15.1 C
New York
Monday, March 10, 2025
type here...
Tech News

Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs

By LatestFreeNews
0

Must read

LatestFreeNews
LatestFreeNewshttp://latestfreenews.com

Nowadays is Microsoft’s June 2024 Patch Tuesday, which contains safety updates for 51 flaws, eighteen faraway code execution flaws, and one publicly disclosed zero-day vulnerability.

This Patch Tuesday fastened 18 RCE flaws however just one crucial vulnerability, a faraway code execution vulnerability in Microsoft Message Queuing (MSMQ).

The choice of insects in every vulnerability class is indexed beneath:

  • 25 Elevation of Privilege Vulnerabilities
  • 18 Far flung Code Execution Vulnerabilities
  • 3 Knowledge Disclosure Vulnerabilities
  • 5 Denial of Carrier Vulnerabilities

The entire rely of 51 flaws does no longer come with 7 Microsoft Edge flaws fastened on June third.

- Advertisement -

To be told extra concerning the non-security updates launched as of late, you’ll evaluation our devoted articles at the new Home windows 11 KB5039212 replace and the Home windows 10 KB5039211 replace.

One publicly disclosed zero-day

This month’s Patch Tuesday fixes one publicly disclosed zero-day, and not using a actively exploited flaw fastened as of late.

Microsoft classifies a zero-day as a flaw publicly disclosed or actively exploited and not using a reputable repair to be had.

The publicly disclosed zero-day vulnerability is the up to now disclosed ‘Keytrap’ assault within the DNS protocol that Microsoft has now fastened as a part of as of late’s updates.

CVE-2023-50868 – MITRE: CVE-2023-50868 NSEC3 closest encloser evidence can exhaust CPU

“CVE-2023-50868 is relating to a vulnerability in DNSSEC validation the place an attacker may just exploit same old DNSSEC protocols supposed for DNS integrity through the use of over the top sources on a resolver, inflicting a denial of carrier for official customers. MITRE created this CVE on their behalf,” reads the Microsoft advisory.

This flaw used to be up to now disclosed in February and patched in a lot of DNS implementations, together with BIND, PowerDNS, Unbound, Knot Resolver, and Dnsmasq.

- Advertisement -

Different fascinating vulnerabilities fastened this month come with more than one Microsoft Place of work faraway code execution flaws, together with Microsoft Outlook RCEs that may be exploited from the preview pane.

Microsoft additionally fastened seven Home windows Kernel privilege elevation flaws that might permit a neighborhood attacker to achieve SYSTEM privileges.

See also  Coaching AI Brokers in Blank Environments Makes Them Excel in Chaos

Contemporary updates from different corporations

Different distributors who launched updates or advisories in June 2024 come with:

Sadly, we will be able to now not be linking to SAP’s Patch Tuesday safety updates as they’ve positioned them in the back of a buyer login.

The June 2024 Patch Tuesday Safety Updates

Underneath is your entire listing of resolved vulnerabilities within the June 2024 Patch Tuesday updates.

To get entry to the entire description of every vulnerability and the techniques it impacts, you’ll view the complete record right here.

