Haberler

Microsoft Ağustos 2024 Patch Tuesday: 9 Zero-Day 89 Zafiyet Kapatıldı

Mehmet Sait YILMAZ fotoğrafı Mehmet Sait YILMAZ Bir e-posta göndermek 14/08/2024
0 4 dakika okuma süresi

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 9 adet Zero-Day ve toplam 89 zafiyeti kapattı.

Kapatılan zafiyetler aşağıdaki gibi:

  • 36 Elevation of Privilege Vulnerabilities
  • 4 Security Feature Bypass Vulnerabilities
  • 28 Remote Code Execution Vulnerabilities
  • 8 Information Disclosure Vulnerabilities
  • 6 Denial of Service Vulnerabilities
  • 7 Spoofing Vulnerabilities

9 Adet Zero-Day Kapatıldı

CVE-2024-38178 – Scripting Engine Memory Corruption Vulnerability

CVE-2024-38193 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2024-38213 – Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-38106 – Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38107 – Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

CVE-2024-38189 – Microsoft Project Remote Code Execution Vulnerability

CVE-2024-38199 – Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

CVE-2024-38200 – Microsoft Office Spoofing Vulnerability

CVE-2024-38202 – Windows Update Stack Elevation of Privilege Vulnerability

Ağustos 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

TagCVE IDCVE TitleSeverity
.NET and Visual StudioCVE-2024-38168.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2024-38167.NET and Visual Studio Information Disclosure VulnerabilityImportant
Azure Connected Machine AgentCVE-2024-38162Azure Connected Machine Agent Elevation of Privilege VulnerabilityImportant
Azure Connected Machine AgentCVE-2024-38098Azure Connected Machine Agent Elevation of Privilege VulnerabilityImportant
Azure CycleCloudCVE-2024-38195Azure CycleCloud Remote Code Execution VulnerabilityImportant
Azure Health BotCVE-2024-38109Azure Health Bot Elevation of Privilege VulnerabilityCritical
Azure IoT SDKCVE-2024-38158Azure IoT SDK Remote Code Execution VulnerabilityImportant
Azure IoT SDKCVE-2024-38157Azure IoT SDK Remote Code Execution VulnerabilityImportant
Azure StackCVE-2024-38108Azure Stack Hub Spoofing VulnerabilityImportant
Azure StackCVE-2024-38201Azure Stack Hub Elevation of Privilege VulnerabilityImportant
Line Printer Daemon Service (LPD)CVE-2024-38199Windows Line Printer Daemon (LPD) Service Remote Code Execution VulnerabilityImportant
Microsoft Bluetooth DriverCVE-2024-38123Windows Bluetooth Driver Information Disclosure VulnerabilityImportant
Microsoft Copilot StudioCVE-2024-38206Microsoft Copilot Studio Information Disclosure VulnerabilityCritical
Microsoft DynamicsCVE-2024-38166Microsoft Dynamics 365 Cross-site Scripting VulnerabilityCritical
Microsoft DynamicsCVE-2024-38211Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2024-7256Chromium: CVE-2024-7256 Insufficient data validation in DawnUnknown
Microsoft Edge (Chromium-based)CVE-2024-7536Chromium: CVE-2024-7550 Type Confusion in V8Unknown
Microsoft Edge (Chromium-based)CVE-2024-6990Chromium: CVE-2024-6990 Uninitialized Use in DawnUnknown
Microsoft Edge (Chromium-based)CVE-2024-7255Chromium: CVE-2024-7255 Out of bounds read in WebTransportUnknown
Microsoft Edge (Chromium-based)CVE-2024-7534Chromium: CVE-2024-7535 Inappropriate implementation in V8Unknown
Microsoft Edge (Chromium-based)CVE-2024-7532Chromium: CVE-2024-7533 Use after free in SharingUnknown
Microsoft Edge (Chromium-based)CVE-2024-7550Chromium: CVE-2024-7532 Out of bounds memory access in ANGLEUnknown
Microsoft Edge (Chromium-based)CVE-2024-7535Chromium: CVE-2024-7536 Use after free in WebAudioUnknown
Microsoft Edge (Chromium-based)CVE-2024-7533Chromium: CVE-2024-7534 Heap buffer overflow in LayoutUnknown
Microsoft Edge (Chromium-based)CVE-2024-38218Microsoft Edge (HTML-based) Memory Corruption VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2024-38219Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityModerate
Microsoft Edge (Chromium-based)CVE-2024-38222Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityUnknown
Microsoft Local Security Authority Server (lsasrv)CVE-2024-38118Microsoft Local Security Authority (LSA) Server Information Disclosure VulnerabilityImportant
