As of late is Microsoft’s August 2024 Patch Tuesday, which incorporates safety updates for 89 flaws, together with six actively exploited and 3 publicly disclosed zero-days. Microsoft continues to be running on an replace for a 10th publicly disclosed zero-day.
This Patch Tuesday fastened 8 crucial vulnerabilities, which have been a mix of elevation of privileges, faraway code execution, and data disclosure.
The choice of insects in every vulnerability class is indexed underneath:
36 Elevation of Privilege Vulnerabilities
4 Safety Function Bypass Vulnerabilities
28 Far off Code Execution Vulnerabilities
8 Knowledge Disclosure Vulnerabilities
6 Denial of Provider Vulnerabilities
7 Spoofing Vulnerabilities
The choice of insects indexed above don’t come with Microsoft Edge flaws that have been disclosed previous this month.
To be told extra concerning the non-security updates launched as of late, you’ll evaluation our devoted articles at the new Home windows 11 KB5041585 replace and Home windows 10 KB5041580 replace.
Have a tendency zero-days disclosed
This month’s Patch Tuesday fixes six actively exploited and 3 different publicly disclosed zero-day vulnerabilities. Some other publicly disclosed zero-day stays unfixed right now, however Microsoft is operating on an replace.
Microsoft classifies a zero-day flaw as one this is publicly disclosed or actively exploited whilst no legit repair is to be had.
The six actively exploited zero-day vulnerabilities in as of late’s updates are:
CVE-2024-38178 – Scripting Engine Reminiscence Corruption Vulnerability
Microsoft says that the assault calls for an authenticated consumer to click on a hyperlink to ensure that an unauthenticated attacker to start up faraway code execution.
The hyperlink will have to be clicked in Microsoft Edge in Web Explorer mode, making it a tough flaw to take advantage of.
On the other hand, even with those pre-requisites, the South Korean Nationwide Cyber Safety Heart(NCSC) and AhnLab disclosed the flaw as being exploited in assaults.
CVE-2024-38193 – Home windows Ancillary Serve as Motive force for WinSock Elevation of Privilege Vulnerability
This vulnerability lets in assaults to achieve SYSTEM privileges on Home windows programs.
The flaw was once came upon by way of Luigino Camastra and Milánek with Gen Virtual however Microsoft didn’t proportion any main points on the way it was once disclosed.
CVE-2024-38213 – Home windows Mark of the Internet Safety Function Bypass Vulnerability
This vulnerability lets in attackers to create information that bypass Home windows Mark of the Internet safety indicators.
This safety function has been topic to a lot of bypasses over the yr as it’s a phenomenal goal for danger actors who habits phishing campaigns.
Microsoft says the flaw was once came upon by way of Peter Girnus of Development Micro’s 0 Day Initiative however didn’t proportion how it’s exploited in assaults.
CVE-2024-38106 – Home windows Kernel Elevation of Privilege Vulnerability
Microsoft fastened a Home windows Kernel elevation of privileges flaw that provides SYSTEM privileges.
“A success exploitation of this vulnerability calls for an attacker to win a race situation,” explains Microsoft’s advisory.
“An attacker who effectively exploited this vulnerability may just acquire SYSTEM privileges,” persevered Microsoft.
Microsoft has now not shared who disclosed the flaw and the way it was once exploited.
CVE-2024-38107 – Home windows Energy Dependency Coordinator Elevation of Privilege Vulnerability
Microsoft fastened a flaw that provides attackers SYSTEM privileges at the Home windows instrument.
Microsoft has now not shared who disclosed the flaw and the way it was once exploited.
CVE-2024-38189 – Microsoft Venture Far off Code Execution Vulnerability
Microsoft fastened a Microsoft Venture faraway code execution vulnerability that calls for security measures to be disabled for exploitation.
“Exploitation calls for the sufferer to open a malicious Microsoft Place of work Venture document on a device the place the Block macros from working in Place of work information from the Web coverage is disabled and VBA Macro Notification Settings don’t seem to be enabled permitting the attacker to accomplish faraway code execution,” give an explanation for the advisory.
Microsoft says that the attackers would want to trick a person into opening the malicious document, comparable to via phishing assaults or by way of luring customers to web pages internet hosting the document.
Microsoft has now not disclosed who came upon the vulnerability or the way it was once exploited in assaults.
