Haberler

Microsoft Temmuz 2024 Patch Tuesday: 142 Zafiyet Kapatıldı

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 4 adet zero-day güvenlik açığı ve toplam 142 zafiyeti kapattı.

Kapatılan zafiyetler aşağıdaki gibi:

  • 26 Elevation of Privilege Vulnerabilities
  • 24 Security Feature Bypass Vulnerabilities
  • 59 Remote Code Execution Vulnerabilities
  • 9 Information Disclosure Vulnerabilities
  • 17 Denial of Service Vulnerabilities
  • 7 Spoofing Vulnerabilities

Dört adet zero-day kapatıldı!

CVE-2024-38080 – Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2024-38112 – Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-35264 – .NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-37985 – Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers

Temmuz 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

TagCVE IDCVE TitleSeverity
.NET and Visual StudioCVE-2024-30105.NET Core and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2024-38081.NET, .NET Framework, and Visual Studio Elevation of Privilege VulnerabilityImportant
.NET and Visual StudioCVE-2024-35264.NET and Visual Studio Remote Code Execution VulnerabilityImportant
.NET and Visual StudioCVE-2024-38095.NET and Visual Studio Denial of Service VulnerabilityImportant
Active Directory Rights Management ServicesCVE-2024-39684Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege VulnerabilityModerate
Active Directory Rights Management ServicesCVE-2024-38517Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege VulnerabilityModerate
Azure CycleCloudCVE-2024-38092Azure CycleCloud Elevation of Privilege VulnerabilityImportant
Azure DevOpsCVE-2024-35266Azure DevOps Server Spoofing VulnerabilityImportant
Azure DevOpsCVE-2024-35267Azure DevOps Server Spoofing VulnerabilityImportant
Azure Kinect SDKCVE-2024-38086Azure Kinect SDK Remote Code Execution VulnerabilityImportant
Azure Network WatcherCVE-2024-35261Azure Network Watcher VM Extension Elevation of Privilege VulnerabilityImportant
IntelCVE-2024-37985Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary PrefetchersImportant
Line Printer Daemon Service (LPD)CVE-2024-38027Windows Line Printer Daemon Service Denial of Service VulnerabilityImportant
Microsoft Defender for IoTCVE-2024-38089Microsoft Defender for IoT Elevation of Privilege VulnerabilityImportant
Microsoft DynamicsCVE-2024-30061Microsoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2024-38079Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2024-38051Windows Graphics Component Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2024-38021Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2024-38020Microsoft Outlook Spoofing VulnerabilityModerate
Microsoft Office SharePointCVE-2024-38024Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2024-38023Microsoft SharePoint Server Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2024-32987Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2024-38094Microsoft SharePoint Remote Code Execution VulnerabilityImportant
Microsoft Streaming ServiceCVE-2024-38057Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityImportant
Microsoft Streaming ServiceCVE-2024-38054Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityImportant
Microsoft Streaming ServiceCVE-2024-38052Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2024-38055Microsoft Windows Codecs Library Information Disclosure VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2024-38056Microsoft Windows Codecs Library Information Disclosure VulnerabilityImportant
Microsoft WS-DiscoveryCVE-2024-38091Microsoft WS-Discovery Denial of Service VulnerabilityImportant
NDISCVE-2024-38048Windows Network Driver Interface Specification (NDIS) Denial of Service VulnerabilityImportant
NPS RADIUS ServerCVE-2024-3596CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing VulnerabilityImportant
Role: Active Directory Certificate Services; Active Directory Domain ServicesCVE-2024-38061DCOM Remote Cross-Session Activation Elevation of Privilege VulnerabilityImportant
Role: Windows Hyper-VCVE-2024-38080Windows Hyper-V Elevation of Privilege VulnerabilityImportant
SQL ServerCVE-2024-28928SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-38088SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-20701SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21317SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21331SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21308SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21333SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-35256SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21303SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21335SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-35271SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-35272SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21332SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-38087SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21425SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21449SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37324SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37330SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37326SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37329SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37328SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37327SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37334Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37321SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37320SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37319SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37322SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37333SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37336SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37323SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37331SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21398SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21373SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37318SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21428SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21415SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-37332SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-21414SQL Server Native Client OLE DB Provider Remote Code Execution VulnerabilityImportant
Windows BitLockerCVE-2024-38058BitLocker Security Feature Bypass VulnerabilityImportant
Windows COM SessionCVE-2024-38100Windows File Explorer Elevation of Privilege VulnerabilityImportant
Windows CoreMessagingCVE-2024-21417Windows Text Services Framework Elevation of Privilege VulnerabilityImportant