Microsoft Local Security Authority Server (lsasrv)CVE-2024-38122Microsoft Local Security Authority (LSA) Server Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2024-38200Microsoft Office Spoofing VulnerabilityImportant
Microsoft OfficeCVE-2024-38084Microsoft OfficePlus Elevation of Privilege VulnerabilityImportant
Microsoft Office ExcelCVE-2024-38172Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2024-38170Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2024-38173Microsoft Outlook Remote Code Execution VulnerabilityImportant
Microsoft Office PowerPointCVE-2024-38171Microsoft PowerPoint Remote Code Execution VulnerabilityImportant
Microsoft Office ProjectCVE-2024-38189Microsoft Project Remote Code Execution VulnerabilityImportant
Microsoft Office VisioCVE-2024-38169Microsoft Office Visio Remote Code Execution VulnerabilityImportant
Microsoft Streaming ServiceCVE-2024-38134Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityImportant
Microsoft Streaming ServiceCVE-2024-38144Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityImportant
Microsoft Streaming ServiceCVE-2024-38125Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityImportant
Microsoft TeamsCVE-2024-38197Microsoft Teams for iOS Spoofing VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-38152Windows OLE Remote Code Execution VulnerabilityImportant
Microsoft Windows DNSCVE-2024-37968Windows DNS Spoofing VulnerabilityImportant
Reliable Multicast Transport Driver (RMCAST)CVE-2024-38140Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution VulnerabilityCritical
Windows Ancillary Function Driver for WinSockCVE-2024-38141Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant
Windows Ancillary Function Driver for WinSockCVE-2024-38193Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant
Windows App InstallerCVE-2024-38177Windows App Installer Spoofing VulnerabilityImportant
Windows Clipboard Virtual Channel ExtensionCVE-2024-38131Clipboard Virtual Channel Extension Remote Code Execution VulnerabilityImportant
Windows Cloud Files Mini Filter DriverCVE-2024-38215Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2024-38196Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Compressed FolderCVE-2024-38165Windows Compressed Folder Tampering VulnerabilityImportant
Windows Deployment ServicesCVE-2024-38138Windows Deployment Services Remote Code Execution VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-38150Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-38147Microsoft DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows Initial Machine ConfigurationCVE-2024-38223Windows Initial Machine Configuration Elevation of Privilege VulnerabilityImportant
Windows IP Routing Management SnapinCVE-2024-38114Windows IP Routing Management Snapin Remote Code Execution VulnerabilityImportant
Windows IP Routing Management SnapinCVE-2024-38116Windows IP Routing Management Snapin Remote Code Execution VulnerabilityImportant
Windows IP Routing Management SnapinCVE-2024-38115Windows IP Routing Management Snapin Remote Code Execution VulnerabilityImportant
Windows KerberosCVE-2024-29995Windows Kerberos Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-38151Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2024-38133Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-38127Windows Hyper-V Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-38153Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-38106Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows Kernel-Mode DriversCVE-2024-38187Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityImportant
Windows Kernel-Mode DriversCVE-2024-38191Kernel Streaming Service Driver Elevation of Privilege VulnerabilityImportant
Windows Kernel-Mode DriversCVE-2024-38184Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityImportant
Windows Kernel-Mode DriversCVE-2024-38186Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityImportant
Windows Kernel-Mode DriversCVE-2024-38185Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityImportant
Windows Layer-2 Bridge Network DriverCVE-2024-38146Windows Layer-2 Bridge Network Driver Denial of Service VulnerabilityImportant