The 4 publicly disclosed vulnerabilities are:
CVE-2024-38199 – Home windows Line Printer Daemon (LPD) Provider Far off Code Execution Vulnerability
Microsoft has fastened a faraway code execution vulnerability within the Home windows Line Printer Daemon.
“An unauthenticated attacker may just ship a specifically crafted print job to a shared susceptible Home windows Line Printer Daemon (LPD) carrier throughout a community. A success exploitation may just lead to faraway code execution at the server,” explains Microsoft’s advisory.
This vulnerability is indexed as publicly disclosed however the one that disclosed it needed to stay Nameless.
CVE-2024-21302 – Home windows Protected Kernel Mode Elevation of Privilege Vulnerability
This flaw was once disclosed by way of SafeBreach safety researcher Alon Leviev as a part of a Home windows Downdate downgrade assault communicate at Black Hat 2024.
The Home windows Downdate assault unpatches totally up to date Home windows 10, Home windows 11, and Home windows Server programs to reintroduce previous vulnerabilities the use of specifically crafted updates.
This flaw allowed the attackers to achieve increased privileges to put in the malicious updates.
CVE-2024-38200 – Microsoft Place of work Spoofing Vulnerability
Microsoft fastened a Microsoft Place of work vulnerability that exposes NTLM hashes as disclosed within the “NTLM – The remaining experience” Defcon communicate.
Attackers may just exploit the flaw by way of tricking anyone into opening a malicious document, which might then pressure Place of work to make an outbound hook up with a faraway proportion the place attackers may just thieve despatched NTLM hashes.
The flaw was once came upon by way of Jim Rush with PrivSec and was once already fastened by way of Microsoft Place of work Function Flighting on 7/30/2024.
CVE-2024-38202 – Home windows Replace Stack Elevation of Privilege Vulnerability
This flaw was once additionally a part of the Home windows Downdate downgrade assault communicate at Black Hat 2024.
Microsoft is creating a safety replace to mitigate this danger, however it isn’t but to be had.
Fresh updates from different firms
Different distributors who launched updates or advisories in August 2024 come with:
0.0.0.0 Day flaw lets in malicious web pages to avoid browser security measures and get right of entry to products and services on an area community.
Android August safety updates fixes actively exploited RCE.
CISA warned of Cisco Good Set up (SMI) function being abused in assaults.
Cisco warns of crucial RCE flaws in end-of-life Small Trade SPA 300 and SPA 500 sequence IP telephones.
New GhostWrite flaw GhostWrite vulnerability we could unprivileged attackers learn and write to the pc’s reminiscence on T-Head XuanTie C910 and C920 RISC-V CPUs and keep an eye on peripheral units.
Ivanti releases safety replace for crucial vTM auth bypass with public exploit.
Microsoft warned about new Place of work flaw tracked as CVE-2024-38200 that leaks NTLM hashes.
New SinkClose flaw we could attackers acquire Ring -2 privileges on AMD CPUs.
New Linux SLUBStick flaw converts a restricted heap vulnerability into an arbitrary reminiscence read-and-write capacity.
New Home windows DownDate flaw we could attackers downgrade the working device to reintroduce vulnerabilities.
The August 2024 Patch Tuesday Safety Updates
Under is your entire record of resolved vulnerabilities within the August 2024 Patch Tuesday updates.
To get right of entry to the entire description of every vulnerability and the programs it impacts, you’ll view the complete record right here.
