Microsoft August 2024 Patch Tuesday, (Tue, Aug 13th)
2024-8-14 03:44:36 Author: isc.sans.edu(查看原文) 阅读量:103 收藏

This month we got patches for 92 vulnerabilities. Of these, 9 are critical, and 9 are zero-days (3 previously disclosed, and 6 are already being exploited).

The CVEs CVE-2024-38189, CVE-2024-38178, CVE-2024-38193, CVE-2024-38106, CVE-2024-38213, and CVE-2024-38107 are related to the already exploited vulnerabilities and the CVEs CVE-2024-38202, CVE-2024-21302, and CVE-2024-38200 are related to previously disclosed ones. 

Amongst exploited vulnerabilities, the highest CVSS (CVSS 8.8) is related to the Microsoft Project Remote Code Execution Vulnerability (CVE-2024-38189) rated as Important. According to the advisory, Exploitation requires the victim to open a malicious Microsoft Office Project file on a system where the Block macros from running in Office files from the Internet policy is disabled and VBA Macro Notification Settings are not enabled allowing the attacker to perform remote code execution.

Amongst critical vulnerabilities, one of the two 9.8 CVSS this month is associated to the Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability (CVE-2024-38140). According to the exploit, this vulnerability is exploitable only if there is a program listening on a Pragmatic General Multicast (PGM) port. If PGM is installed or enabled but no programs are actively listening as a receiver, then this vulnerability is not exploitable. An unauthenticated attacker could exploit the vulnerability by sending specially crafted packets to a Windows Pragmatic General Multicast (PGM) open socket on the server, without any interaction from the user.

