Patch Tuesday Update - June 2024

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.44.0 and FVM Agent 2.8 releases.

Microsoft addressed 51 vulnerabilities in this release, including 1 rated as Critical and 18 Remote Code Execution vulnerabilities.

CVE/Advisory	Title	Tag	Microsoft Severity Rating	Base Score	Microsoft Impact	Exploited	Publicly Disclosed
CVE-2024-30069	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Windows Remote Access Connection Manager	Important	4.7	Information Disclosure	No	No
CVE-2024-30070	DHCP Server Service Denial of Service Vulnerability	Windows DHCP Server	Important	7.5	Denial of Service	No	No
CVE-2024-30072	Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability	Windows Event Logging Service	Important	7.8	Remote Code Execution	No	No
CVE-2024-30074	Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability	Windows Link Layer Topology Discovery Protocol	Important	8	Remote Code Execution	No	No
CVE-2024-30075	Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability	Windows Link Layer Topology Discovery Protocol	Important	8	Remote Code Execution	No	No
CVE-2024-30076	Windows Container Manager Service Elevation of Privilege Vulnerability	Windows Container Manager Service	Important	6.8	Elevation of Privilege	No	No
CVE-2024-30077	Windows OLE Remote Code Execution Vulnerability	Microsoft WDAC OLE DB provider for SQL	Important	8	Remote Code Execution	No	No
CVE-2024-30078	Windows Wi-Fi Driver Remote Code Execution Vulnerability	Windows Wi-Fi Driver	Important	8.8	Remote Code Execution	No	No
CVE-2024-30080	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	Windows Server Service	Critical	9.8	Remote Code Execution	No	No
CVE-2024-30082	Win32k Elevation of Privilege Vulnerability	Windows Win32K – GRFX	Important	7.8	Elevation of Privilege	No	No
CVE-2024-35250	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability	Windows Kernel-Mode Drivers	Important	7.8	Elevation of Privilege	No	No
CVE-2024-35255	Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability	Azure SDK	Important	5.5	Elevation of Privilege	No	No
CVE-2023-50868	MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU	Microsoft Windows	Important	7.5	Denial of Service	No	Yes
CVE-2024-29187	GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM	Visual Studio	Important	7.3	Elevation of Privilege	No	No
CVE-2024-29060	Visual Studio Elevation of Privilege Vulnerability	Visual Studio	Important	6.7	Elevation of Privilege	No	No
CVE-2024-30062	Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability	Windows Server Service	Important	7.8	Remote Code Execution	No	No
CVE-2024-30063	Windows Distributed File System (DFS) Remote Code Execution Vulnerability	Windows Distributed File System (DFS)	Important	6.7	Remote Code Execution	No	No
CVE-2024-30064	Windows Kernel Elevation of Privilege Vulnerability	Windows Kernel	Important	8.8	Elevation of Privilege	No	No
CVE-2024-30065	Windows Themes Denial of Service Vulnerability	Windows Themes	Important	5.5	Denial of Service	No	No
CVE-2024-30066	Winlogon Elevation of Privilege Vulnerability	Winlogon	Important	5.5	Elevation of Privilege	No	No
CVE-2024-30067	Winlogon Elevation of Privilege Vulnerability	Winlogon	Important	5.5	Elevation of Privilege	No	No
CVE-2024-30068	Windows Kernel Elevation of Privilege Vulnerability	Windows Kernel	Important	8.8	Elevation of Privilege	No	No
CVE-2024-30083	Windows Standards-Based Storage Management Service Denial of Service Vulnerability	Windows Standards-Based Storage Management Service	Important	7.5	Denial of Service	No	No
CVE-2024-30084	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability	Windows Kernel-Mode Drivers	Important	7	Elevation of Privilege	No	No
CVE-2024-30085	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	Windows Cloud Files Mini Filter Driver	Important	7.8	Elevation of Privilege	No	No
