Microsoft has released its September 2024 Patch Tuesday security updates, addressing 79 vulnerabilities across Windows, Office, Exchange Server, Azure, Dynamics, and other products. This month's update includes fixes for four zero-day vulnerabilities, with three of them being actively exploited in the wild.
Out of the 79 vulnerabilities patched this month, 7 are rated as Critical, 71 as Important, and 1 as Moderate in severity. The most common types of vulnerabilities addressed are elevation of privilege (30 bugs), remote code execution (23 bugs), and information disclosure (11 bugs).
Key highlights of this Patch Tuesday include:
Four zero-day vulnerabilities, three of which were actively exploited:
* CVE-2024-38014: Windows Installer Elevation of Privilege Vulnerability
* CVE-2024-38217: Windows Mark of the Web Security Feature Bypass Vulnerability
* CVE-2024-38226: Microsoft Publisher Security Feature Bypass Vulnerability
* CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability
Seven critical vulnerabilities, including remote code execution flaws in Microsoft SharePoint Server, Windows Network Address Translation (NAT), and Azure Stack Hub.
Important patches for Microsoft SQL Server, Azure Web Apps, Windows PowerShell, and various other Windows components.
Notably, Microsoft has not addressed any vulnerabilities in Microsoft Edge (Chromium-based) in this month's edition.
This Patch Tuesday continues Microsoft's efforts to secure its wide range of products against evolving cybersecurity threats. As always, administrators and users are advised to apply these security updates as soon as possible to protect their systems from potential exploits.
In September's Patch Tuesday, Microsoft addressed 79 flaws, including four zero-day vulnerabilities, with three of them being actively exploited in the wild. This update included patches across categories like elevation of privilege, remote code execution, information disclosure, spoofing, denial of service, and security feature bypass.
Key highlights are:
Total Flaws and Zero-Day Vulnerabilities: This update resolves 79 total bugs, with four zero-day vulnerabilities, three of which were actively exploited.
Critical Flaws: Among the patches, seven critical flaws were fixed, including remote code execution vulnerabilities in Microsoft SharePoint Server, Windows Network Address Translation (NAT), and Azure Stack Hub.
Vulnerability Types: The most common types of vulnerabilities addressed are elevation of privilege (30 bugs), remote code execution (23 bugs), and information disclosure (11 bugs). Other types include denial of service (8), security feature bypass (4), and spoofing (3).
Actively Exploited Zero-Days: The actively exploited zero-day vulnerabilities patched include:
CVE-2024-38014: Windows Installer Elevation of Privilege Vulnerability
VE-2024-38217: Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38226: Microsoft Publisher Security Feature Bypass Vulnerability
5. Critical-Rated Bugs: Notable critical vulnerabilities include:
VE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (CVSS 9.8)
CVE-2024-38220: Azure Stack Hub Elevation of Privilege Vulnerability (CVSS 9.0)
CVE-2024-38018: Microsoft SharePoint Server Remote Code Execution Vulnerability (CVSS 8.8)
6. Key Affected Products: Windows, Office, Exchange Server, Azure, Dynamics 365, SQL Server, and SharePoint Server received significant updates this month.
7. No Microsoft Edge Updates: Microsoft has not addressed vulnerabilities in Microsoft Edge (Chromium-based) in this month's edition.
This September's Patch Tuesday highlights Microsoft's ongoing commitment to securing its wide range of products against ever-evolving cybersecurity threats. Administrators should prioritize testing and deploying these patches, focusing on the actively exploited zero-days and critical remote code execution flaws.Zero-day Vulnerabilities Patched in September 2024
Microsoft addressed four zero-day vulnerabilities in the September 2024 Patch Tuesday release. Three of these vulnerabilities were being actively exploited in the wild prior to the patches being made available. Let's examine each of these critical vulnerabilities:
CVE ID
|
Title
|
Type
|
CVSS Score
|
Severity
|
Exploited
|
Publicly Disclosed
|
---|---|---|---|---|---|---|
CVE-2024-38014
|
Windows Installer Elevation of Privilege Vulnerability
|
Elevation of Privilege
|
7.8
|
Important
|
Yes
|
No
|
CVE-2024-38217
|
Windows Mark of the Web Security Feature Bypass Vulnerability
|
Security Feature Bypass
|
5.4
|
Important
|
Yes
|
Yes
|
CVE-2024-38226
|
Microsoft Publisher Security Feature Bypass Vulnerability
|
Security Feature Bypass
|
7.3
|
Important
|
Yes
|
No
|
CVE-2024-43491
|
Microsoft Windows Update Remote Code Execution Vulnerability
|
Remote Code Execution
|
9.8
|
Critical
|
Yes*
|
No
|
Vulnerability type: Elevation of Privilege
Affected product: Windows Installer
CVSS v3 base score: 7.8
Severity rating: Important
This vulnerability allows an attacker to gain SYSTEM privileges on Windows systems. Microsoft has not shared any details on how it was exploited in attacks. The attack vector is local, but both attack complexity and privilege requirements are low, and no user interaction is required. This makes it potentially attractive to malware authors for post-exploitation activities.
