Microsoft Monthly Security Update – 10 April 2024

In Cyber Security by Matsco Engineering Team

 

Microsoft have released a security advisory on the 10th of April 2024 in line with their regular monthly patch schedule which includes a number of updates to address one (1) high risk, six (6) medium risk and one (1) low risk vulnerabilities. 

These updates address vulnerabilities which may impact services through Spoofing, Security Restriction Bypass, Remote Code Execution, Denial of Service, Information Disclosure and Elevation of Privilege. 

For more information please see: Microsoft Security Update

This release consists of security updates for the following products, features and roles:

  • Windows BitLocker
  • Windows Secure Boot
  • Microsoft Office Outlook
  • Windows Remote Procedure Call
  • Azure Private 5G Core
  • Windows Kernel
  • Microsoft Defender for IoT
  • .NET and Visual Studio
  • Azure Compute Gallery
  • Windows Authentication Methods
  • Microsoft Install Service
  • Windows DWM Core Library
  • Windows Routing and Remote Access Service (RRAS)
  • Windows Kerberos
  • Azure Migrate
  • Windows DHCP Server
  • Windows Remote Access Connection Manager
  • Windows Message Queuing
  • Windows Local Security Authority Subsystem Service (LSASS)
  • Microsoft WDAC OLE DB provider for SQL
  • Microsoft Brokering File System
  • Microsoft WDAC ODBC Driver
  • Windows File Server Resource Management Service
  • Windows HTTP.sys
  • Windows Mobile Hotspot
  • Role: DNS Server
  • Windows Distributed File System (DFS)
  • Windows Cryptographic Services
  • Windows Proxy Driver
  • Windows Update Stack
  • Windows Defender Credential Guard
  • Windows Win32K - ICOMP
  • Windows Telephony Server
  • Windows USB Print Driver
  • Microsoft Office SharePoint
  • Windows Internet Connection Sharing (ICS)
  • Windows Virtual Machine Bus
  • Windows Compressed Folder
  • Microsoft Office Excel
  • SQL Server
  • Azure Arc
  • Microsoft Edge (Chromium-based)
  • Windows Storage
  • Azure AI Search
  • Role: Windows Hyper-V
  • Internet Shortcut Files
  • Azure Monitor
  • Microsoft Azure Kubernetes Service
  • Azure SDK
  • Azure

 

CVE-2024-26234 is being exploited in the wild and is a Proxy Driver Spoofing Vulnerability.

Matsco recommends any affected systems are updated as soon as convenient 

Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.

support@matscosolutions.com

Beijing  +86 400 120 2782
Hong Kong  +852 8101 8418
London   +44 (0)20 7821 4950
New York  +1 866 446 9226
Singapore  +65 6100 1090

Share this Post