Microsoft Mart 2024 Patch Tuesday: 60 Zafiyet Kapatıldı

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 18 adet RCE güvenlik açığı ve toplam 60 zafiyeti kapattı.

Bu ay iki adet kritik Hyper-v zafiyeti kapatıldı.

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-21407

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-21408

Kapatılan zafiyetler aşağıdaki gibi:

Bu ayki önce çıkan zafiyetler aşağıdaki gibi:

CVE-2024-21400 – Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVE-2024-26199 – Microsoft Office Elevation of Privilege VulnerabilityCVE-2024-20671 – Microsoft Defender Security Feature Bypass Vulnerability

CVE-2024-20671 – Microsoft Defender Security Feature Bypass Vulnerability

CVE-2024-21411 – Skype for Consumer Remote Code Execution Vulnerability

Mart 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

TagCVE IDCVE TitleSeverity
.NETCVE-2024-21392.NET and Visual Studio Denial of Service VulnerabilityImportant
Azure Data StudioCVE-2024-26203Azure Data Studio Elevation of Privilege VulnerabilityImportant
Azure SDKCVE-2024-21421Azure SDK Spoofing VulnerabilityImportant
IntelCVE-2023-28746Intel: CVE-2023-28746 Register File Data Sampling (RFDS)Important
Microsoft AuthenticatorCVE-2024-21390Microsoft Authenticator Elevation of Privilege VulnerabilityImportant
Microsoft Azure Kubernetes ServiceCVE-2024-21400Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityImportant
Microsoft Django Backend for SQL ServerCVE-2024-26164Microsoft Django Backend for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft DynamicsCVE-2024-21419Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2024-2174Chromium: CVE-2024-2174 Inappropriate implementation in V8Unknown
Microsoft Edge (Chromium-based)CVE-2024-2173Chromium: CVE-2024-2173 Out of bounds memory access in V8Unknown
Microsoft Edge (Chromium-based)CVE-2024-2176Chromium: CVE-2024-2176 Use after free in FedCMUnknown
Microsoft Edge for AndroidCVE-2024-26167Microsoft Edge for Android Spoofing VulnerabilityUnknown
Microsoft Exchange ServerCVE-2024-26198Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2024-21437Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft IntuneCVE-2024-26201Microsoft Intune Linux Agent Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2024-26199Microsoft Office Elevation of Privilege VulnerabilityImportant
Microsoft Office SharePointCVE-2024-21426Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft QUICCVE-2024-26190Microsoft QUIC Denial of Service VulnerabilityImportant
Microsoft Teams for AndroidCVE-2024-21448Microsoft Teams for Android Information Disclosure VulnerabilityImportant
Microsoft WDAC ODBC DriverCVE-2024-21451Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21441Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-26161Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-26166Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21444Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21450Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft Windows SCSI Class System FileCVE-2024-21434Microsoft Windows SCSI Class System File Elevation of Privilege VulnerabilityImportant
Open Management InfrastructureCVE-2024-21330Open Management Infrastructure (OMI) Elevation of Privilege VulnerabilityImportant
Open Management InfrastructureCVE-2024-21334Open Management Infrastructure (OMI) Remote Code Execution VulnerabilityImportant
Outlook for AndroidCVE-2024-26204Outlook for Android Information Disclosure VulnerabilityImportant
Role: Windows Hyper-VCVE-2024-21407Windows Hyper-V Remote Code Execution VulnerabilityCritical
Role: Windows Hyper-VCVE-2024-21408Windows Hyper-V Denial of Service VulnerabilityCritical
Skype for ConsumerCVE-2024-21411Skype for Consumer Remote Code Execution VulnerabilityImportant
Software for Open Networking in the Cloud (SONiC)CVE-2024-21418Software for Open Networking in the Cloud (SONiC) Elevation of Privilege VulnerabilityImportant
Visual Studio CodeCVE-2024-26165Visual Studio Code Elevation of Privilege VulnerabilityImportant
Windows AllJoyn APICVE-2024-21438Microsoft AllJoyn API Denial of Service VulnerabilityImportant
Windows Cloud Files Mini Filter DriverCVE-2024-26160Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityImportant
Windows Composite Image File SystemCVE-2024-26170Windows Composite Image File System (CimFS) Elevation of Privilege VulnerabilityImportant
Windows Compressed FolderCVE-2024-26185Windows Compressed Folder Tampering VulnerabilityImportant
Windows DefenderCVE-2024-20671Microsoft Defender Security Feature Bypass VulnerabilityImportant
Windows Error ReportingCVE-2024-26169Windows Error Reporting Service Elevation of Privilege VulnerabilityImportant
Windows Hypervisor-Protected Code IntegrityCVE-2024-21431Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass VulnerabilityImportant
Windows InstallerCVE-2024-21436Windows Installer Elevation of Privilege VulnerabilityImportant
Windows KerberosCVE-2024-21427Windows Kerberos Security Feature Bypass VulnerabilityImportant
Windows KernelCVE-2024-26177Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2024-26176Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-26174Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2024-26182Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-26181Windows Kernel Denial of Service VulnerabilityImportant
Windows KernelCVE-2024-26178Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-26173Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-21443Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows NTFSCVE-2024-21446NTFS Elevation of Privilege VulnerabilityImportant
Windows ODBC DriverCVE-2024-21440Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant
Windows ODBC DriverCVE-2024-26162Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant
Windows ODBC DriverCVE-2024-26159Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant
Windows OLECVE-2024-21435Windows OLE Remote Code Execution VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2024-21433Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Standards-Based Storage Management ServiceCVE-2024-26197Windows Standards-Based Storage Management Service Denial of Service VulnerabilityImportant
Windows Telephony ServerCVE-2024-21439Windows Telephony Server Elevation of Privilege VulnerabilityImportant
Windows Update StackCVE-2024-21432Windows Update Stack Elevation of Privilege VulnerabilityImportant
Windows USB Hub DriverCVE-2024-21429Windows USB Hub Driver Remote Code Execution VulnerabilityImportant
Windows USB Print DriverCVE-2024-21442Windows USB Print Driver Elevation of Privilege VulnerabilityImportant
Windows USB Print DriverCVE-2024-21445Windows USB Print Driver Elevation of Privilege VulnerabilityImportant
Windows USB Serial DriverCVE-2024-21430Windows USB Attached SCSI (UAS) Protocol Remote Code Execution VulnerabilityImportant
Exit mobile version