Microsoft August 2024 Patch Tuesday

226/2024

Critical

August 14, 2024

11:30 am

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed nine zero-day vulnerabilities.

Microsoft has fixed (89) vulnerabilities, with (8) classified as critical as they could allow the attacker to execute arbitrary code, which could result in remote code execution, gain access, and gain elevated privileges to the affected products.

August’s Patch Tuesday was released to fix security flaws in several Microsoft products such as Windows .NET, Visual Studio, Windows Security Center, Line Printer Daemon Service (LPD), Microsoft Bluetooth Driver, Microsoft Copilot Studio, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Local Security Authority Server (lsasrv), Windows DWM Core Library, Windows Kernel, Windows TCP/IP, Windows Update Stack, Microsoft Office, Microsoft Office Excel, Microsoft Office Visio, Microsoft Windows DNS, Reliable Multicast Transport Driver (RMCAST), Windows Ancillary Function Driver for WinSock, Microsoft Outlook and Microsoft Teams.

The six actively exploited zero-day vulnerabilities in August’s Patch are:

Scripting Engine Memory Corruption Vulnerability “CVE-2024-38178” allows attackers to initiate remote code execution.
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability “CVE-2024-38193″ allows the attacker to gain SYSTEM privileges on Windows systems.
Windows Mark of the Web Security Feature Bypass Vulnerability “CVE-2024- 38213 “allows attackers to create files that bypass Windows Mark of the Web security alerts.
Windows Kernel Elevation of Privilege Vulnerability “CVE-2024-38106″ allows attackers to gain SYSTEM privileges.
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability “CVE-2024-38107” allows attackers to gain SYSTEM privileges.
Microsoft Project Remote Code Execution Vulnerability “CVE-2024-38189” allows the attacker to perform remote code execution.

Sample of the addressed vulnerabilities:

1. Microsoft Windows Reliable Multicast Transport Driver (RMCAST) Code Execution Vulnerability (CVE-2024-38140):

CVSS: 9.8
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Gain Access

2. Microsoft Azure Health Bot Privilege Escalation Vulnerability (CVE-2024- 38109):

CVSS: 9.1
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Gain Privileges

Vulnerabilities

Microsoft MSRC

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Microsoft MSRC

References

Microsoft MSRC

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.