Microsoft Patch Tuesday - March 2024

Published: 2024-03-12
Last Updated: 2024-03-12 17:53:50 UTC
by Johannes Ullrich (Version: 1)

This month's patches are oddly "light". We have patches for 60 vulnerabilities and 4 Chromium patches affecting Microsoft Edge. But only two of the vulnerabilities are rated as "Critical":

CVE-2024-21408: Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21407: Windows Hyper-V Remote Code Execution Vulnerability

Oddly, Microsoft considers a DoS vulnerability "critical". However, a DoS against Hyper-V could have a significant impact, which may justify the rating. The code execution vulnerability justifies a rating of critical. However, exploitation requires an attacker to first gain a foothold inside a virtual machine.

Other vulnerabilities of interest:

CVE-2024-26198: A remote code execution vulnerability for Exchange Server. This is a DLL loading issue that is typically more difficult to exploit. Authentication is required to exploit the vulnerability.

Overall, this Patch Tuesday doesn't look too bad. Follow your normal patch management process. There is no need to get all worked up; tomorrow morning: Have some coffee, test... and later deploy once the tests are completed successfully.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-21392	No	No	-	-	Important	7.5	6.7
Azure Data Studio Elevation of Privilege Vulnerability
CVE-2024-26203	No	No	-	-	Important	7.3	7.0
Azure SDK Spoofing Vulnerability
CVE-2024-21421	No	No	-	-	Important	7.5	6.5
Chromium: CVE-2024-2173 Out of bounds memory access in V8
CVE-2024-2173	No	No	-	-	-
Chromium: CVE-2024-2174 Inappropriate implementation in V8
CVE-2024-2174	No	No	-	-	-
Chromium: CVE-2024-2176 Use after free in FedCM
CVE-2024-2176	No	No	-	-	-
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
CVE-2024-21431	No	No	-	-	Important	7.8	6.8
Intel: CVE-2023-28746 Register File Data Sampling (RFDS)
CVE-2023-28746	No	No	-	-	Important
Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2024-21438	No	No	-	-	Important	7.5	6.5
Microsoft Authenticator Elevation of Privilege Vulnerability
CVE-2024-21390	No	No	-	-	Important	7.1	6.2
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-21400	No	No	-	-	Important	9.0	8.1
Microsoft Defender Security Feature Bypass Vulnerability
CVE-2024-20671	No	No	-	-	Important	5.5	4.8
Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability
CVE-2024-26164	No	No	-	-	Important	8.8	7.7
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-21419	No	No	-	-	Important	7.6	6.6
Microsoft Edge for Android Spoofing Vulnerability
CVE-2024-26167	No	No	Less Likely	Less Likely	-	4.3	3.8
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2024-26198	No	No	-	-	Important	8.8	7.7
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability
CVE-2024-26201	No	No	-	-	Important	6.6	5.9
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-21451	No	No	-	-	Important	8.8	7.7
CVE-2024-26159	No	No	-	-	Important	8.8	7.7
CVE-2024-21440	No	No	-	-	Important	8.8	7.7
CVE-2024-26162	No	No	-	-	Important	8.8	7.7
Microsoft Office Elevation of Privilege Vulnerability
CVE-2024-26199	No	No	-	-	Important	7.8	6.8
Microsoft QUIC Denial of Service Vulnerability
CVE-2024-26190	No	No	-	-	Important	7.5	6.5
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-21426	No	No	-	-	Important	7.8	6.8
Microsoft Teams for Android Information Disclosure Vulnerability
CVE-2024-21448	No	No	-	-	Important	5.0	4.4
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21441	No	No	-	-	Important	8.8	7.7
CVE-2024-21444	No	No	-	-	Important	8.8	7.7
CVE-2024-21450	No	No	-	-	Important	8.8	7.7
CVE-2024-26161	No	No	-	-	Important	8.8	7.7
CVE-2024-26166	No	No	-	-	Important	8.8	7.7
Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
CVE-2024-21434	No	No	-	-	Important	7.8	6.8
NTFS Elevation of Privilege Vulnerability
CVE-2024-21446	No	No	-	-	Important	7.8	6.8
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2024-21330	No	No	-	-	Important	7.8	7.0
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
CVE-2024-21334	No	No	-	-	Important	9.8	8.5
Outlook for Android Information Disclosure Vulnerability
CVE-2024-26204	No	No	-	-	Important	7.5	6.5
Skype for Consumer Remote Code Execution Vulnerability
CVE-2024-21411	No	No	-	-	Important	8.8	7.7
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
CVE-2024-21418	No	No	-	-	Important	7.8	6.8
Visual Studio Code Elevation of Privilege Vulnerability
CVE-2024-26165	No	No	-	-	Important	8.8	7.7
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2024-26160	No	No	-	-	Important	5.5	4.8
Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability
CVE-2024-26170	No	No	-	-	Important	7.8	6.8
Windows Compressed Folder Tampering Vulnerability
CVE-2024-26185	No	No	-	-	Important	6.5	5.7
Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2024-26169	No	No	-	-	Important	7.8	6.8
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-21437	No	No	-	-	Important	7.8	6.8
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21408	No	No	-	-	Critical	5.5	4.8
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-21407	No	No	-	-	Critical	8.1	7.1
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-21436	No	No	-	-	Important	7.8	6.8
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-21427	No	No	-	-	Important	7.5	6.5
Windows Kernel Denial of Service Vulnerability
CVE-2024-26181	No	No	-	-	Important	5.5	4.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21443	No	No	-	-	Important	7.3	6.4
CVE-2024-26173	No	No	-	-	Important	7.8	6.8
CVE-2024-26176	No	No	-	-	Important	7.8	6.8
CVE-2024-26178	No	No	-	-	Important	7.8	6.8
CVE-2024-26182	No	No	-	-	Important	7.8	6.8
Windows Kernel Information Disclosure Vulnerability
CVE-2024-26174	No	No	-	-	Important	5.5	4.8
CVE-2024-26177	No	No	-	-	Important	5.5	4.8
Windows OLE Remote Code Execution Vulnerability
CVE-2024-21435	No	No	-	-	Important	8.8	7.7
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-21433	No	No	-	-	Important	7.0	6.1
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-26197	No	No	-	-	Important	6.5	5.7
Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-21439	No	No	-	-	Important	7.0	6.1
Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability
CVE-2024-21430	No	No	-	-	Important	5.7	5.1
Windows USB Hub Driver Remote Code Execution Vulnerability
CVE-2024-21429	No	No	-	-	Important	6.8	5.9
Windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-21442	No	No	-	-	Important	7.8	6.8
CVE-2024-21445	No	No	-	-	Important	7.0	6.1
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-21432	No	No	-	-	Important	7.0	6.1

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

Keywords: microsoft patches tuesday

0 comment(s)

Internet Storm Center

Microsoft Patch Tuesday - March 2024

Comments