Microsoft Releases July 2024 Security Updates

Scheduled updates for Microsoft products fix 139 vulnerabilities, including two zero-day vulnerabilities

Threat ID:: CC-4523
Threat Severity:: Medium
Published:: 10 July 2024 2:38 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled updates for Microsoft products fix 139 vulnerabilities, including two zero-day vulnerabilities

Affected platforms

The following platforms are known to be affected:

Microsoft Windows

Windows 10 version 1607 and later
Windows 11 version 21H2 and later

Windows Server

Windows Server 2008
Windows Server 2012
Windows Server 2016
Windows Server 2019
Windows Server 2022

Microsoft Visual Studio

Visual Studio 2022 version 17.4
Visual Studio 2022 version 17.6
Visual Studio 2022 version 17.8
Visual Studio 2022 version 17.10

.NET Core

.NET 8.0

Microsoft SharePoint Server

SharePoint Enterprise Server 2016
SharePoint Server 2019
SharePoint Server Subscription Edition

The following platforms are also known to be affected:

Active Directory Rights Management Services
Azure CycleCloud
Azure DevOps
Azure Kinect SDK
Azure Network Watcher
Line Printer Daemon Service (LPD)
Microsoft Defender for IoT
Microsoft Dynamics
Microsoft Graphics Component
Microsoft Office
Microsoft Office Outlook
Microsoft Office SharePoint
Microsoft Streaming Service
Microsoft Windows Codecs Library
Microsoft WS-Discovery
NDIS
NPS RADIUS Server
SQL Server
Windows Kernel
Windows NTLM
Windows PowerShell
Windows Remote Desktop

Threat details

Zero-day exploitation of CVE-2024-38080 and CVE-2024-38112 observed

Microsoft has reported that both CVE-2024-38080 and CVE-2024-38112 are under active exploitation as zero-day vulnerabilities. A proof-of-concept exploit for CVE-2024-38112 has been detailed publicly by security researchers.

Additionally, Microsoft has reported that public proof-of-concept code has been disclosed for CVE-2024-35264. Future exploitation of CVE-2024-35264 is considered likely.

Introduction

Microsoft has released security updates to address 139 vulnerabilities, including two zero-day vulnerabilities, and two which could lead to remote code execution.

Vulnerability details

CVE-2024-38080 - Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2024-38080 is an 'integer overflow or wraparound' vulnerability in Microsoft Windows Hyper-V with a CVSSv3 score of 7.8. Successful exploitation by a local attacker could lead to privilege escalation under the context of SYSTEM. This vulnerability is under active exploitation as a zero-day.

CVE-2024-38112 - Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-38112 is an 'exposure of resource to wrong sphere' vulnerability in the Microsoft Windows MSHTML browser engine with a CVSSv3 score of 7.5. Successful exploitation by a remote attacker requires user interaction through clicking on a malicious Windows Internet Shortcut file (.url extension) and could lead to arbitrary code execution. This vulnerability is under active exploitation as a zero-day.

CVE-2024-35264 - .NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-35264 is a 'use after free' vulnerability in .NET Core and Visual Studio with a CVSSv3 score of 8.1. Successful exploitation by a remote attacker could lead to arbitrary code execution after winning a race condition. A public proof-of-concept exploit is available.

CVE-2024-38023 - Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-38023 is a 'deserialisation of untrusted data' vulnerability in Microsoft SharePoint Server with a CVSSv3 score of 7.2. Successful exploitation by a remote, authenticated attacker could lead to arbitrary code execution.