Home > Security Bulletins > Microsoft patch tuesday June 2024

Microsoft patch tuesday June 2024

Microsoft
Microsoft patch tuesday June 2024

Microsoft Patch Tuesday

 

This month’s Patch Tuesday has security updates to fix 1 actively exploited zero-days and a total of 51 vulnerabilities. The exploited zero day is regarding the remote code execution vulnerability in Microsoft Message Queuing (MSMQ).

 

The most important patches are:

CVE-2023-50868, CVSS 3.1: 7.5 (High): DOS (denial of service) issue impacting the DNSSEC validation process that could cause CPU exhaustion of a DNSSEC-validating resolver.

CVE-2024-30080, CVSS 3.1: 9.8 (Critical): this vulnerability is regarding the remote code execution flaw in the Microsoft Message Queuing (MSMQ) Microsoft states: To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server,” Microsoft said. “This could result in remote code execution on the server side.”

 

The patches this month break down as follows:

  • 25 Privilege Escalation
  • 18 Remote Code Execution
  • 5 Denial of Service
  • 3 Information Disclosure