Tag CVE ID CVE Name Severity
Azure Information Science Digital Machines CVE-2024-37325 Azure Science Digital System (DSVM) Elevation of Privilege Vulnerability Necessary
Azure Report Sync CVE-2024-35253 Microsoft Azure Report Sync Elevation of Privilege Vulnerability Necessary
Azure Observe CVE-2024-35254 Azure Observe Agent Elevation of Privilege Vulnerability Necessary
Azure SDK CVE-2024-35255 Azure Identification Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Necessary
Azure Garage Library CVE-2024-35252 Azure Garage Motion Consumer Library Denial of Carrier Vulnerability Necessary
Dynamics Trade Central CVE-2024-35248 Microsoft Dynamics 365 Trade Central Elevation of Privilege Vulnerability Necessary
Dynamics Trade Central CVE-2024-35249 Microsoft Dynamics 365 Trade Central Far flung Code Execution Vulnerability Necessary
Microsoft Dynamics CVE-2024-35263 Microsoft Dynamics 365 (On-Premises) Knowledge Disclosure Vulnerability Necessary
Microsoft Edge (Chromium-based) CVE-2024-5498 Chromium: CVE-2024-5498 Use after loose in Presentation API Unknown
Microsoft Edge (Chromium-based) CVE-2024-5493 Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC Unknown
Microsoft Edge (Chromium-based) CVE-2024-5497 Chromium: CVE-2024-5497 Out of bounds reminiscence get entry to in Keyboard Inputs Unknown
Microsoft Edge (Chromium-based) CVE-2024-5495 Chromium: CVE-2024-5495 Use after loose in First light Unknown
Microsoft Edge (Chromium-based) CVE-2024-5499 Chromium: CVE-2024-5499 Out of bounds write in Streams API Unknown
Microsoft Edge (Chromium-based) CVE-2024-5494 Chromium: CVE-2024-5494 Use after loose in First light Unknown
Microsoft Edge (Chromium-based) CVE-2024-5496 Chromium: CVE-2024-5496 Use after loose in Media Consultation Unknown
Microsoft Place of work CVE-2024-30101 Microsoft Place of work Far flung Code Execution Vulnerability Necessary
Microsoft Place of work CVE-2024-30104 Microsoft Place of work Far flung Code Execution Vulnerability Necessary
Microsoft Place of work Outlook CVE-2024-30103 Microsoft Outlook Far flung Code Execution Vulnerability Necessary
Microsoft Place of work SharePoint CVE-2024-30100 Microsoft SharePoint Server Far flung Code Execution Vulnerability Necessary
Microsoft Place of work Phrase CVE-2024-30102 Microsoft Place of work Far flung Code Execution Vulnerability Necessary
Microsoft Streaming Carrier CVE-2024-30090 Microsoft Streaming Carrier Elevation of Privilege Vulnerability Necessary
Microsoft Streaming Carrier CVE-2024-30089 Microsoft Streaming Carrier Elevation of Privilege Vulnerability Necessary
Microsoft WDAC OLE DB supplier for SQL CVE-2024-30077 Home windows OLE Far flung Code Execution Vulnerability Necessary
Microsoft Home windows CVE-2023-50868 MITRE: CVE-2023-50868 NSEC3 closest encloser evidence can exhaust CPU Necessary
Microsoft Home windows Speech CVE-2024-30097 Microsoft Speech Software Programming Interface (SAPI) Far flung Code Execution Vulnerability Necessary
Visible Studio CVE-2024-30052 Visible Studio Far flung Code Execution Vulnerability Necessary
Visible Studio CVE-2024-29060 Visible Studio Elevation of Privilege Vulnerability Necessary
Visible Studio CVE-2024-29187 GitHub: CVE-2024-29187 WiX Burn-based bundles are at risk of binary hijack when run as SYSTEM Necessary
Home windows Cloud Information Mini Clear out Motive force CVE-2024-30085 Home windows Cloud Information Mini Clear out Motive force Elevation of Privilege Vulnerability Necessary
Home windows Container Supervisor Carrier CVE-2024-30076 Home windows Container Supervisor Carrier Elevation of Privilege Vulnerability Necessary
Home windows Cryptographic Products and services CVE-2024-30096 Home windows Cryptographic Products and services Knowledge Disclosure Vulnerability Necessary
Home windows DHCP Server CVE-2024-30070 DHCP Server Carrier Denial of Carrier Vulnerability Necessary
