[German]On April 9, 2024, Microsoft released security updates for Windows clients and servers, Office and other products. The security updates address 147 vulnerabilities (CVEs), including three critical vulnerabilities. Below is a compact overview of these updates that were released on Patchday.
Advertising
Notes on the updates
You can find a list of updates on this Microsoft page. Details on the update packages for Windows, Office etc. are available in separate blog posts.
Windows 10/11, Windows Server
All Windows 10/11 updates (as well as the updates of the server counterparts) are cumulative. The monthly patchday update contains all security fixes for these Windows versions – as well as all non-security fixes up to the patchday. In addition to the security patches for the vulnerabilities, the updates also contain fixes to fix bugs or new features.
Windows Server 2012 R2
Windows Server 2012 /R2 will receive regular security updates until October 2023. After this date, an ESU license will be required to obtain further security updates (Windows Server 201).
Fixed vulnerabilities
At Tenable there is this blog post with an overview of the fixed vulnerabilities (this time no 0-day included). Here are some of the critical vulnerabilities that have been fixed:
- CVE-2024-29988: SmartScreen Prompt Security Feature Bypass vulnerability, CVEv3 Score 8.8, important; An attacker could exploit this vulnerability by tricking a target into opening a specially crafted file. This would be possible via social engineering tactics such as an external link or a malicious attachment sent via email, instant messages or social media. This vulnerability was reported to Microsoft by some of the same researchers who uncovered CVE-2024-21412, an Internet shortcut file security feature bypass that was linked to a DarkGate campaign that used fake installation files posing as Apple iTunes, Notion, NVIDIA and others.
- CVE-2024-29990: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege vulnerability, CVEv3 Score 9.0, important; Exploitation of this vulnerability depends on the preparation of a target environment by an attacker. Successful exploitation would allow an attacker to "steal credentials and influence resources outside of the AKSCC managed security perimeter". This includes taking over "confidential guests as well as containers outside the network stack to which they may be bound".
- 41 Microsoft ODBC Driver, WDAC OLE DB Driver and OLE DB Driver for SQL Server Remote Code Execution vulnerabilities, CVEv3 Score 7.5 – 8.8, all classified as "Exploitation Less Likely". Details can be found at Tenable and Microsoft.
- 24 Microsoft Secure Boot Security Feature Bypass vulnerabilities, CVEv3 Score 4.1 – 8.0, all classified as "Exploitation Less Likely". Details can be found at Tenable and Microsoft.
A list of all covered CVEs can be found on this Microsoft site, excerpts are available at Tenable. Below is the list of patched products:
- .NET and Visual Studio
- Azure
- Azure AI Search
- Azure Arc
- Azure Compute Gallery
- Azure Migrate
- Azure Monitor
- Azure Private 5G Core
- Azure SDK
- Intel
- Internet Shortcut Files
- Microsoft Azure Kubernetes Service
- Microsoft Brokering File System
- Microsoft Defender for IoT
- Microsoft Edge (Chromium-based)
- Microsoft Install Service
- Microsoft Office Excel
- Microsoft Office Outlook
- Microsoft Office SharePoint
- Microsoft WDAC ODBC Driver
- Microsoft WDAC OLE DB provider for SQL
- Role: DNS Server
- Role: Windows Hyper-V
- SQL Server
- Windows Authentication Methods
- Windows BitLocker
- Windows Compressed Folder
- Windows Cryptographic Services
- Windows DHCP Server
- Windows DWM Core Library
- Windows Defender Credential Guard
- Windows Distributed File System (DFS)
- Windows File Server Resource Management Service
- Windows HTTP.sys
- Windows Internet Connection Sharing (ICS)
- Windows Kerberos
- Windows Kernel
- Windows Local Security Authority Subsystem Service (LSASS)
- Windows Message Queuing
- Windows Mobile Hotspot
- Windows Proxy Driver
- Windows Remote Access Connection Manager
- Windows Remote Procedure Call
- Windows Routing and Remote Access Service (RRAS)
- Windows Secure Boot
- Windows Storage
- Windows Telephony Server
- Windows USB Print Driver
- Windows Update Stack
- Windows Virtual Machine Bus
- Windows Win32K – ICOMP
Similar article:
Office Updates (April 2, 2024)
Microsoft Security Update Summary (April 9, 2024)
Patchday: Windows 10-Updates (April 9, 2024)
Patchday: Windows 11/Server 2022-Updates (April 9, 2024)
Windows Server 2012 / R2 and Windows 7 (April 9, 2024)
Microsoft Office Updates (April 9, 2024)
Advertising
Advertising