Tag
CVE ID
CVE Identify
Severity
.NET and Visible Studio
CVE-2024-38168
.NET and Visible Studio Denial of Provider Vulnerability
Essential
.NET and Visible Studio
CVE-2024-38167
.NET and Visible Studio Knowledge Disclosure Vulnerability
Essential
Azure Hooked up System Agent
CVE-2024-38162
Azure Hooked up System Agent Elevation of Privilege Vulnerability
Essential
Azure Hooked up System Agent
CVE-2024-38098
Azure Hooked up System Agent Elevation of Privilege Vulnerability
Essential
Azure CycleCloud
CVE-2024-38195
Azure CycleCloud Far off Code Execution Vulnerability
Essential
Azure Well being Bot
CVE-2024-38109
Azure Well being Bot Elevation of Privilege Vulnerability
Important
Azure IoT SDK
CVE-2024-38158
Azure IoT SDK Far off Code Execution Vulnerability
Essential
Azure IoT SDK
CVE-2024-38157
Azure IoT SDK Far off Code Execution Vulnerability
Essential
Azure Stack
CVE-2024-38108
Azure Stack Hub Spoofing Vulnerability
Essential
Azure Stack
CVE-2024-38201
Azure Stack Hub Elevation of Privilege Vulnerability
Essential
Line Printer Daemon Provider (LPD)
CVE-2024-38199
Home windows Line Printer Daemon (LPD) Provider Far off Code Execution Vulnerability
Essential
Microsoft Bluetooth Motive force
CVE-2024-38123
Home windows Bluetooth Motive force Knowledge Disclosure Vulnerability
Essential
Microsoft Copilot Studio
CVE-2024-38206
Microsoft Copilot Studio Knowledge Disclosure Vulnerability
Important
Microsoft Dynamics
CVE-2024-38166
Microsoft Dynamics 365 Move-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2024-38211
Microsoft Dynamics 365 (on-premises) Move-site Scripting Vulnerability
Essential
Microsoft Edge (Chromium-based)
CVE-2024-7256
Chromium: CVE-2024-7256 Inadequate information validation in First light
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7536
Chromium: CVE-2024-7550 Sort Confusion in V8
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-6990
Chromium: CVE-2024-6990 Uninitialized Use in First light
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7255
Chromium: CVE-2024-7255 Out of bounds learn in WebTransport
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7534
Chromium: CVE-2024-7535 Irrelevant implementation in V8
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7532
Chromium: CVE-2024-7533 Use after unfastened in Sharing
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7550
Chromium: CVE-2024-7532 Out of bounds reminiscence get right of entry to in ANGLE
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7535
Chromium: CVE-2024-7536 Use after unfastened in WebAudio
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7533
Chromium: CVE-2024-7534 Heap buffer overflow in Structure
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-38218
Microsoft Edge (HTML-based) Reminiscence Corruption Vulnerability
Essential
Microsoft Edge (Chromium-based)
CVE-2024-38219
Microsoft Edge (Chromium-based) Far off Code Execution Vulnerability
Reasonable
Microsoft Edge (Chromium-based)
CVE-2024-38222
Microsoft Edge (Chromium-based) Knowledge Disclosure Vulnerability
Unknown
Microsoft Native Safety Authority Server (lsasrv)
CVE-2024-38118
Microsoft Native Safety Authority (LSA) Server Knowledge Disclosure Vulnerability
Essential
Microsoft Native Safety Authority Server (lsasrv)
CVE-2024-38122
Microsoft Native Safety Authority (LSA) Server Knowledge Disclosure Vulnerability
Essential
Microsoft Place of work
CVE-2024-38200
Microsoft Place of work Spoofing Vulnerability
Essential
Microsoft Place of work
CVE-2024-38084
Microsoft OfficePlus Elevation of Privilege Vulnerability
Essential
Microsoft Place of work Excel
CVE-2024-38172
Microsoft Excel Far off Code Execution Vulnerability
Essential
Microsoft Place of work Excel
CVE-2024-38170
Microsoft Excel Far off Code Execution Vulnerability
Essential
Microsoft Place of work Outlook
CVE-2024-38173
Microsoft Outlook Far off Code Execution Vulnerability
Essential
Microsoft Place of work PowerPoint
CVE-2024-38171
Microsoft PowerPoint Far off Code Execution Vulnerability
Essential
Microsoft Place of work Venture
CVE-2024-38189
Microsoft Venture Far off Code Execution Vulnerability
Essential
Microsoft Place of work Visio
CVE-2024-38169
Microsoft Place of work Visio Far off Code Execution Vulnerability
Essential
Microsoft Streaming Provider
CVE-2024-38134
Kernel Streaming WOW Thunk Provider Motive force Elevation of Privilege Vulnerability
