Microsoft September 2024 Patch Tuesday

Published: 2024-09-10. Last Updated: 2024-09-10 23:28:25 UTC
by Johannes Ullrich (Version: 1)

Today, Microsoft released its scheduled September set of patches. This update addresses 79 different vulnerabilities. Seven of these vulnerabilities are rated critical. Four vulnerabilities are already being exploited and have been made public.

Noteworthy Vulnerabilities:

CVE-2024-43491: This "downgrade" vulnerabilities. An attacker can remove previously applied patches and exploit older vulnerabilities. This issue only affects Windows 10 Version 1507, which is EOL. It appears to differ from the similar vulnerabilities (CVE-2024-38202 and CVE-2024-21302) made public by Alon Leviev during Blackhat this year. These two vulnerabilities appear to remain unpatched.

CVE-2024-38014: A Windows Installer issue could lead to attackers gaining System access.

CVE-2024-38217: Yet another "Mark of the Web" bypass that is already exploited and could be used to trick a victim into installing malware.

CVE-2024-38226: Similar to the above vulnerability, a security feature bypass in Publisher.

Microsoft also patched four remote code execution vulnerabilities in Sharepoint, but the lower CVSS score indicates that exploitation will require access and specific prerequisites.

CVE-2024-38119: A critical vulnerability in the Windows NAT code. The low CVSS score is likely because this is not enabled by default.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-43469	No	No	-	-	Important	8.8	7.7
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-38188	No	No	-	-	Important	7.1	6.2
CVE-2024-43470	No	No	-	-	Important	7.3	6.4
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38216	No	No	-	-	Critical	8.2	7.1
CVE-2024-38220	No	No	-	-	Critical	9.0	7.8
Azure Web Apps Elevation of Privilege Vulnerability
CVE-2024-38194	No	No	-	-	Critical	8.4	7.3
DHCP Server Service Denial of Service Vulnerability
CVE-2024-38236	No	No	-	-	Important	7.5	6.5
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38241	No	No	-	-	Important	7.8	6.8
CVE-2024-38242	No	No	-	-	Important	7.8	6.8
CVE-2024-38238	No	No	-	-	Important	7.8	6.8
CVE-2024-38243	No	No	-	-	Important	7.8	6.8
CVE-2024-38244	No	No	-	-	Important	7.8	6.8
CVE-2024-38245	No	No	-	-	Important	7.8	6.8
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38237	No	No	-	-	Important	7.8	6.8
Microsoft AllJoyn API Information Disclosure Vulnerability
CVE-2024-38257	No	No	-	-	Important	7.5	6.5
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVE-2024-43492	No	No	-	-	Important	7.8	6.8
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-43476	No	No	-	-	Important	7.6	6.6
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-38225	No	No	-	-	Important	8.8	7.7
Microsoft Excel Elevation of Privilege Vulnerability
CVE-2024-43465	No	No	-	-	Important	7.8	6.8
Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-38259	No	No	-	-	Important	8.8	7.7
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43463	No	No	-	-	Important	7.8	6.8
Microsoft Outlook for iOS Information Disclosure Vulnerability
CVE-2024-43482	No	No	-	-	Important	6.5	5.7
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
CVE-2024-43479	No	No	-	-	Important	8.5	7.4
Microsoft Publisher Security Feature Bypass Vulnerability
CVE-2024-38226	No	Yes	-	-	Important	7.3	6.4
Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-37965	No	No	-	-	Important	8.8	7.7
CVE-2024-37341	No	No	-	-	Important	8.8	7.7
CVE-2024-37980	No	No	-	-	Important	8.8	7.7
Microsoft SQL Server Information Disclosure Vulnerability
CVE-2024-43474	No	No	-	-	Important	7.6	6.6
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37966	No	No	-	-	Important	7.1	6.2
CVE-2024-37337	No	No	-	-	Important	7.1	6.2
CVE-2024-37342	No	No	-	-	Important	7.1	6.2