Vulnerability type: Security Feature Bypass
Affected product: Windows Mark of the Web
CVSS v3 base score: 5.4
Severity rating: Important
This vulnerability was publicly disclosed last month by Joe Desimone of Elastic Security and is believed to have been actively exploited since 2018. The flaw allows attackers to bypass Windows Mark of the Web (MOTW) defenses, potentially disabling SmartScreen and Windows Attachment Services security features.
To exploit this vulnerability, an attacker must convince a user to open a specially crafted file downloaded from the internet. Successful exploitation could lead to the execution of malicious content without security warnings.
Vulnerability type: Security Feature Bypass
Affected product: Microsoft Publisher
CVSS v3 base score: 7.3
Severity rating: Important
This vulnerability allows attackers to bypass Office macro policies used to block untrusted or malicious files. To exploit this flaw, an attacker must be authenticated on the system and convince a user to download and open a specially crafted file from a website. The Preview Pane is not an attack vector for this vulnerability.
Vulnerability type: Remote Code Execution
Affected product: Windows Update
CVSS v3 base score: 9.8
Severity rating: Critical
This vulnerability is unique as it reintroduces previously patched vulnerabilities due to a flaw in the Windows Servicing Stack. It affects Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed updates from March 2024 through August 2024.
The vulnerability caused certain Optional Components to roll back to their original RTM versions, potentially reintroducing previously mitigated vulnerabilities. While Microsoft has not observed direct exploitation of this specific vulnerability, it is marked as exploited due to the potential exploitation of the reintroduced vulnerabilities.
Microsoft notes that later versions of Windows 10 are not impacted by this vulnerability. Users of affected systems should apply both the September 2024 Servicing Stack Update (SSU KB5043936) and the September 2024 Windows security update (KB5043083), in that order, to address this issue.
Microsoft addressed seven vulnerabilities with critical severity scores in the September 2024 Patch Tuesday release. Let's examine these critical vulnerabilities:
CVE ID
|
Title
|
Type
|
CVSS Score
|
Affected Product
|
---|---|---|---|---|
CVE-2024-43491
|
Microsoft Windows Update Remote Code Execution Vulnerability
|
Remote Code Execution
|
9.8
|
Windows Update
|
CVE-2024-38220
|
Azure Stack Hub Elevation of Privilege Vulnerability
|
Elevation of Privilege
|
9.0
|
Azure Stack Hub
|
CVE-2024-38018
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
Remote Code Execution
|
8.8
|
Microsoft SharePoint Server
|
CVE-2024-38194
|
Azure Web Apps Elevation of Privilege Vulnerability
|
Elevation of Privilege
|
8.4
|
Azure Web Apps
|
CVE-2024-38216
|
Azure Stack Hub Elevation of Privilege Vulnerability
|
Elevation of Privilege
|
8.2
|
Azure Stack Hub
|
CVE-2024-38119
|
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
|
Remote Code Execution
|
7.5
|
Windows Network Address Translation (NAT)
|
CVE-2024-43464
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
Remote Code Execution
|
7.2
|
Microsoft SharePoint Server
|
Vulnerability type: Remote Code Execution
Affected product: Windows Update
CVSS v3 base score: 9.8
Severity rating: Critical
This vulnerability is particularly concerning due to its high CVSS score and its unique nature. It stems from a flaw in the Windows Servicing Stack that has rolled back fixes for previously patched vulnerabilities in Optional Components on Windows 10, version 1507. While Microsoft hasn't observed direct exploitation of this vulnerability, it's marked as exploited due to the potential for attackers to leverage the reintroduced vulnerabilities.
Vulnerability type: Elevation of Privilege
Affected product: Azure Stack Hub
CVSS v3 base score: 9.0
Severity rating: Critical
This vulnerability could allow an attacker to gain unauthorized access to other Azure cloud tenants' applications and content. Successful exploitation could grant the attacker access to system resources with the same privileges as the compromised process.
