-based)CVE-2024-382196.5AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
Windows Initial Machine ConfigurationCVE-2024-382236.8AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Idź do oryginalnego materiału