Microsoft August 2024 Patch Tuesday, (Tue, Aug 13th)

Microsoft August 2024 Patch Tuesday, (Tue, Aug 13th)
2024-8-14 03:44:36 Author: isc.sans.edu(查看原文) 阅读量:89 收藏

This month we got patches for 92 vulnerabilities. Of these, 9 are critical, and 9 are zero-days (3 previously disclosed, and 6 are already being exploited).

The CVEs CVE-2024-38189, CVE-2024-38178, CVE-2024-38193, CVE-2024-38106, CVE-2024-38213, and CVE-2024-38107 are related to the already exploited vulnerabilities and the CVEs CVE-2024-38202, CVE-2024-21302, and CVE-2024-38200 are related to previously disclosed ones.

Amongst exploited vulnerabilities, the highest CVSS (CVSS 8.8) is related to the Microsoft Project Remote Code Execution Vulnerability (CVE-2024-38189) rated as Important. According to the advisory, Exploitation requires the victim to open a malicious Microsoft Office Project file on a system where the Block macros from running in Office files from the Internet policy is disabled and VBA Macro Notification Settings are not enabled allowing the attacker to perform remote code execution.

Amongst critical vulnerabilities, one of the two 9.8 CVSS this month is associated to the Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability (CVE-2024-38140). According to the exploit, this vulnerability is exploitable only if there is a program listening on a Pragmatic General Multicast (PGM) port. If PGM is installed or enabled but no programs are actively listening as a receiver, then this vulnerability is not exploitable. An unauthenticated attacker could exploit the vulnerability by sending specially crafted packets to a Windows Pragmatic General Multicast (PGM) open socket on the server, without any interaction from the user.