Vulnerability type: Remote Code Execution
Affected product: Microsoft SharePoint Server
CVSS v3 base score: 8.8
Severity rating: Critical
An authenticated attacker with at least Site Member level permissions could remotely execute code on the SharePoint Server through a network-based attack. Microsoft rates the exploitation of this vulnerability as more likely.
Vulnerability type: Elevation of Privilege
Affected product: Azure Web Apps
CVSS v3 base score: 8.4
Severity rating: Critical
This vulnerability allows an authenticated attacker to exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network. Microsoft has already fully addressed this vulnerability within the Azure infrastructure.
Vulnerability type: Elevation of Privilege
Affected product: Azure Stack Hub
CVSS v3 base score: 8.2
Severity rating: Critical
Similar to CVE-2024-38220, this vulnerability in Azure Stack Hub could allow an attacker to gain unauthorized access to system resources, potentially executing actions with privileges matching the compromised process.
Vulnerability type: Remote Code Execution
Affected product: Windows Network Address Translation (NAT)
CVSS v3 base score: 7.5
Severity rating: Critical
This vulnerability exists in the Windows NAT implementation. Exploitation requires the attacker to be on the same network as the target and to win a race condition. Despite its critical rating, Microsoft lists exploitation as less likely.
Affected product: Microsoft SharePoint Server
CVSS v3 base score: 7.2
Severity rating: Critical
This vulnerability allows an authenticated attacker with Site Owner permissions to upload a specially crafted file and send crafted API requests to trigger deserialization, potentially leading to remote code execution in the context of SharePoint Server.
These critical vulnerabilities underscore the importance of promptly applying September's security updates, especially for organizations using Azure services, SharePoint, or running Windows servers with NAT enabled.
In total, 79 vulnerabilities were addressed in September's Patch Tuesday. Elevation of privilege vulnerabilities lead the count this month, followed closely by remote code execution flaws. Here's a breakdown of the vulnerability categories patched this month:
Elevation of Privilege: 30
Remote Code Execution: 23
Information Disclosure: 11
Denial of Service: 8
Security Feature Bypass: 4
Spoofing: 3
Elevation of privilege vulnerabilities continue to be a significant concern, representing 38% of this month's patches. These flaws can allow attackers to gain higher levels of access on compromised systems, potentially leading to further exploitation.
Remote code execution vulnerabilities account for 29.1% of the September updates. These critical bugs enable arbitrary code execution and pose substantial risks if successfully exploited.
Information disclosure flaws make up 13.9% of the patched vulnerabilities. While often considered less severe, these can still provide valuable intelligence to attackers for planning more targeted exploits.
The remaining categories - denial of service (10.1%), security feature bypass (5.1%), and spoofing (3.8%) - round out the vulnerabilities addressed this month. Though fewer in number, these flaws can still pose significant risks in certain scenarios.
Here is a table with the vulnerability categories and associated CVE IDs from Microsoft's September 2024 Patch Tuesday:
Vulnerability Category
|
CVE IDs
|
---|---|
Elevation of Privilege
|
CVE-2024-38014, CVE-2024-38188, CVE-2024-43470, CVE-2024-38216, CVE-2024-38220, CVE-2024-38194, CVE-2024-38225, CVE-2024-43492, CVE-2024-38247, CVE-2024-38250, CVE-2024-38249, CVE-2024-43465, CVE-2024-37980, CVE-2024-37965, CVE-2024-37341, CVE-2024-38240, CVE-2024-38252, CVE-2024-38253, CVE-2024-43457, CVE-2024-38046, CVE-2024-38237, CVE-2024-38241, CVE-2024-38242, CVE-2024-38238, CVE-2024-38243, CVE-2024-38244, CVE-2024-38245, CVE-2024-38248, CVE-2024-38246, CVE-2024-38239
|
Remote Code Execution
|
CVE-2024-43491, CVE-2024-43469, CVE-2024-38259, CVE-2024-38018, CVE-2024-43464, CVE-2024-38227, CVE-2024-38228, CVE-2024-43463, CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339, CVE-2024-37340, CVE-2024-43479, CVE-2024-38119, CVE-2024-21416, CVE-2024-38045, CVE-2024-43467, CVE-2024-38263, CVE-2024-38260, CVE-2024-43454, CVE-2024-43495
|
Information Disclosure
|
CVE-2024-43475, CVE-2024-38257, CVE-2024-38258, CVE-2024-43482, CVE-2024-37337, CVE-2024-37342, CVE-2024-37966, CVE-2024-43474, CVE-2024-43458, CVE-2024-38256, CVE-2024-38254
|
Denial of Service
|
CVE-2024-38235, CVE-2024-38236, CVE-2024-43466, CVE-2024-38232, CVE-2024-38233, CVE-2024-38234, CVE-2024-38230, CVE-2024-38231
|
Security Feature Bypass
|
CVE-2024-38226, CVE-2024-38217, CVE-2024-43487, CVE-2024-30073
|
Spoofing
|
CVE-2024-43455, CVE-2024-43461, CVE-2024-43476
