Microsoft May 2024 Patch Tuesday

May’s Patch Tuesday was released to fix security flaws in several Microsoft products such as Windows .NET, Visual Studio, Microsoft Brokering File System, Windows Kernel, Windows Hyper-V, Microsoft Dynamics 365 Customer Insights, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Windows Common Log File System Driver, Windows Deployment Services, Windows DWM Core Library Windows Routing and Remote Access Service (RRAS), Windows DHCP Server Windows NTFS Windows Task Scheduler, Microsoft Office Excel and Microsoft Office SharePoint.

The actively exploited zero-day vulnerabilities in May’s Patch are:

• Windows MSHTML Platform Security Feature Bypass Vulnerability allows attackers to gain code execution through convincing a user to open a malicious document at which point the attacker could execute arbitrary code in the context of the user – CVE-2024-30040.
• Windows DWM Core Library Elevation of Privilege Vulnerability allows the attacker to gain system privileges – CVE-2024-30051.
• Microsoft Visual Studio Denial of Service Vulnerability – CVE-2024-30046.

Sample of the addressed vulnerabilities:

1. Microsoft Visual Studio Remote Code Execution (CVE-2024-32002):

• CVSS: 9
• Attack Vector: Network
• Attack Complexity: High
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access

2. Windows MSHTML Platform Security Feature Bypass (CVE-2024-30040):

• CVSS: 8.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: Required
• Consequences: Bypass Security

3. Microsoft Windows Privilege Escalation (CVE-2024-30051):

• CVSS: 7.8
• Attack Vector: Local
• Attack Complexity: Low
• Privileges Required: Low
• User Interaction: None
• Consequences: Gain Privileges