Windows Cryptographic ServicesCVE-2024-30098Windows Cryptographic Services Security Feature Bypass VulnerabilityImportant
Windows DHCP ServerCVE-2024-38044DHCP Server Service Remote Code Execution VulnerabilityImportant
Windows Distributed Transaction CoordinatorCVE-2024-38049Windows Distributed Transaction Coordinator Remote Code Execution VulnerabilityImportant
Windows Enroll EngineCVE-2024-38069Windows Enroll Engine Security Feature Bypass VulnerabilityImportant
Windows Fax and Scan ServiceCVE-2024-38104Windows Fax Service Remote Code Execution VulnerabilityImportant
Windows FilteringCVE-2024-38034Windows Filtering Platform Elevation of Privilege VulnerabilityImportant
Windows Image AcquisitionCVE-2024-38022Windows Image Acquisition Elevation of Privilege VulnerabilityImportant
Windows Imaging ComponentCVE-2024-38060Windows Imaging Component Remote Code Execution VulnerabilityCritical
Windows Internet Connection Sharing (ICS)CVE-2024-38105Windows Layer-2 Bridge Network Driver Denial of Service VulnerabilityImportant
Windows Internet Connection Sharing (ICS)CVE-2024-38053Windows Layer-2 Bridge Network Driver Remote Code Execution VulnerabilityImportant
Windows Internet Connection Sharing (ICS)CVE-2024-38102Windows Layer-2 Bridge Network Driver Denial of Service VulnerabilityImportant
Windows Internet Connection Sharing (ICS)CVE-2024-38101Windows Layer-2 Bridge Network Driver Denial of Service VulnerabilityImportant
Windows iSCSICVE-2024-35270Windows iSCSI Service Denial of Service VulnerabilityImportant
Windows KernelCVE-2024-38041Windows Kernel Information Disclosure VulnerabilityImportant
Windows Kernel-Mode DriversCVE-2024-38062Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityImportant
Windows LockDown Policy (WLDP)CVE-2024-38070Windows LockDown Policy (WLDP) Security Feature Bypass VulnerabilityImportant
Windows Message QueuingCVE-2024-38017Microsoft Message Queuing Information Disclosure VulnerabilityImportant
Windows MSHTML PlatformCVE-2024-38112Windows MSHTML Platform Spoofing VulnerabilityImportant
Windows MultiPoint ServicesCVE-2024-30013Windows MultiPoint Services Remote Code Execution VulnerabilityImportant
Windows NTLMCVE-2024-30081Windows NTLM Spoofing VulnerabilityImportant
Windows Online Certificate Status Protocol (OCSP)CVE-2024-38068Windows Online Certificate Status Protocol (OCSP) Server Denial of Service VulnerabilityImportant
Windows Online Certificate Status Protocol (OCSP)CVE-2024-38067Windows Online Certificate Status Protocol (OCSP) Server Denial of Service VulnerabilityImportant
Windows Online Certificate Status Protocol (OCSP)CVE-2024-38031Windows Online Certificate Status Protocol (OCSP) Server Denial of Service VulnerabilityImportant
Windows Performance MonitorCVE-2024-38028Microsoft Windows Performance Data Helper Library Remote Code Execution VulnerabilityImportant
Windows Performance MonitorCVE-2024-38019Microsoft Windows Performance Data Helper Library Remote Code Execution VulnerabilityImportant
Windows Performance MonitorCVE-2024-38025Microsoft Windows Performance Data Helper Library Remote Code Execution VulnerabilityImportant
Windows PowerShellCVE-2024-38043PowerShell Elevation of Privilege VulnerabilityImportant
Windows PowerShellCVE-2024-38047PowerShell Elevation of Privilege VulnerabilityImportant
Windows PowerShellCVE-2024-38033PowerShell Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2024-30071Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2024-30079Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityImportant
Windows Remote DesktopCVE-2024-38076Windows Remote Desktop Licensing Service Remote Code Execution VulnerabilityCritical
Windows Remote DesktopCVE-2024-38015Windows Remote Desktop Gateway (RD Gateway) Denial of Service VulnerabilityImportant
Windows Remote Desktop Licensing ServiceCVE-2024-38071Windows Remote Desktop Licensing Service Denial of Service VulnerabilityImportant
Windows Remote Desktop Licensing ServiceCVE-2024-38073Windows Remote Desktop Licensing Service Denial of Service VulnerabilityImportant
Windows Remote Desktop Licensing ServiceCVE-2024-38074Windows Remote Desktop Licensing Service Remote Code Execution VulnerabilityCritical
Windows Remote Desktop Licensing ServiceCVE-2024-38072Windows Remote Desktop Licensing Service Denial of Service VulnerabilityImportant
Windows Remote Desktop Licensing ServiceCVE-2024-38077Windows Remote Desktop Licensing Service Remote Code Execution VulnerabilityCritical
Windows Remote Desktop Licensing ServiceCVE-2024-38099Windows Remote Desktop Licensing Service Denial of Service VulnerabilityImportant
Windows Secure BootCVE-2024-38065Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37986Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37981Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37987Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-28899Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-26184Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-38011Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37984Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37988Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37977Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37978Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37974Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-38010Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37989Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37970Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37975Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37972Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37973Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37971Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2024-37969Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Server BackupCVE-2024-38013Microsoft Windows Server Backup Elevation of Privilege VulnerabilityImportant
Windows TCP/IPCVE-2024-38064Windows TCP/IP Information Disclosure VulnerabilityImportant
Windows ThemesCVE-2024-38030Windows Themes Spoofing VulnerabilityImportant
Windows Win32 Kernel SubsystemCVE-2024-38085Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Windows Win32K – GRFXCVE-2024-38066Windows Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-38059Win32k Elevation of Privilege VulnerabilityImportant
Windows Workstation ServiceCVE-2024-38050Windows Workstation Service Elevation of Privilege VulnerabilityImportant
XBox Crypto Graphic ServicesCVE-2024-38032Microsoft Xbox Remote Code Execution VulnerabilityImportant
XBox Crypto Graphic ServicesCVE-2024-38078Xbox Wireless Adapter Remote Code Execution VulnerabilityImportant

İlgili Makaleler

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Başa dön tuşu