Microsoft September 2024 Patch Tuesday

September’s Patch Tuesday was released to fix security flaws in several Microsoft products such as Azure Stack, Dynamics Business Central, Microsoft AutoUpdate (MAU), Microsoft Graphics Component, Microsoft Management Console, Microsoft Streaming Service, Power Automate, Windows Hyper-V, SQL Server, Windows Admin Center, Windows DHCP Server, Windows Installer, Windows Kerberos, Windows Kernel-Mode Drivers, Windows PowerShell, Windows Remote Access Connection Manager, Windows Remote Desktop Licensing Service, Windows TCP/IP, Windows Storage, Windows Update, Microsoft Office Visio, Microsoft Office Excel, and Microsoft Office SharePoint.

The actively exploited zero-day vulnerabilities in September’s Patch are:

• Windows Installer Elevation of Privilege Vulnerability “CVE-2024-38014” allows attackers to gain SYSTEM privileges on Windows systems.
• Windows Mark of the Web Security Feature Bypass Vulnerability “CVE-2024-38217″ allows the remote attacker to bypass security restrictions to cause an
  impact on integrity and availability.
• Microsoft Publisher Security Feature Bypass Vulnerability “CVE-2024-38226” allows the remote attacker to bypass security restrictions by persuading the
  victim to open a specially crafted file.
• Microsoft Windows Update Remote Code Execution Vulnerability “CVE-2024-43491” allows the attacker to execute arbitrary code and gain access to the affected product by sending a specially crafted request system.

Sample of the addressed vulnerabilities:

1. Microsoft Windows Update Code Execution Vulnerability (CVE-2024-43491):

• CVSS: 9.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access

2. Microsoft Azure Stack Hub Privilege Escalation Vulnerability (CVE-2024-38220):

• CVSS: 9
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: Low
• User Interaction: Required
• Consequences: Gain Privileges