CVE-2024-30086	Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability	Windows Win32 Kernel Subsystem	Important	7.8	Elevation of Privilege	No	No
CVE-2024-30087	Win32k Elevation of Privilege Vulnerability	Windows Win32K – GRFX	Important	7.8	Elevation of Privilege	No	No
CVE-2024-30088	Windows Kernel Elevation of Privilege Vulnerability	Windows NT OS Kernel	Important	7	Elevation of Privilege	No	No
CVE-2024-30089	Microsoft Streaming Service Elevation of Privilege Vulnerability	Microsoft Streaming Service	Important	7.8	Elevation of Privilege	No	No
CVE-2024-30090	Microsoft Streaming Service Elevation of Privilege Vulnerability	Microsoft Streaming Service	Important	7	Elevation of Privilege	No	No
CVE-2024-30091	Win32k Elevation of Privilege Vulnerability	Windows Win32K – GRFX	Important	7.8	Elevation of Privilege	No	No
CVE-2024-30093	Windows Storage Elevation of Privilege Vulnerability	Windows Storage	Important	7.3	Elevation of Privilege	No	No
CVE-2024-30094	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Windows Routing and Remote Access Service (RRAS)	Important	7.8	Remote Code Execution	No	No
CVE-2024-30095	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Windows Routing and Remote Access Service (RRAS)	Important	7.8	Remote Code Execution	No	No
CVE-2024-30096	Windows Cryptographic Services Information Disclosure Vulnerability	Windows Cryptographic Services	Important	5.5	Information Disclosure	No	No
CVE-2024-30097	Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability	Microsoft Windows Speech	Important	8.8	Remote Code Execution	No	No
CVE-2024-30099	Windows Kernel Elevation of Privilege Vulnerability	Windows NT OS Kernel	Important	7	Elevation of Privilege	No	No
CVE-2024-30100	Microsoft SharePoint Server Remote Code Execution Vulnerability	Microsoft Office SharePoint	Important	7.8	Remote Code Execution	No	No
CVE-2024-30101	Microsoft Office Remote Code Execution Vulnerability	Microsoft Office	Important	7.5	Remote Code Execution	No	No
CVE-2024-30102	Microsoft Office Remote Code Execution Vulnerability	Microsoft Office Word	Important	7.3	Remote Code Execution	No	No
CVE-2024-30103	Microsoft Outlook Remote Code Execution Vulnerability	Microsoft Office Outlook	Important	8.8	Remote Code Execution	No	No
CVE-2024-30104	Microsoft Office Remote Code Execution Vulnerability	Microsoft Office	Important	7.8	Remote Code Execution	No	No
CVE-2024-35248	Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability	Dynamics Business Central	Important	7.3	Elevation of Privilege	No	No
CVE-2024-35249	Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability	Dynamics Business Central	Important	8.8	Remote Code Execution	No	No
CVE-2024-35252	Azure Storage Movement Client Library Denial of Service Vulnerability	Azure Storage Library	Important	7.5	Denial of Service	No	No
CVE-2024-35253	Microsoft Azure File Sync Elevation of Privilege Vulnerability	Azure File Sync	Important	4.4	Elevation of Privilege	No	No
CVE-2024-35254	Azure Monitor Agent Elevation of Privilege Vulnerability	Azure Monitor	Important	7.1	Elevation of Privilege	No	No
CVE-2024-35263	Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability	Microsoft Dynamics	Important	5.7	Information Disclosure	No	No
CVE-2024-35265	Windows Perception Service Elevation of Privilege Vulnerability	Windows Perception Service	Important	7	Elevation of Privilege	No	No
CVE-2024-37325	Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability	Azure Data Science Virtual Machines	Important	8.1	Elevation of Privilege	No	No
CVE-2024-30052	Visual Studio Remote Code Execution Vulnerability	Visual Studio	Important	4.7	Remote Code Execution	No	No

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Frontline VM can help.

Watch now

Patch Tuesday Update - June 2024

Quickly Find and Fix Your Most At-Risk Weaknesses

Mieng Lim

Footer 1

Footer 2

Footer 3

Footer Menu 4

Contact Information

Privacy Policy

Cookie Policy

Impressum