Haberler

Microsoft Mayıs 2024 Patch Tuesday: 3 Zero Day, 61 Zafiyet Kapatıldı

Mehmet Sait YILMAZ fotoğrafı Mehmet Sait YILMAZ Bir e-posta göndermek 14/05/2024
0 3 dakika okuma süresi

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 3 adet Zero day güvenlik açığı ve toplam 61 zafiyeti kapattı.

Kapatılan zafiyetler aşağıdaki gibi:

  • 17 Elevation of Privilege Vulnerabilities
  • 2 Security Feature Bypass Vulnerabilities
  • 27 Remote Code Execution Vulnerabilities
  • 7 Information Disclosure Vulnerabilities
  • 3 Denial of Service Vulnerabilities
  • 4 Spoofing Vulnerabilities

Üç Adet Zero Day Kapatıldı

CVE-2024-30040 – Windows MSHTML Platform Security Feature Bypass Vulnerability

CVE-2024-30051 – Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2024-30046Visual Studio Denial of Service Vulnerability

Mayıs 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

TagCVE IDCVE TitleSeverity
.NET and Visual StudioCVE-2024-30045.NET and Visual Studio Remote Code Execution VulnerabilityImportant
Azure MigrateCVE-2024-30053Azure Migrate Cross-Site Scripting VulnerabilityImportant
Microsoft BingCVE-2024-30041Microsoft Bing Search Spoofing VulnerabilityImportant
Microsoft Brokering File SystemCVE-2024-30007Microsoft Brokering File System Elevation of Privilege VulnerabilityImportant
Microsoft Dynamics 365 Customer InsightsCVE-2024-30048Dynamics 365 Customer Insights Spoofing VulnerabilityImportant
Microsoft Dynamics 365 Customer InsightsCVE-2024-30047Dynamics 365 Customer Insights Spoofing VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2024-4558Chromium: CVE-2024-4558 Use after free in ANGLEUnknown
Microsoft Edge (Chromium-based)CVE-2024-4331Chromium: CVE-2024-4331 Use after free in Picture In PictureUnknown
Microsoft Edge (Chromium-based)CVE-2024-4671Chromium: CVE-2024-4671 Use after free in VisualsUnknown
Microsoft Edge (Chromium-based)CVE-2024-30055Microsoft Edge (Chromium-based) Spoofing VulnerabilityLow
Microsoft Edge (Chromium-based)CVE-2024-4368Chromium: CVE-2024-4368 Use after free in DawnUnknown
Microsoft Edge (Chromium-based)CVE-2024-4559Chromium: CVE-2024-4559 Heap buffer overflow in WebAudioUnknown
Microsoft IntuneCVE-2024-30059Microsoft Intune for Android Mobile Application Management Tampering VulnerabilityImportant
Microsoft Office ExcelCVE-2024-30042Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2024-30044Microsoft SharePoint Server Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2024-30043Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-30006Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft Windows SCSI Class System FileCVE-2024-29994Microsoft Windows SCSI Class System File Elevation of Privilege VulnerabilityImportant
Microsoft Windows Search ComponentCVE-2024-30033Windows Search Service Elevation of Privilege VulnerabilityImportant
Power BICVE-2024-30054Microsoft Power BI Client JavaScript SDK Information Disclosure VulnerabilityImportant
Visual StudioCVE-2024-30046Visual Studio Denial of Service VulnerabilityImportant
Visual StudioCVE-2024-32004GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositoriesImportant
Visual StudioCVE-2024-32002CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code ExecutionImportant
Windows Cloud Files Mini Filter DriverCVE-2024-30034Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityImportant
Windows CNG Key Isolation ServiceCVE-2024-30031Windows CNG Key Isolation Service Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2024-29996Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2024-30037Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2024-30025Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Cryptographic ServicesCVE-2024-30020Windows Cryptographic Services Remote Code Execution VulnerabilityImportant
Windows Cryptographic ServicesCVE-2024-30016Windows Cryptographic Services Information Disclosure VulnerabilityImportant
Windows Deployment ServicesCVE-2024-30036Windows Deployment Services Information Disclosure VulnerabilityImportant
Windows DHCP ServerCVE-2024-30019DHCP Server Service Denial of Service VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30008Windows DWM Core Library Information Disclosure VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30051Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30035Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30032Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows Hyper-VCVE-2024-30011Windows Hyper-V Denial of Service VulnerabilityImportant
Windows Hyper-VCVE-2024-30017Windows Hyper-V Remote Code Execution VulnerabilityImportant
Windows Hyper-VCVE-2024-30010Windows Hyper-V Remote Code Execution VulnerabilityImportant
Windows KernelCVE-2024-30018Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows Mark of the Web (MOTW)CVE-2024-30050Windows Mark of the Web Security Feature Bypass VulnerabilityModerate
Windows Mobile BroadbandCVE-2024-30002Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-29997Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30003Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30012Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-29999Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-29998Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30000Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30005Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30004Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30021Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30001Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows MSHTML PlatformCVE-2024-30040Windows MSHTML Platform Security Feature Bypass VulnerabilityImportant
Windows NTFSCVE-2024-30027NTFS Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2024-30039Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30009Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30024Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30015Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30029Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30023Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30014Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30022Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Task SchedulerCVE-2024-26238Microsoft PLUGScheduler Scheduled Task Elevation of Privilege VulnerabilityImportant
Windows Win32K – GRFXCVE-2024-30030Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-30038Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-30049Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-30028Win32k Elevation of Privilege VulnerabilityImportant
Mehmet Sait YILMAZ fotoğrafı Mehmet Sait YILMAZ Bir e-posta göndermek 14/05/2024
0 3 dakika okuma süresi
Mehmet Sait YILMAZ fotoğrafı

Mehmet Sait YILMAZ

İlgili Makaleler

Palo Alto’daki Kritik Zero Day Zafiyeti İstismar Ediliyor

19/11/2024

VMware vCenter İçin Kritik Uyarı!

19/11/2024
SpaceX’in Avrupalı Rakibi The Exploration Company, Yeni Projesi İçin 160 Milyon Dolar Yatırım Toplamayı Başardı

SpaceX’in Avrupalı Rakibi The Exploration Company, Yeni Projesi İçin 160 Milyon Dolar Yatırım Toplamayı Başardı

18/11/2024
Auckland Üniversitesi Araştırmacıları Yeni Yapay Zeka Tabanlı Aracı Serenity İle Siber Zorbalıkların Önüne Geçebilecek

Auckland Üniversitesi Araştırmacıları, Yeni Yapay Zeka Tabanlı Aracı Serenity İle Siber Zorbalıkların Önüne Geçebilecek

18/11/2024

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Başa dön tuşu