Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.42.0 and FVM Agent 2.7 releases.
- Microsoft addressed 61 vulnerabilities in this release, including 1 rated as Critical and 27 Remote Code Execution vulnerabilities.
- This release also includes fixes for CVE-2024-30040 and CVE-2024-30051 which are known to have been exploited in the wild.
- Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040)
- A malicious actor would be required to trick a user into manipulating a crafted file in order to exploit this vulnerability which would result in code execution in the context of the user that interacted with the file.
- Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
- This vulnerability could allow an attacker to escalate to SYSTEM privileges and has been observed being used by Qakbot and other malware.
- Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040)
CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
CVE-2024-32002 | CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution | Visual Studio | Important | 9 | Remote Code Execution | No | No |
CVE-2024-29996 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows Common Log File System Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-29997 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-29998 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-29999 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30000 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30001 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30002 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30003 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30004 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30005 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30006 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Microsoft WDAC OLE DB provider for SQL | Important | 8.8 | Remote Code Execution | No | No |
CVE-2024-30007 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Microsoft Brokering File System | Important | 8.8 | Elevation of Privilege | No | No |
CVE-2024-30008 | Windows DWM Core Library Information Disclosure Vulnerability | Windows DWM Core Library | Important | 5.5 | Information Disclosure | No | No |
CVE-2024-30009 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Important | 8.8 | Remote Code Execution | No | No |
CVE-2024-30010 | Windows Hyper-V Remote Code Execution Vulnerability | Windows Hyper-V | Important | 8.8 | Remote Code Execution | No | No |
CVE-2024-30011 | Windows Hyper-V Denial of Service Vulnerability | Windows Hyper-V | Important | 6.5 | Denial of Service | No | No |
CVE-2024-30012 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30014 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Important | 7.5 | Remote Code Execution | No | No |
CVE-2024-30015 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Important | 7.5 | Remote Code Execution | No | No |
CVE-2024-30016 | Windows Cryptographic Services Information Disclosure Vulnerability | Windows Cryptographic Services | Important | 5.5 | Information Disclosure | No | No |
CVE-2024-30017 | Windows Hyper-V Remote Code Execution Vulnerability | Windows Hyper-V | Important | 8.8 | Remote Code Execution | No | No |
CVE-2024-30018 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30019 | DHCP Server Service Denial of Service Vulnerability | Windows DHCP Server | Important | 6.5 | Denial of Service | No | No |
CVE-2024-30020 | Windows Cryptographic Services Remote Code Execution Vulnerability | Windows Cryptographic Services | Important | 8.1 | Remote Code Execution | No | No |
CVE-2024-30021 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Windows Mobile Broadband | Important | 6.8 | Remote Code Execution | No | No |
CVE-2024-30022 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Important | 7.5 | Remote Code Execution | No | No |
CVE-2024-30023 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Important | 7.5 | Remote Code Execution | No | No |
CVE-2024-30044 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Critical | 8.8 | Remote Code Execution | No | No |
CVE-2024-30050 | Windows Mark of the Web Security Feature Bypass Vulnerability | Windows Mark of the Web (MOTW) | Moderate | 5.4 | Security Feature Bypass | No | No |
CVE-2024-30053 | Azure Migrate Cross-Site Scripting Vulnerability | Azure Migrate | Important | 6.5 | Spoofing | No | No |
CVE-2024-30059 | Microsoft Intune for Android Mobile Application Management Tampering Vulnerability | Microsoft Intune | Important | 6.1 | Tampering | No | No |
CVE-2024-26238 | Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability | Windows Task Scheduler | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-29994 | Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability | Microsoft Windows SCSI Class System File | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Important | 7.5 | Remote Code Execution | No | No |
CVE-2024-30025 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows Common Log File System Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30027 | NTFS Elevation of Privilege Vulnerability | Windows NTFS | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30028 | Win32k Elevation of Privilege Vulnerability | Windows Win32K – ICOMP | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30029 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Important | 7.5 | Remote Code Execution | No | No |
CVE-2024-30030 | Win32k Elevation of Privilege Vulnerability | Windows Win32K – GRFX | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30031 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | Windows CNG Key Isolation Service | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30032 | Windows DWM Core Library Elevation of Privilege Vulnerability | Windows DWM Core Library | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30033 | Windows Search Service Elevation of Privilege Vulnerability | Microsoft Windows Search Component | Important | 7 | Elevation of Privilege | No | No |
CVE-2024-30034 | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | Windows Cloud Files Mini Filter Driver | Important | 5.5 | Information Disclosure | No | No |
CVE-2024-30035 | Windows DWM Core Library Elevation of Privilege Vulnerability | Windows DWM Core Library | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30036 | Windows Deployment Services Information Disclosure Vulnerability | Windows Deployment Services | Important | 6.5 | Information Disclosure | No | No |
CVE-2024-30037 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows Common Log File System Driver | Important | 7.5 | Elevation of Privilege | No | No |
CVE-2024-30038 | Win32k Elevation of Privilege Vulnerability | Windows Win32K – ICOMP | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30039 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | Windows Remote Access Connection Manager | Important | 5.5 | Information Disclosure | No | No |
CVE-2024-30040 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Windows MSHTML Platform | Important | 8.8 | Security Feature Bypass | Yes | No |
CVE-2024-30041 | Microsoft Bing Search Spoofing Vulnerability | Microsoft Bing | Important | 5.4 | Spoofing | No | No |
CVE-2024-30042 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Important | 7.8 | Remote Code Execution | No | No |
CVE-2024-30043 | Microsoft SharePoint Server Information Disclosure Vulnerability | Microsoft Office SharePoint | Important | 6.5 | Information Disclosure | No | No |
CVE-2024-30045 | .NET and Visual Studio Remote Code Execution Vulnerability | .NET and Visual Studio | Important | 6.3 | Remote Code Execution | No | No |
CVE-2024-30046 | Visual Studio Denial of Service Vulnerability | Visual Studio | Important | 5.9 | Denial of Service | No | Yes |
CVE-2024-30047 | Dynamics 365 Customer Insights Spoofing Vulnerability | Microsoft Dynamics 365 Customer Insights | Important | 7.6 | Spoofing | No | No |
CVE-2024-30048 | Dynamics 365 Customer Insights Spoofing Vulnerability | Microsoft Dynamics 365 Customer Insights | Important | 7.6 | Spoofing | No | No |
CVE-2024-30049 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Windows Win32K – ICOMP | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-30051 | Windows DWM Core Library Elevation of Privilege Vulnerability | Windows DWM Core Library | Important | 7.8 | Elevation of Privilege | Yes | Yes |
CVE-2024-32004 | GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories | Visual Studio | Important | 8.1 | Remote Code Execution | No | No |
CVE-2024-30054 | Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability | Power BI | Important | 6.5 | Information Disclosure | No | No |
Quickly Find and Fix Your Most At-Risk Weaknesses
Watch this demo to see how Frontline VM can help.