The other CVSS 9.8 is associated with the Windows TCP/IP Remote Code Execution Vulnerability (CVE-2024-38063). Systems are not affected if IPv6 is disabled on the target machine. The advisory says that an unauthenticated attacker could repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution. 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38168 No No - - Important 7.5 6.5
.NET and Visual Studio Information Disclosure Vulnerability
CVE-2024-38167 No No - - Important 6.5 5.7
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-38098 No No - - Important 7.8 6.8
CVE-2024-38162 No No - - Important 7.8 6.8
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-38195 No No - - Important 7.8 6.8
Azure Health Bot Elevation of Privilege Vulnerability
CVE-2024-38109 No No - - Critical 9.1 7.9
Azure IoT SDK Remote Code Execution Vulnerability
CVE-2024-38157 No No - - Important 7.0 6.1
CVE-2024-38158 No No - - Important 7.0 6.1
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38201 No No - - Important 7.0 6.1
Azure Stack Hub Spoofing Vulnerability
CVE-2024-38108 No No - - Important 9.3 8.1
Chromium: CVE-2024-6990 Uninitialized Use in Dawn
CVE-2024-6990 No No - - -    
Chromium: CVE-2024-7255 Out of bounds read in WebTransport
CVE-2024-7255 No No - - -    
Chromium: CVE-2024-7256 Insufficient data validation in Dawn
CVE-2024-7256 No No - - -    
Chromium: CVE-2024-7532 Out of bounds memory access in ANGLE
CVE-2024-7550 No No - - -    
Chromium: CVE-2024-7533 Use after free in Sharing
CVE-2024-7532 No No - - -    
Chromium: CVE-2024-7534 Heap buffer overflow in Layout
CVE-2024-7533 No No - - -    
Chromium: CVE-2024-7535 Inappropriate implementation in V8
CVE-2024-7534 No No - - -    
Chromium: CVE-2024-7536 Use after free in WebAudio
CVE-2024-7535 No No - - -    
Chromium: CVE-2024-7550 Type Confusion in V8
CVE-2024-7536 No No - - -    
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
CVE-2024-38131 No No - - Important 8.8 7.7
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38191 No No - - Important 7.8 6.8
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38125 No No - - Important 7.8 6.8
CVE-2024-38134 No No - - Important 7.8 6.8
CVE-2024-38144 No No - - Important 8.8 7.7
Microsoft Copilot Studio Information Disclosure Vulnerability
CVE-2024-38206 No No - - Critical 8.5 7.4
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-38147 No No - - Important 7.8 6.8
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-38211 No No - - Important 8.2 7.1
Microsoft Dynamics 365 Cross-site Scripting Vulnerability
CVE-2024-38166 No No - - Critical 8.2 7.1
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2024-38222 No No Less Likely Less Likely      
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2024-38219 No No Less Likely Less Likely Moderate 6.5 5.7
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
CVE-2024-38218 No No Less Likely Less Likely Important 8.4 7.3
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-38172 No No - - Important 7.8 6.8
CVE-2024-38170 No No - - Important 7.1 6.2
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
CVE-2024-38118 No No - - Important 5.5 4.8
CVE-2024-38122 No No - - Important 5.5 4.8
Microsoft Office Spoofing Vulnerability
CVE-2024-38200 Yes No Less Likely Less Likely Important 6.5 5.7
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-38169 No No - - Important 7.8 6.8
Microsoft OfficePlus Elevation of Privilege Vulnerability
CVE-2024-38084 No No - - Important 7.8 6.8
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-38173 No No - - Important 6.7 5.8
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2024-38171 No No - - Important 7.8 6.8
Microsoft Project Remote Code Execution Vulnerability
CVE-2024-38189 No Yes - - Important 8.8 8.2
Microsoft Teams for iOS Spoofing Vulnerability
CVE-2024-38197 No No - - Important 6.5 5.7
NTFS Elevation of Privilege Vulnerability
CVE-2024-38117 No No - - Important 7.8 6.8
Redhat: CVE-2022-2601 grub2 - Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
CVE-2022-2601 No No - - - 8.6 8.6
Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequences
CVE-2022-3775 No No - - Critical 7.1 7.1
Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass
CVE-2023-40547 No No - - Critical 8.3 8.3
Scripting Engine Memory Corruption Vulnerability
CVE-2024-38178 No Yes - - Important 7.5 7.0
Security Center Broker Information Disclosure Vulnerability
CVE-2024-38155 No No - - Important 5.5 4.8
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2024-38193 No Yes - - Important 7.8 7.2
CVE-2024-38141 No No - - Important 7.8 6.8
Windows App Installer Spoofing Vulnerability
CVE-2024-38177 No No - - Important 7.8 6.8
Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2024-38123 No No - - Important 4.4 3.9
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2024-38215 No No - - Important 7.8 6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-38196 No No - - Important 7.8 6.8
Windows Compressed Folder Tampering Vulnerability
CVE-2024-38165 No No - - Important 6.5 5.7
Windows DNS Spoofing Vulnerability
CVE-2024-37968 No No - - Important 7.5 6.7
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-38150 No No - - Important 7.8 6.8
Windows Deployment Services Remote Code Execution Vulnerability
CVE-2024-38138 No No - - Important 7.5 6.5
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2024-38127 No No - - Important 7.8 6.8
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-38114 No No - - Important 8.8 7.7
CVE-2024-38115 No No - - Important 8.8 7.7
CVE-2024-38116 No No - - Important 8.8 7.7
Windows Initial Machine Configuration Elevation of Privilege Vulnerability
CVE-2024-38223 No No - - Important 6.8 5.9
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-29995 No No - - Important 8.1 7.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-38106 No Yes - - Important 7.0 6.5
CVE-2024-38133 No No - - Important 7.8 6.8
CVE-2024-38153 No No - - Important 7.8 6.8
Windows Kernel Information Disclosure Vulnerability
CVE-2024-38151 No No - - Important 5.5 4.8
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-38184 No No - - Important 7.8 6.8
CVE-2024-38185 No No - - Important 7.8 6.8
CVE-2024-38186 No No - - Important 7.8 6.8
CVE-2024-38187 No No - - Important 7.8 6.8
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38145 No No - - Important 7.5 6.5
CVE-2024-38146 No No - - Important 7.5 6.5
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
CVE-2024-38199 Yes No - - Important 9.8 8.5
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38213 No Yes - - Moderate 6.5 6.0
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-38161 No No - - Important 6.8 5.9
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-38126 No No - - Important 7.5 6.5
CVE-2024-38132 No No - - Important 7.5 6.5
Windows Network Virtualization Remote Code Execution Vulnerability
CVE-2024-38159 No No - - Critical 9.1 7.9
CVE-2024-38160 No No - - Critical 9.1 7.9
Windows OLE Remote Code Execution Vulnerability
CVE-2024-38152 No No - - Important 7.8 6.8
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
CVE-2024-38107 No Yes - - Important 7.8 7.2
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-38198 No No - - Important 7.5 6.5
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
CVE-2024-38140 No No - - Critical 9.8 8.5
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-38135 No No - - Important 7.8 6.8
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2024-38136 No No - - Important 7.0 6.1
CVE-2024-38137 No No - - Important 7.0 6.1
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2024-38214 No No - - Important 6.5 5.7
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38121 No No - - Important 8.8 7.7
CVE-2024-38128 No No - - Important 8.8 7.7
CVE-2024-38130 No No - - Important 8.8 7.7
CVE-2024-38154 No No - - Important 8.8 7.7
CVE-2024-38120 No No - - Important 8.8 7.7
Windows Secure Channel Denial of Service Vulnerability
CVE-2024-38148 No No - - Important 7.5 6.5
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-21302 Yes No - - Important 6.7 6.1
CVE-2024-38142 No No - - Important 7.8 6.8
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2024-38180 No No - - Important 8.8 7.7
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38063 No No - - Critical 9.8 8.5
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-38163 No No - - Important 7.8 6.8
CVE-2024-38202 Yes No - - Important 7.3 6.9
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
CVE-2024-38143 No No - - Important 4.2 3.7

--
Renato Marinho
LinkedIn|Twitter


文章来源: https://isc.sans.edu/diary/rss/31164
如有侵权请联系:admin#unsafe.sh