|
Microsoft's September 2024 Patch Tuesday includes updates for a broad range of its products, applications, and services. Here are the key products and components that received patches:
Product Name
|
No. of Vulnerabilities Patched
|
Windows
|
46
|
SQL Server
|
13
|
Azure
|
6
|
Microsoft Office SharePoint
|
5
|
Microsoft Dynamics
|
4
|
Windows Remote Desktop Licensing Service
|
4
|
Windows Network Virtualization
|
4
|
Microsoft Streaming Service
|
4
|
Windows Mark of the Web (MOTW)
|
2
|
Windows TCP/IP
|
2
|
Windows Win32K - ICOMP
|
2
|
Microsoft Office Excel
|
1
|
Microsoft Office Visio
|
1
|
Microsoft Office Publisher
|
1
|
Microsoft Outlook for iOS
|
1
|
Windows Hyper-V
|
1
|
Windows DHCP Server
|
1
|
Windows Installer
|
1
|
Windows Kerberos
|
1
|
Windows Libarchive
|
1
|
Windows PowerShell
|
1
|
Windows Remote Access Connection Manager
|
1
|
Windows Security Zone Mapping
|
1
|
Windows Setup and Deployment
|
1
|
Windows Standards-Based Storage Management Service
|
1
|
Windows Storage
|
1
|
Windows Update
|
1
|
Windows Win32K - GRFX
|
1
|
Power Automate
|
1
|
Windows Admin Center
|
1
|
Windows AllJoyn API
|
1
|
Windows Authentication Methods
|
1
|
Microsoft AutoUpdate (MAU)
|
1
|
Download the complete list of vulnerabilities by products patched in September 2024 Patch Tuesday here.
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Azure Stack Hub Elevation of Privilege Vulnerability
|
No
|
No
|
9
|
|
Azure CycleCloud Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Azure Web Apps Elevation of Privilege Vulnerability
|
No
|
No
|
8.4
|
|
Azure Stack Hub Elevation of Privilege Vulnerability
|
No
|
No
|
8.2
|
|
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
|
No
|
No
|
7.3
|
|
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
|
No
|
No
|
7.1
|
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Microsoft Windows Admin Center Information Disclosure Vulnerability
|
No
|
No
|
7.3
|
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Windows Remote Desktop Licensing Service Spoofing Vulnerability
|
No
|
No
|
8.8
|
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Windows MSHTML Platform Spoofing Vulnerability
|
No
|
No
|
8.8
|
|
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
|
No
|
No
|
8.1
|
|
Windows Security Zone Mapping Security Feature Bypass Vulnerability
|
No
|
No
|
7.8
|
|
Windows Installer Elevation of Privilege Vulnerability
|
Yes
|
No
|
7.8
|
|
Windows Graphics Component Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Windows Graphics Component Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
No
|
No
|
7.5
|
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
No
|
No
|
7.5
|
|
DHCP Server Service Denial of Service Vulnerability
|
No
|
No
|
7.5
|
|
Windows Kerberos Elevation of Privilege Vulnerability
|
No
|
No
|
7.2
|
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
No
|
No
|
7.1
|
|
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
|
No
|
No
|
6.5
|
|
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
|
No
|
No
|
6.5
|
|
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
|
No
|
No
|
6.5
|
|
Windows Networking Denial of Service Vulnerability
|
No
|
No
|
6.5
|
|
Windows Mark of the Web Security Feature Bypass Vulnerability
|
No
|
No
|
6.5
|
|
Windows Kernel-Mode Driver Information Disclosure Vulnerability
|
No
|
No
|
5.5
|
|
Windows Mark of the Web Security Feature Bypass Vulnerability
|
Yes
|
Yes
|
5.4
|
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Windows Graphics Component Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
|
No
|
No
|
8.5
|
|
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
|
No
|
No
|
7.6
|
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
No
|
No
|
7.8
|
|
Microsoft Excel Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Microsoft Publisher Security Feature Bypass Vulnerability
|
Yes
|
No
|
7.3
|
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
No
|
No
|
7.2
|
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
No
|
No
|
7.2
|
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
No
|
No
|
7.2
|
|
Microsoft SharePoint Server Denial of Service Vulnerability
|
No
|
No
|
6.5
|
|
Microsoft Outlook for iOS Information Disclosure Vulnerability
|
No
|
No
|
6.5
|
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Elevation of Privilege Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Elevation of Privilege Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Elevation of Privilege Vulnerability
|
No
|
No
|
8.8
|
|
Microsoft SQL Server Information Disclosure Vulnerability
|
No
|
No
|
7.6
|
|
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
|
No
|
No
|
7.1
|
|
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
|
No
|
No
|
7.1
|
|
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
|
No
|
No
|
7.1
|
CVE
|
Title
|
Exploited?
