Microsoft July 2024 Patch Tuesday

July’s Patch Tuesday was released to fix security flaws in several Microsoft products such as Windows .NET, Visual Studio, Active Directory Rights Management Services, Intel, Line Printer Daemon Service (LPD), Microsoft Defender for IoT, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Streaming Service, Windows Hyper-V, SQL Server, Windows Kernel, Windows Workstation Service, Windows Remote Desktop, Windows DHCP Server, Microsoft Outlook and Microsoft Office SharePoint.

The actively exploited zero-day vulnerabilities in July’s Patch are:

• Windows Hyper-V Elevation of Privilege Vulnerability “CVE-2024-38080” allows attackers to gain SYSTEM privileges.
• Windows MSHTML Platform Spoofing Vulnerability “CVE-2024-38112″ allows the attacker to conduct spoofing attacks by persuading the victim to open a specially crafted file.
• .NET and Visual Studio Remote Code Execution Vulnerability “CVE-2024-35264″ allows attacker to execute arbitrary code, this could result in remote code execution on the affected product by closing an http/3 stream while the request body is being processed leading to a race condition.
• Systematic Identification and Characterization of Proprietary Prefetchers Vulnerability “CVE-2024-37985″ allows the attacker to view heap memory from a privileged process running on the server and obtain sensitive information.

Sample of the addressed vulnerabilities:

1. Microsoft Windows Remote Desktop Licensing Service Code Execution Vulnerability (CVE-2024-38076):

• CVSS: 9.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access

2. Microsoft Defender for IoT Privilege Escalation Vulnerability (CVE-2024-38089):

• CVSS: 9.1
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: High
• User Interaction: None
• Consequences: Gain Privileges