Home > Security Bulletins > Microsoft Patch Tuesday – August 2024

Microsoft Patch Tuesday – August 2024

Microsoft
Microsoft Patch Tuesday August 2024

Microsoft Patch Tuesday August 2024

Summary

This month’s Patch Tuesday has security updates to fix 10 zero-day vulnerabilities with 6 of them being actively-exploited, 7 critical vulnerabilities and a total of 90 vulnerabilities.

The most important patches are:

CVE-2024-38063 – Windows TCP/IP Remote Code Execution Vulnerability. An attacker could remotely exploit this vulnerability by sending specially crafted IPv6 packets to a host. Microsoft’s mitigation suggestions suggest disabling IPv6 as only IPv6 packets can be abused to exploit this vulnerability. CVSS 3.1: 9.8 (Critical)

CVE-2024-38106 – Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVSS 3.1 7.0 (Important)

CVE-2024-38107 – Windows Power Dependency Coordinator Elevation of Privilege Vulnerability – pdc.sys is a driver responsible for power management on a windows system. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVSS3.1 7.8 (Important)

CVE-2024-38178 – Scripting Engine Memory Corruption Vulnerability. An Authenticated client is required to click a link in Microsoft Edge (in Internet explorer mode) in order for an unauthenticated attacker to initiate remote code execution. CVSS 3.1 7.5 (Important)

CVE-2024-38189 – Microsoft Project Remote Code Execution Vulnerability. Exploitation requires the victim to open a malicious Microsoft Office Project file on a system where the Block macros from running in Office files from the Internet policy is disabled and VBA Macro Notification Settings are not enabled allowing the attacker to perform remote code execution. CVSS3.1 8.8 (Important)

CVE-2024-38193 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVSS3.1 7.8 (Important)

CVE-2024-38213 – Windows Mark of the Web Security Feature Bypass Vulnerability. Successful exploitation of this vulnerability requires a user to open a crafted file hosted on a file server, website or sent via a phishing mail. If the victim opens this file they could bypass the Windows SmartScreen user experience. CVSS3.1 6.5 (Moderate)

 

The patches this month break down as follows:

  • 28 Remote code execution vulnerabilities
  • 36 Elevation of privilege vulnerabilities
  • 4 Security feature bypass vulnerabilities
  • 6 Denial of Service vulnerabilities
  • 6 Information disclosure vulnerabilities
  • 7 Spoofing vulnerabilities
  • 1 Tampering vulnerability

More information can be found here.

 

Affected Products

  • .NET and Visual Studio
  • Azure Connected Machine Agent
  • Azure CycleCloud
  • Azure Health Bot
  • Azure IoT SDK
  • Azure Stack
  • Line Printer Daemon Service (LPD)
  • Microsoft Bluetooth Driver
  • Microsoft Copilot Studio
  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Microsoft Local Security Authority Server (lsasrv)
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office PowerPoint
  • Microsoft Office Project
  • Microsoft Office Visio
  • Microsoft Streaming Service
  • Microsoft Teams
  • Microsoft WDAC OLE DB provider for SQL
  • Microsoft Windows DNS
  • Reliable Multicast Transport Driver (RMCAST)
  • Windows Ancillary Function Driver for WinSock
  • Windows App Installer
  • Windows Clipboard Virtual Channel Extension
  • Windows Cloud Files Mini Filter Driver
  • Windows Common Log File System Driver
  • Windows Compressed Folder
  • Windows Deployment Services
  • Windows DWM Core Library
  • Windows Initial Machine Configuration
  • Windows IP Routing Management Snapin
  • Windows Kerberos
  • Windows Kernel
  • Windows Kernel-Mode Drivers
  • Windows Layer-2 Bridge Network Driver
  • Windows Mark of the Web (MOTW)
  • Windows Mobile Broadband
  • Windows Network Address Translation (NAT)
  • Windows Network Virtualization
  • Windows NT OS Kernel
  • Windows NTFS
  • Windows Power Dependency Coordinator
  • Windows Print Spooler Components
  • Windows Resource Manager
  • Windows Routing and Remote Access Service (RRAS)
  • Windows Scripting
  • Windows Secure Kernel Mode
  • Windows Security Center
  • Windows SmartScreen
  • Windows TCP/IP
  • Windows Transport Security Layer (TLS)
  • Windows Update Stack
  • Windows WLAN Auto Config Service