Essential
Microsoft Streaming Provider
CVE-2024-38144
Kernel Streaming WOW Thunk Provider Motive force Elevation of Privilege Vulnerability
Essential
Microsoft Streaming Provider
CVE-2024-38125
Kernel Streaming WOW Thunk Provider Motive force Elevation of Privilege Vulnerability
Essential
Microsoft Groups
CVE-2024-38197
Microsoft Groups for iOS Spoofing Vulnerability
Essential
Microsoft WDAC OLE DB supplier for SQL
CVE-2024-38152
Home windows OLE Far off Code Execution Vulnerability
Essential
Microsoft Home windows DNS
CVE-2024-37968
Home windows DNS Spoofing Vulnerability
Essential
Dependable Multicast Shipping Motive force (RMCAST)
CVE-2024-38140
Home windows Dependable Multicast Shipping Motive force (RMCAST) Far off Code Execution Vulnerability
Important
Home windows Ancillary Serve as Motive force for WinSock
CVE-2024-38141
Home windows Ancillary Serve as Motive force for WinSock Elevation of Privilege Vulnerability
Essential
Home windows Ancillary Serve as Motive force for WinSock
CVE-2024-38193
Home windows Ancillary Serve as Motive force for WinSock Elevation of Privilege Vulnerability
Essential
Home windows App Installer
CVE-2024-38177
Home windows App Installer Spoofing Vulnerability
Essential
Home windows Clipboard Digital Channel Extension
CVE-2024-38131
Clipboard Digital Channel Extension Far off Code Execution Vulnerability
Essential
Home windows Cloud Information Mini Filter out Motive force
CVE-2024-38215
Home windows Cloud Information Mini Filter out Motive force Elevation of Privilege Vulnerability
Essential
Home windows Not unusual Log Document Device Motive force
CVE-2024-38196
Home windows Not unusual Log Document Device Motive force Elevation of Privilege Vulnerability
Essential
Home windows Compressed Folder
CVE-2024-38165
Home windows Compressed Folder Tampering Vulnerability
Essential
Home windows Deployment Services and products
CVE-2024-38138
Home windows Deployment Services and products Far off Code Execution Vulnerability
Essential
Home windows DWM Core Library
CVE-2024-38150
Home windows DWM Core Library Elevation of Privilege Vulnerability
Essential
Home windows DWM Core Library
CVE-2024-38147
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Essential
Home windows Preliminary System Configuration
CVE-2024-38223
Home windows Preliminary System Configuration Elevation of Privilege Vulnerability
Essential
Home windows IP Routing Control Snapin
CVE-2024-38114
Home windows IP Routing Control Snapin Far off Code Execution Vulnerability
Essential
Home windows IP Routing Control Snapin
CVE-2024-38116
Home windows IP Routing Control Snapin Far off Code Execution Vulnerability
Essential
Home windows IP Routing Control Snapin
CVE-2024-38115
Home windows IP Routing Control Snapin Far off Code Execution Vulnerability
Essential
Home windows Kerberos
CVE-2024-29995
Home windows Kerberos Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-38151
Home windows Kernel Knowledge Disclosure Vulnerability
Essential
Home windows Kernel
CVE-2024-38133
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-38127
Home windows Hyper-V Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-38153
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-38106
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel-Mode Drivers
CVE-2024-38187
Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability
Essential
Home windows Kernel-Mode Drivers
CVE-2024-38191
Kernel Streaming Provider Motive force Elevation of Privilege Vulnerability
Essential
Home windows Kernel-Mode Drivers
CVE-2024-38184
Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability
Essential
Home windows Kernel-Mode Drivers
CVE-2024-38186
Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability
Essential
Home windows Kernel-Mode Drivers
CVE-2024-38185
Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability
Essential
Home windows Layer-2 Bridge Community Motive force
CVE-2024-38146
Home windows Layer-2 Bridge Community Motive force Denial of Provider Vulnerability
Essential
Home windows Layer-2 Bridge Community Motive force
CVE-2024-38145
Home windows Layer-2 Bridge Community Motive force Denial of Provider Vulnerability
Essential
Home windows Mark of the Internet (MOTW)
CVE-2024-38213
Home windows Mark of the Internet Safety Function Bypass Vulnerability
Reasonable
