Post

Microsoft: August 2024 Security Updates

StandWithPalestine

Microsoft August 2024 Security Updates

In August 2024, Microsoft released a significant security update addressing a total of 90 Common Vulnerabilities and Exposures (CVEs). This comprehensive update spans various Microsoft products, including Windows, Azure, Office, and more. Below is an in-depth look at the key details of these vulnerabilities.

Key Highlights

  • Total CVEs: 90
  • Critical Vulnerabilities: Several critical vulnerabilities with CVSS scores as high as 9.8.
  • Affected Products: Windows, Azure, Microsoft Office, .NET, and more.

Vulnerability Breakdown

TagCVEBase ScoreCVSS VectorExploitabilityFAQs?Workarounds?Mitigations?
Windows Secure Kernel ModeCVE-2024-213026.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:CExploitation Less LikelyYesNoNo
Windows KerberosCVE-2024-299958.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Microsoft Windows DNSCVE-2024-379687.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:CExploitation Less LikelyNoNoNo
Windows TCP/IPCVE-2024-380639.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation More LikelyYesNoYes
Microsoft OfficeCVE-2024-380847.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Azure Connected Machine AgentCVE-2024-380987.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation UnlikelyYesNoNo
Windows KernelCVE-2024-381067.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:CExploitation DetectedYesNoNo
Windows Power Dependency CoordinatorCVE-2024-381077.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:CExploitation DetectedYesNoNo
Azure StackCVE-2024-381089.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Azure Health BotCVE-2024-381099.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows IP Routing Management SnapinCVE-2024-381148.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows IP Routing Management SnapinCVE-2024-381158.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows IP Routing Management SnapinCVE-2024-381168.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows NTFSCVE-2024-381177.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Microsoft Local Security Authority Server (lsasrv)CVE-2024-381185.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS)CVE-2024-381208.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS)CVE-2024-381218.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Microsoft Local Security Authority Server (lsasrv)CVE-2024-381225.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Microsoft Bluetooth DriverCVE-2024-381234.4CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Microsoft Streaming ServiceCVE-2024-381257.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation More LikelyYesNoNo
Windows Network Address Translation (NAT)CVE-2024-381267.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows KernelCVE-2024-381277.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS)CVE-2024-381288.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS)CVE-2024-381308.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Clipboard Virtual Channel ExtensionCVE-2024-381318.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Network Address Translation (NAT)CVE-2024-381327.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Local Security Authority Server (lsasrv)CVE-2024-381345.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS)CVE-2024-381358.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Less LikelyYesNoNo
Microsoft Windows Server Remote Desktop ServicesCVE-2024-381369.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation More LikelyYesNoYes

Notable CVEs

CVE-2024-38063: Windows TCP/IP Vulnerability

  • CVSS Score: 9.8
  • Description: A critical vulnerability in the Windows TCP/IP stack could allow remote attackers to execute arbitrary code on affected systems without user interaction. This vulnerability is rated as “Exploitation More Likely,” emphasizing the importance of immediate patching.

CVE-2024-38108: Azure Stack Vulnerability

  • CVSS Score: 9.3
  • Description: This vulnerability affects the Azure Stack and could be exploited by attackers to gain control of the system. While rated as “Exploitation Less Likely,” the high CVSS score makes this a significant concern for Azure Stack users.

CVE-2024-38140: Reliable Multicast Transport Driver Vulnerability

  • CVSS Score: 9.8
  • Description: This vulnerability in the Reliable Multicast Transport Driver (RMCAST) is critical, with the potential for remote code execution. Exploitation is less likely, but the severity of this issue warrants close attention.

Recommendations

  • Patch Immediately: Given the severity and exploitability of some of these vulnerabilities, it is recommended that organizations and individuals apply the August 2024 security patches as soon as possible.
  • Monitor Systems: Continuous monitoring for signs of exploitation, especially for the vulnerabilities rated as “Exploitation Detected” and “Exploitation More Likely.”
  • Review Workarounds and Mitigations: While many vulnerabilities do not have specific workarounds or mitigations, review Microsoft’s recommendations to ensure any possible risk is minimized.

Conclusion

The August 2024 security updates from Microsoft highlight the importance of regular patching and vigilance in maintaining cybersecurity. With critical vulnerabilities spanning across Windows, Azure, Office, and other Microsoft services, timely application of these updates is essential to protect systems from potential exploitation.

For more details and the full list of addressed CVEs, refer to the official Microsoft documentation.

This post is licensed under CC BY 4.0 by the author.