Microsoft have released a security advisory on the 11th of September 2024 in line with their regular monthly patch schedule which includes a number of updates to address three (3) Extremely high risk and three (3) medium risk vulnerabilities.
These updates address vulnerabilities which may impact services through Denial of Service, Elevation of Privilege, Remote Code Execution, Security Restriction Bypass, Information Disclosure and Spoofing.
For more information please see: Microsoft Security Update
This release consists of security updates for the following products, features and roles:
- Azure CycleCloud
- Azure Network Watcher
- Azure Stack
- Azure Web Apps
- Dynamics Business Central
- Microsoft AutoUpdate (MAU)
- Microsoft Dynamics 365 (on-premises)
- Microsoft Graphics Component
- Microsoft Management Console
- Microsoft Office Excel
- Microsoft Office Publisher
- Microsoft Office SharePoint
- Microsoft Office Visio
- Microsoft Outlook for iOS
- Microsoft Streaming Service
- Power Automate
- Role: Windows Hyper-V
- SQL Server
- Windows Admin Center
- Windows AllJoyn API
- Windows Authentication Methods
- Windows DHCP Server
- Windows Installer
- Windows Kerberos
- Windows Kernel-Mode Drivers
- Windows Libarchive
- Windows Mark of the Web (MOTW)
- Windows MSHTML Platform
- Windows Network Address Translation (NAT)
- Windows Network Virtualization
- Windows PowerShell
- Windows Remote Access Connection Manager
- Windows Remote Desktop Licensing Service
- Windows Security Zone Mapping
- Windows Setup and Deployment
- Windows Standards-Based Storage Management Service
- Windows Storage
- Windows TCP/IP
- Windows Update
- Windows Win32K - GRFX
- Windows Win32K - ICOMP
CVE-2024-38226 is being exploited in the wild and an attacker who successfully exploits this vulnerability could bypass Office macro policies used to block untrusted or malicious files.
CVE-2024-38014 is being exploited in the wild and an attacker who successfully exploits this vulnerability could gain SYSTEM privileges.
CVE-2024-38217 is being exploited in the wild and this vulnerability can be exploited to bypass the Mark of the Web (MOTW) defences.
Exploitation of CVE-2024-43491 is being detected and an attacker who successfully exploits this vulnerability can initiate pre-auth remote code execution. Microsoft has stated that there is no evidence of direct exploitation of this CVE but it has observed rollbacks of CVEs related to Optional Components for Windows 10 (version 1507) which prompted Microsoft to apply the exploitability assessment for this vulnerability.
Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.
support@matscosolutions.com
Beijing +86 400 120 2782
Hong Kong +852 8101 8418
London +44 (0)20 7821 4950
New York +1 866 446 9226
Singapore +65 6100 1090