|
Publicly disclosed?
|
CVSSv3 base score
|
---|---|---|---|---|
Microsoft Windows Update Remote Code Execution Vulnerability
|
Yes
|
No
|
9.8
|
|
Microsoft Management Console Remote Code Execution Vulnerability
|
No
|
No
|
8.8
|
|
Windows TCP/IP Remote Code Execution Vulnerability
|
No
|
No
|
8.1
|
|
Windows TCP/IP Remote Code Execution Vulnerability
|
No
|
No
|
8.1
|
|
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Windows Setup and Deployment Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
PowerShell Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
|
No
|
No
|
7.8
|
|
Windows Networking Information Disclosure Vulnerability
|
No
|
No
|
7.7
|
|
Windows Networking Denial of Service Vulnerability
|
No
|
No
|
7.5
|
|
Windows Networking Denial of Service Vulnerability
|
No
|
No
|
7.5
|
|
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
|
No
|
No
|
7.5
|
|
Microsoft AllJoyn API Information Disclosure Vulnerability
|
No
|
No
|
7.5
|
|
Windows libarchive Remote Code Execution Vulnerability
|
No
|
No
|
7.3
|
|
Windows Storage Elevation of Privilege Vulnerability
|
No
|
No
|
7
|
|
Win32k Elevation of Privilege Vulnerability
|
No
|
No
|
7
|
|
Windows Hyper-V Denial of Service Vulnerability
|
No
|
No
|
6.5
|
|
Windows Authentication Information Disclosure Vulnerability
|
No
|
No
|
5.5
|
Microsoft's September 2024 Patch Tuesday release addressed 79 total vulnerabilities, headlined by fixes for four zero-day flaws, three of which were actively exploited in the wild:
In total, 7 critical and 71 important severity vulnerabilities were addressed this month. The most common vulnerability types were elevation of privilege (30 bugs), remote code execution (23 bugs), and information disclosure (11 bugs).
Here's a summary table of the vulnerabilities by severity:
Severity
|
Count
|
Critical
|
7
|
Important
|
71
|
Moderate
|
1
|
The extensive patch load emphasizes the importance of continuous monitoring, vulnerability management, and timely updating to counter sophisticated multi-stage attacks targeting enterprise networks. Prioritizing remediation efforts by potential business impact is crucial.
We aim to keep readers informed each month in our Patch Tuesday reports. Please follow our website thesecmaster.com or subscribe to our social media pages on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram to receive similar updates.
You may also like these articles:
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”
"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.
BurpGPT is a cutting-edge Burp Suite extension that harnesses the power of OpenAI's language models to revolutionize web application security testing. With customizable prompts and advanced AI capabilities, BurpGPT enables security professionals to uncover bespoke vulnerabilities, streamline assessments, and stay ahead of evolving threats.
PentestGPT, developed by Gelei Deng and team, revolutionizes penetration testing by harnessing AI power. Leveraging OpenAI's GPT-4, it automates and streamlines the process, making it efficient and accessible. With advanced features and interactive guidance, PentestGPT empowers testers to identify vulnerabilities effectively, representing a significant leap in cybersecurity.
Tenable BurpGPT is a powerful Burp Suite extension that leverages OpenAI's advanced language models to analyze HTTP traffic and identify potential security risks. By automating vulnerability detection and providing AI-generated insights, BurpGPT dramatically reduces manual testing efforts for security researchers, developers, and pentesters.
Microsoft Security Copilot is a revolutionary AI-powered security solution that empowers cybersecurity professionals to identify and address potential breaches effectively. By harnessing advanced technologies like OpenAI's GPT-4 and Microsoft's extensive threat intelligence, Security Copilot streamlines threat detection and response, enabling defenders to operate at machine speed and scale.