Home windows Cell Broadband
CVE-2024-38161
Home windows Cell Broadband Motive force Far off Code Execution Vulnerability
Essential
Home windows Community Cope with Translation (NAT)
CVE-2024-38132
Home windows Community Cope with Translation (NAT) Denial of Provider Vulnerability
Essential
Home windows Community Cope with Translation (NAT)
CVE-2024-38126
Home windows Community Cope with Translation (NAT) Denial of Provider Vulnerability
Essential
Home windows Community Virtualization
CVE-2024-38160
Home windows Community Virtualization Far off Code Execution Vulnerability
Important
Home windows Community Virtualization
CVE-2024-38159
Home windows Community Virtualization Far off Code Execution Vulnerability
Important
Home windows NT OS Kernel
CVE-2024-38135
Home windows Resilient Document Device (ReFS) Elevation of Privilege Vulnerability
Essential
Home windows NTFS
CVE-2024-38117
NTFS Elevation of Privilege Vulnerability
Essential
Home windows Energy Dependency Coordinator
CVE-2024-38107
Home windows Energy Dependency Coordinator Elevation of Privilege Vulnerability
Essential
Home windows Print Spooler Parts
CVE-2024-38198
Home windows Print Spooler Elevation of Privilege Vulnerability
Essential
Home windows Useful resource Supervisor
CVE-2024-38137
Home windows Useful resource Supervisor PSM Provider Extension Elevation of Privilege Vulnerability
Essential
Home windows Useful resource Supervisor
CVE-2024-38136
Home windows Useful resource Supervisor PSM Provider Extension Elevation of Privilege Vulnerability
Essential
Home windows Routing and Far off Get entry to Provider (RRAS)
CVE-2024-38130
Home windows Routing and Far off Get entry to Provider (RRAS) Far off Code Execution Vulnerability
Essential
Home windows Routing and Far off Get entry to Provider (RRAS)
CVE-2024-38128
Home windows Routing and Far off Get entry to Provider (RRAS) Far off Code Execution Vulnerability
Essential
Home windows Routing and Far off Get entry to Provider (RRAS)
CVE-2024-38154
Home windows Routing and Far off Get entry to Provider (RRAS) Far off Code Execution Vulnerability
Essential
Home windows Routing and Far off Get entry to Provider (RRAS)
CVE-2024-38121
Home windows Routing and Far off Get entry to Provider (RRAS) Far off Code Execution Vulnerability
Essential
Home windows Routing and Far off Get entry to Provider (RRAS)
CVE-2024-38214
Home windows Routing and Far off Get entry to Provider (RRAS) Knowledge Disclosure Vulnerability
Essential
Home windows Routing and Far off Get entry to Provider (RRAS)
CVE-2024-38120
Home windows Routing and Far off Get entry to Provider (RRAS) Far off Code Execution Vulnerability
Essential
Home windows Scripting
CVE-2024-38178
Scripting Engine Reminiscence Corruption Vulnerability
Essential
Home windows Protected Boot
CVE-2022-3775
Redhat: CVE-2022-3775 grub2 – Heap founded out-of-bounds write when rendering sure Unicode sequences
Important
Home windows Protected Boot
CVE-2023-40547
Redhat: CVE-2023-40547 Shim – RCE in HTTP boot give a boost to might result in protected boot bypass
Important
Home windows Protected Boot
CVE-2022-2601
Redhat: CVE-2022-2601 grub2 – Buffer overflow in grub_font_construct_glyph() may end up in out-of-bound write and conceivable protected boot bypass
Essential
Home windows Protected Kernel Mode
CVE-2024-21302
Home windows Protected Kernel Mode Elevation of Privilege Vulnerability
Essential
Home windows Protected Kernel Mode
CVE-2024-38142
Home windows Protected Kernel Mode Elevation of Privilege Vulnerability
Essential
Home windows Safety Heart
CVE-2024-38155
Safety Heart Dealer Knowledge Disclosure Vulnerability
Essential
Home windows SmartScreen
CVE-2024-38180
Home windows SmartScreen Safety Function Bypass Vulnerability
Essential
Home windows TCP/IP
CVE-2024-38063
Home windows TCP/IP Far off Code Execution Vulnerability
Important
Home windows Shipping Safety Layer (TLS)
CVE-2024-38148
Home windows Protected Channel Denial of Provider Vulnerability
Essential
Home windows Replace Stack
CVE-2024-38202
Home windows Replace Stack Elevation of Privilege Vulnerability
Essential
Home windows Replace Stack
CVE-2024-38163
Home windows Replace Stack Elevation of Privilege Vulnerability
Essential
Home windows WLAN Auto Config Provider
CVE-2024-38143
Home windows WLAN AutoConfig Provider Elevation of Privilege Vulnerability
Essential