Windows Layer-2 Bridge Network DriverCVE-2024-38145Windows Layer-2 Bridge Network Driver Denial of Service VulnerabilityImportant
Windows Mark of the Web (MOTW)CVE-2024-38213Windows Mark of the Web Security Feature Bypass VulnerabilityModerate
Windows Mobile BroadbandCVE-2024-38161Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Network Address Translation (NAT)CVE-2024-38132Windows Network Address Translation (NAT) Denial of Service VulnerabilityImportant
Windows Network Address Translation (NAT)CVE-2024-38126Windows Network Address Translation (NAT) Denial of Service VulnerabilityImportant
Windows Network VirtualizationCVE-2024-38160Windows Network Virtualization Remote Code Execution VulnerabilityCritical
Windows Network VirtualizationCVE-2024-38159Windows Network Virtualization Remote Code Execution VulnerabilityCritical
Windows NT OS KernelCVE-2024-38135Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityImportant
Windows NTFSCVE-2024-38117NTFS Elevation of Privilege VulnerabilityImportant
Windows Power Dependency CoordinatorCVE-2024-38107Windows Power Dependency Coordinator Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2024-38198Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Resource ManagerCVE-2024-38137Windows Resource Manager PSM Service Extension Elevation of Privilege VulnerabilityImportant
Windows Resource ManagerCVE-2024-38136Windows Resource Manager PSM Service Extension Elevation of Privilege VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-38130Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-38128Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-38154Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-38121Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-38214Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-38120Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows ScriptingCVE-2024-38178Scripting Engine Memory Corruption VulnerabilityImportant
Windows Secure BootCVE-2022-3775Redhat: CVE-2022-3775 grub2 – Heap based out-of-bounds write when rendering certain Unicode sequencesCritical
Windows Secure BootCVE-2023-40547Redhat: CVE-2023-40547 Shim – RCE in HTTP boot support may lead to secure boot bypassCritical
Windows Secure BootCVE-2022-2601Redhat: CVE-2022-2601 grub2 – Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypassImportant
Windows Secure Kernel ModeCVE-2024-21302Windows Secure Kernel Mode Elevation of Privilege VulnerabilityImportant
Windows Secure Kernel ModeCVE-2024-38142Windows Secure Kernel Mode Elevation of Privilege VulnerabilityImportant
Windows Security CenterCVE-2024-38155Security Center Broker Information Disclosure VulnerabilityImportant
Windows SmartScreenCVE-2024-38180Windows SmartScreen Security Feature Bypass VulnerabilityImportant
Windows TCP/IPCVE-2024-38063Windows TCP/IP Remote Code Execution VulnerabilityCritical
Windows Transport Security Layer (TLS)CVE-2024-38148Windows Secure Channel Denial of Service VulnerabilityImportant
Windows Update StackCVE-2024-38202Windows Update Stack Elevation of Privilege VulnerabilityImportant
Windows Update StackCVE-2024-38163Windows Update Stack Elevation of Privilege VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2024-38143Windows WLAN AutoConfig Service Elevation of Privilege VulnerabilityImportant
Mehmet Sait YILMAZ fotoğrafı Mehmet Sait YILMAZ Bir e-posta göndermek 14/08/2024
0 4 dakika okuma süresi
Mehmet Sait YILMAZ fotoğrafı

Mehmet Sait YILMAZ

İlgili Makaleler

Chromium Güncellemesi, Chrome ve Edge'de Metin Seçim Sorunlarına Yol Açtı!

Chromium Güncellemesi, Chrome ve Edge’de Metin Seçim Sorunlarına Yol Açtı!

20/11/2024
Graykey İle Hangi iPhone ve Android Cihazları Kilidi Açılabiliyor? İşte Tüm Detaylar!

İPhone ve Android Cihazları Ne Kadar Güvenli? Grakey Sızıntısı Ortaya Çıktı!

20/11/2024
Helldown Ransomware Saldırıları Linux ve VMware Sistemlerine Yayılmaya Başladı!

Helldown Ransomware Saldırıları Linux ve VMware Sistemlerine Yayılmaya Başladı!

20/11/2024
Google Gemini Bellek Özelliği ile Yanıtlarınızı Kişisel Hale Getirin!

Google Gemini Bellek Özelliği ile Yanıtlarınızı Kişisel Hale Getirin!

20/11/2024

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Başa dön tuşu