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37338	No	No	-	-	Important	8.8	7.7
CVE-2024-37335	No	No	-	-	Important	8.8	7.7
CVE-2024-37340	No	No	-	-	Important	8.8	7.7
CVE-2024-37339	No	No	-	-	Important	8.8	7.7
CVE-2024-26186	No	No	-	-	Important	8.8	7.7
CVE-2024-26191	No	No	-	-	Important	8.8	7.7
Microsoft SharePoint Server Denial of Service Vulnerability
CVE-2024-43466	No	No	-	-	Important	6.5	5.7
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38018	No	No	-	-	Critical	8.8	7.7
CVE-2024-43464	No	No	-	-	Critical	7.2	6.3
CVE-2024-38227	No	No	-	-	Important	7.2	6.3
CVE-2024-38228	No	No	-	-	Important	7.2	6.3
Microsoft Windows Admin Center Information Disclosure Vulnerability
CVE-2024-43475	No	No	-	-	Important	7.3	6.4
Microsoft Windows Update Remote Code Execution Vulnerability
CVE-2024-43491	No	Yes	-	-	Critical	9.8	8.5
PowerShell Elevation of Privilege Vulnerability
CVE-2024-38046	No	No	-	-	Important	7.8	6.8
Win32k Elevation of Privilege Vulnerability
CVE-2024-38246	No	No	-	-	Important	7.0	6.1
Windows Authentication Information Disclosure Vulnerability
CVE-2024-38254	No	No	-	-	Important	5.5	4.8
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38249	No	No	-	-	Important	7.8	6.8
CVE-2024-38250	No	No	-	-	Important	7.8	6.8
CVE-2024-38247	No	No	-	-	Important	7.8	6.8
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-38235	No	No	-	-	Important	6.5	5.7
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-38014	No	Yes	-	-	Important	7.8	6.8
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38239	No	No	-	-	Important	7.2	6.3
Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-38256	No	No	-	-	Important	5.5	4.8
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43461	No	No	-	-	Important	8.8	7.7
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38217	Yes	Yes	-	-	Important	5.4	5.0
CVE-2024-43487	No	No	-	-	Moderate	6.5	6.0
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
CVE-2024-38119	No	No	-	-	Critical	7.5	6.5
Windows Networking Denial of Service Vulnerability
CVE-2024-38232	No	No	-	-	Important	7.5	6.5
CVE-2024-38233	No	No	-	-	Important	7.5	6.5
CVE-2024-38234	No	No	-	-	Important	6.5	5.7
Windows Networking Information Disclosure Vulnerability
CVE-2024-43458	No	No	-	-	Important	7.7	6.7
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-38240	No	No	-	-	Important	8.1	7.1
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38231	No	No	-	-	Important	6.5	5.7
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
CVE-2024-38258	No	No	-	-	Important	6.5	5.7
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43467	No	No	-	-	Important	7.5	6.5
CVE-2024-38260	No	No	-	-	Important	8.8	7.7
CVE-2024-38263	No	No	-	-	Important	7.5	6.5
CVE-2024-43454	No	No	-	-	Important	7.1	6.2
Windows Remote Desktop Licensing Service Spoofing Vulnerability
CVE-2024-43455	No	No	-	-	Important	8.8	7.7
Windows Security Zone Mapping Security Feature Bypass Vulnerability
CVE-2024-30073	No	No	-	-	Important	7.8	6.8
Windows Setup and Deployment Elevation of Privilege Vulnerability
CVE-2024-43457	No	No	-	-	Important	7.8	6.8
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-38230	No	No	-	-	Important	6.5	5.7
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-38248	No	No	-	-	Important	7.0	6.3
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-21416	No	No	-	-	Important	8.1	7.1
CVE-2024-38045	No	No	-	-	Important	8.1	7.1
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38252	No	No	-	-	Important	7.8	6.8
CVE-2024-38253	No	No	-	-	Important	7.8	6.8
Windows libarchive Remote Code Execution Vulnerability
CVE-2024-43495	No	No	-	-	Important	7.3	6.4

Vulnerabilities: 79

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

Keywords:

1 comment(s)

Internet Storm Center

Microsoft September 2024 Patch Tuesday

Comments