Home windows Dispensed Report Gadget (DFS) CVE-2024-30063 Home windows Dispensed Report Gadget (DFS) Far flung Code Execution Vulnerability Necessary
Home windows Tournament Logging Carrier CVE-2024-30072 Microsoft Tournament Hint Log Report Parsing Far flung Code Execution Vulnerability Necessary
Home windows Kernel CVE-2024-30068 Home windows Kernel Elevation of Privilege Vulnerability Necessary
Home windows Kernel CVE-2024-30064 Home windows Kernel Elevation of Privilege Vulnerability Necessary
Home windows Kernel-Mode Drivers CVE-2024-30084 Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability Necessary
Home windows Kernel-Mode Drivers CVE-2024-35250 Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability Necessary
Home windows Hyperlink Layer Topology Discovery Protocol CVE-2024-30075 Home windows Hyperlink Layer Topology Discovery Protocol Far flung Code Execution Vulnerability Necessary
Home windows Hyperlink Layer Topology Discovery Protocol CVE-2024-30074 Home windows Hyperlink Layer Topology Discovery Protocol Far flung Code Execution Vulnerability Necessary
Home windows NT OS Kernel CVE-2024-30099 Home windows Kernel Elevation of Privilege Vulnerability Necessary
Home windows NT OS Kernel CVE-2024-30088 Home windows Kernel Elevation of Privilege Vulnerability Necessary
Home windows Belief Carrier CVE-2024-35265 Home windows Belief Carrier Elevation of Privilege Vulnerability Necessary
Home windows Far flung Get entry to Connection Supervisor CVE-2024-30069 Home windows Far flung Get entry to Connection Supervisor Knowledge Disclosure Vulnerability Necessary
Home windows Routing and Far flung Get entry to Carrier (RRAS) CVE-2024-30095 Home windows Routing and Far flung Get entry to Carrier (RRAS) Far flung Code Execution Vulnerability Necessary
Home windows Routing and Far flung Get entry to Carrier (RRAS) CVE-2024-30094 Home windows Routing and Far flung Get entry to Carrier (RRAS) Far flung Code Execution Vulnerability Necessary
Home windows Server Carrier CVE-2024-30062 Home windows Requirements-Primarily based Garage Control Carrier Far flung Code Execution Vulnerability Necessary
Home windows Server Carrier CVE-2024-30080 Microsoft Message Queuing (MSMQ) Far flung Code Execution Vulnerability Essential
Home windows Requirements-Primarily based Garage Control Carrier CVE-2024-30083 Home windows Requirements-Primarily based Garage Control Carrier Denial of Carrier Vulnerability Necessary
Home windows Garage CVE-2024-30093 Home windows Garage Elevation of Privilege Vulnerability Necessary
Home windows Topics CVE-2024-30065 Home windows Topics Denial of Carrier Vulnerability Necessary
Home windows Wi-Fi Motive force CVE-2024-30078 Home windows Wi-Fi Motive force Far flung Code Execution Vulnerability Necessary
Home windows Win32 Kernel Subsystem CVE-2024-30086 Home windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Necessary
Home windows Win32K – GRFX CVE-2024-30087 Win32k Elevation of Privilege Vulnerability Necessary
Home windows Win32K – GRFX CVE-2024-30091 Win32k Elevation of Privilege Vulnerability Necessary
Home windows Win32K – GRFX CVE-2024-30082 Win32k Elevation of Privilege Vulnerability Necessary
Winlogon CVE-2024-30067 Winlogon Elevation of Privilege Vulnerability Necessary
Winlogon CVE-2024-30066 Winlogon Elevation of Privilege Vulnerability Necessary
See also  WordPress Plugin Jetpack Patches Primary Vulnerability Affecting 27 Million Websites
Previous article
China-Connected ValleyRAT Malware Resurfaces with Complicated Knowledge Robbery Ways
Next article
49ers’ Christian McCaffrey used to be selected to be the duvet athlete for Madden 25

Related News

- Advertisement -
- Advertisement -

Latest News

- Advertisement -

Welcome to LatestFreeNews, your go-to source for the latest updates and insights on global affairs. We are dedicated to bringing you accurate and timely news coverage from around the world.

Legal Pages

Topics

Editor's Picks

© 2025 All Rights Reserved | Powered by Latestfreenews