The other CVSS 9.8 is associated with the Windows TCP/IP Remote Code Execution Vulnerability (CVE-2024-38063). Systems are not affected if IPv6 is disabled on the target machine. The advisory says that an unauthenticated attacker could repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38168	No	No	-	-	Important	7.5	6.5
.NET and Visual Studio Information Disclosure Vulnerability
CVE-2024-38167	No	No	-	-	Important	6.5	5.7
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-38098	No	No	-	-	Important	7.8	6.8
CVE-2024-38162	No	No	-	-	Important	7.8	6.8
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-38195	No	No	-	-	Important	7.8	6.8
Azure Health Bot Elevation of Privilege Vulnerability
CVE-2024-38109	No	No	-	-	Critical	9.1	7.9
Azure IoT SDK Remote Code Execution Vulnerability
CVE-2024-38157	No	No	-	-	Important	7.0	6.1
CVE-2024-38158	No	No	-	-	Important	7.0	6.1
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38201	No	No	-	-	Important	7.0	6.1
Azure Stack Hub Spoofing Vulnerability
CVE-2024-38108	No	No	-	-	Important	9.3	8.1
Chromium: CVE-2024-6990 Uninitialized Use in Dawn
CVE-2024-6990	No	No	-	-	-
Chromium: CVE-2024-7255 Out of bounds read in WebTransport
CVE-2024-7255	No	No	-	-	-
Chromium: CVE-2024-7256 Insufficient data validation in Dawn
CVE-2024-7256	No	No	-	-	-
Chromium: CVE-2024-7532 Out of bounds memory access in ANGLE
CVE-2024-7550	No	No	-	-	-
Chromium: CVE-2024-7533 Use after free in Sharing
CVE-2024-7532	No	No	-	-	-
Chromium: CVE-2024-7534 Heap buffer overflow in Layout
CVE-2024-7533	No	No	-	-	-
Chromium: CVE-2024-7535 Inappropriate implementation in V8
CVE-2024-7534	No	No	-	-	-
Chromium: CVE-2024-7536 Use after free in WebAudio
CVE-2024-7535	No	No	-	-	-
Chromium: CVE-2024-7550 Type Confusion in V8
CVE-2024-7536	No	No	-	-	-
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
CVE-2024-38131	No	No	-	-	Important	8.8	7.7
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38191	No	No	-	-	Important	7.8	6.8
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38125	No	No	-	-	Important	7.8	6.8
CVE-2024-38134	No	No	-	-	Important	7.8	6.8
CVE-2024-38144	No	No	-	-	Important	8.8	7.7
Microsoft Copilot Studio Information Disclosure Vulnerability
CVE-2024-38206	No	No	-	-	Critical	8.5	7.4
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-38147	No	No	-	-	Important	7.8	6.8
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-38211	No	No	-	-	Important	8.2	7.1
Microsoft Dynamics 365 Cross-site Scripting Vulnerability
CVE-2024-38166	No	No	-	-	Critical	8.2	7.1
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2024-38222	No	No	Less Likely	Less Likely
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2024-38219	No	No	Less Likely	Less Likely	Moderate	6.5	5.7
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
CVE-2024-38218	No	No	Less Likely	Less Likely	Important	8.4	7.3
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-38172	No	No	-	-	Important	7.8	6.8
CVE-2024-38170	No	No	-	-	Important	7.1	6.2
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
CVE-2024-38118	No	No	-	-	Important	5.5	4.8
CVE-2024-38122	No	No	-	-	Important	5.5	4.8
Microsoft Office Spoofing Vulnerability
CVE-2024-38200	Yes	No	Less Likely	Less Likely	Important	6.5	5.7
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-38169	No	No	-	-	Important	7.8	6.8
Microsoft OfficePlus Elevation of Privilege Vulnerability
CVE-2024-38084	No	No	-	-	Important	7.8	6.8
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-38173	No	No	-	-	Important	6.7	5.8
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2024-38171	No	No	-	-	Important	7.8	6.8
Microsoft Project Remote Code Execution Vulnerability
CVE-2024-38189	No	Yes	-	-	Important	8.8	8.2
Microsoft Teams for iOS Spoofing Vulnerability
CVE-2024-38197	No	No	-	-	Important	6.5	5.7
NTFS Elevation of Privilege Vulnerability
CVE-2024-38117	No	No	-	-	Important	7.8	6.8
Redhat: CVE-2022-2601 grub2 - Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
CVE-2022-2601	No	No	-	-	-	8.6	8.6
Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequences
CVE-2022-3775	No	No	-	-	Critical	7.1	7.1
Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass
CVE-2023-40547	No	No	-	-	Critical	8.3	8.3
Scripting Engine Memory Corruption Vulnerability
CVE-2024-38178	No	Yes	-	-	Important	7.5	7.0
Security Center Broker Information Disclosure Vulnerability
CVE-2024-38155	No	No	-	-	Important	5.5	4.8
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2024-38193	No	Yes	-	-	Important	7.8	7.2
CVE-2024-38141	No	No	-	-	Important	7.8	6.8
Windows App Installer Spoofing Vulnerability
CVE-2024-38177	No	No	-	-	Important	7.8	6.8
Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2024-38123	No	No	-	-	Important	4.4	3.9
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2024-38215	No	No	-	-	Important	7.8	6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-38196	No	No	-	-	Important	7.8	6.8
Windows Compressed Folder Tampering Vulnerability
CVE-2024-38165	No	No	-	-	Important	6.5	5.7
Windows DNS Spoofing Vulnerability
CVE-2024-37968	No	No	-	-	Important	7.5	6.7
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-38150	No	No	-	-	Important	7.8	6.8
Windows Deployment Services Remote Code Execution Vulnerability
CVE-2024-38138	No	No	-	-	Important	7.5	6.5
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2024-38127	No	No	-	-	Important	7.8	6.8
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-38114	No	No	-	-	Important	8.8	7.7
CVE-2024-38115	No	No	-	-	Important	8.8	7.7
CVE-2024-38116	No	No	-	-	Important	8.8	7.7
Windows Initial Machine Configuration Elevation of Privilege Vulnerability
CVE-2024-38223	No	No	-	-	Important	6.8	5.9
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-29995	No	No	-	-	Important	8.1	7.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-38106	No	Yes	-	-	Important	7.0	6.5
CVE-2024-38133	No	No	-	-	Important	7.8	6.8
CVE-2024-38153	No	No	-	-	Important	7.8	6.8
Windows Kernel Information Disclosure Vulnerability
CVE-2024-38151	No	No	-	-	Important	5.5	4.8
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-38184	No	No	-	-	Important	7.8	6.8
CVE-2024-38185	No	No	-	-	Important	7.8	6.8
CVE-2024-38186	No	No	-	-	Important	7.8	6.8
CVE-2024-38187	No	No	-	-	Important	7.8	6.8
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38145	No	No	-	-	Important	7.5	6.5
CVE-2024-38146	No	No	-	-	Important	7.5	6.5
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
CVE-2024-38199	Yes	No	-	-	Important	9.8	8.5
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38213	No	Yes	-	-	Moderate	6.5	6.0
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-38161	No	No	-	-	Important	6.8	5.9
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-38126	No	No	-	-	Important	7.5	6.5
CVE-2024-38132	No	No	-	-	Important	7.5	6.5
Windows Network Virtualization Remote Code Execution Vulnerability
CVE-2024-38159	No	No	-	-	Critical	9.1	7.9
CVE-2024-38160	No	No	-	-	Critical	9.1	7.9
Windows OLE Remote Code Execution Vulnerability
CVE-2024-38152	No	No	-	-	Important	7.8	6.8
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
CVE-2024-38107	No	Yes	-	-	Important	7.8	7.2
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-38198	No	No	-	-	Important	7.5	6.5
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
CVE-2024-38140	No	No	-	-	Critical	9.8	8.5
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-38135	No	No	-	-	Important	7.8	6.8
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2024-38136	No	No	-	-	Important	7.0	6.1
CVE-2024-38137	No	No	-	-	Important	7.0	6.1
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2024-38214	No	No	-	-	Important	6.5	5.7
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38121	No	No	-	-	Important	8.8	7.7
CVE-2024-38128	No	No	-	-	Important	8.8	7.7
CVE-2024-38130	No	No	-	-	Important	8.8	7.7
CVE-2024-38154	No	No	-	-	Important	8.8	7.7
CVE-2024-38120	No	No	-	-	Important	8.8	7.7
Windows Secure Channel Denial of Service Vulnerability
CVE-2024-38148	No	No	-	-	Important	7.5	6.5
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-21302	Yes	No	-	-	Important	6.7	6.1
CVE-2024-38142	No	No	-	-	Important	7.8	6.8
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2024-38180	No	No	-	-	Important	8.8	7.7
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38063	No	No	-	-	Critical	9.8	8.5
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-38163	No	No	-	-	Important	7.8	6.8
CVE-2024-38202	Yes	No	-	-	Important	7.3	6.9
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
CVE-2024-38143	No	No	-	-	Important	4.2	3.7

--
Renato Marinho
LinkedIn|Twitter

文章来源: https://isc.sans.edu/diary/rss/31164
如有侵权请联系:admin#unsafe.sh