Haberler

Microsoft Nisan 2024 Patch Tuesday: 150 Zafiyet, 67 RCE Kapatıldı

Mehmet Sait YILMAZ 09/04/2024

0 6 dakika okuma süresi

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 67 adet RCE güvenlik açığı ve toplam 150 zafiyeti kapattı.

Kapatılan zafiyetler aşağıdaki gibi:

31 Elevation of Privilege Vulnerabilities
29 Security Feature Bypass Vulnerabilities
67 Remote Code Execution Vulnerabilities
13 Information Disclosure Vulnerabilities
7 Denial of Service Vulnerabilities
3 Spoofing Vulnerabilities

Bu ay Zero-Day yok!

Nisan 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

Tag	CVE ID	CVE Title	Severity
.NET and Visual Studio	CVE-2024-21409	.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability	Important
Azure	CVE-2024-29993	Azure CycleCloud Elevation of Privilege Vulnerability	Important
Azure AI Search	CVE-2024-29063	Azure AI Search Information Disclosure Vulnerability	Important
Azure Arc	CVE-2024-28917	Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability	Important
Azure Compute Gallery	CVE-2024-21424	Azure Compute Gallery Elevation of Privilege Vulnerability	Important
Azure Migrate	CVE-2024-26193	Azure Migrate Remote Code Execution Vulnerability	Important
Azure Monitor	CVE-2024-29989	Azure Monitor Agent Elevation of Privilege Vulnerability	Important
Azure Private 5G Core	CVE-2024-20685	Azure Private 5G Core Denial of Service Vulnerability	Moderate
Azure SDK	CVE-2024-29992	Azure Identity Library for .NET Information Disclosure Vulnerability	Moderate
Intel	CVE-2024-2201	Intel: CVE-2024-2201 Branch History Injection	Important
Internet Shortcut Files	CVE-2024-29988	SmartScreen Prompt Security Feature Bypass Vulnerability	Important
Mariner	CVE-2019-3816	Unknown	Unknown
Mariner	CVE-2019-3833	Unknown	Unknown
Microsoft Azure Kubernetes Service	CVE-2024-29990	Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-28905	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-28907	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-26213	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-28904	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-29055	Microsoft Defender for IoT Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-29053	Microsoft Defender for IoT Remote Code Execution Vulnerability	Critical
Microsoft Defender for IoT	CVE-2024-29054	Microsoft Defender for IoT Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-21324	Microsoft Defender for IoT Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-21323	Microsoft Defender for IoT Remote Code Execution Vulnerability	Critical
Microsoft Defender for IoT	CVE-2024-21322	Microsoft Defender for IoT Remote Code Execution Vulnerability	Critical
Microsoft Edge (Chromium-based)	CVE-2024-3156	Chromium: CVE-2024-3156 Inappropriate implementation in V8	Unknown
Microsoft Edge (Chromium-based)	CVE-2024-29049	Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability	Moderate
Microsoft Edge (Chromium-based)	CVE-2024-29981	Microsoft Edge (Chromium-based) Spoofing Vulnerability	Low
Microsoft Edge (Chromium-based)	CVE-2024-3159	Chromium: CVE-2024-3159 Out of bounds memory access in V8	Unknown
Microsoft Edge (Chromium-based)	CVE-2024-3158	Chromium: CVE-2024-3158 Use after free in Bookmarks	Unknown
Microsoft Install Service	CVE-2024-26158	Microsoft Install Service Elevation of Privilege Vulnerability	Important
Microsoft Office Excel	CVE-2024-26257	Microsoft Excel Remote Code Execution Vulnerability	Important
Microsoft Office Outlook	CVE-2024-20670	Outlook for Windows Spoofing Vulnerability	Important
Microsoft Office SharePoint	CVE-2024-26251	Microsoft SharePoint Server Spoofing Vulnerability	Important
Microsoft WDAC ODBC Driver	CVE-2024-26214	Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability	Important
Microsoft WDAC OLE DB provider for SQL	CVE-2024-26244	Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability	Important
Microsoft WDAC OLE DB provider for SQL	CVE-2024-26210	Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26233	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26231	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26227	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26223	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26221	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26224	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26222	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: Windows Hyper-V	CVE-2024-29064	Windows Hyper-V Denial of Service Vulnerability	Important
SQL Server	CVE-2024-28937	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28938	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29044	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28935	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28940	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28943	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28941	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28910	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28944	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28908	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28909	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29985	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28906	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28926	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28933	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28934	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28927	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28930	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29046	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28932	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29047	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28931	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29984	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28929	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28939	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28942	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29043	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28936	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29045	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28915	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28913	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28945	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29048	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28912	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28914	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29983	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28911	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29982	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
Windows Authentication Methods	CVE-2024-29056	Windows Authentication Elevation of Privilege Vulnerability	Important
Windows Authentication Methods	CVE-2024-21447	Windows Authentication Elevation of Privilege Vulnerability	Important
Windows BitLocker	CVE-2024-20665	BitLocker Security Feature Bypass Vulnerability	Important
Windows Compressed Folder	CVE-2024-26256	libarchive Remote Code Execution Vulnerability	Important
Windows Cryptographic Services	CVE-2024-26228	Windows Cryptographic Services Security Feature Bypass Vulnerability	Important
Windows Cryptographic Services	CVE-2024-29050	Windows Cryptographic Services Remote Code Execution Vulnerability	Important
Windows Defender Credential Guard	CVE-2024-26237	Windows Defender Credential Guard Elevation of Privilege Vulnerability	Important
Windows DHCP Server	CVE-2024-26212	DHCP Server Service Denial of Service Vulnerability	Important
Windows DHCP Server	CVE-2024-26215	DHCP Server Service Denial of Service Vulnerability	Important
Windows DHCP Server	CVE-2024-26195	DHCP Server Service Remote Code Execution Vulnerability	Important
Windows DHCP Server	CVE-2024-26202	DHCP Server Service Remote Code Execution Vulnerability	Important
Windows Distributed File System (DFS)	CVE-2024-29066	Windows Distributed File System (DFS) Remote Code Execution Vulnerability	Important
Windows Distributed File System (DFS)	CVE-2024-26226	Windows Distributed File System (DFS) Information Disclosure Vulnerability	Important
Windows DWM Core Library	CVE-2024-26172	Windows DWM Core Library Information Disclosure Vulnerability	Important
Windows File Server Resource Management Service	CVE-2024-26216	Windows File Server Resource Management Service Elevation of Privilege Vulnerability	Important
Windows HTTP.sys	CVE-2024-26219	HTTP.sys Denial of Service Vulnerability	Important
Windows Internet Connection Sharing (ICS)	CVE-2024-26253	Windows rndismp6.sys Remote Code Execution Vulnerability	Important
Windows Internet Connection Sharing (ICS)	CVE-2024-26252	Windows rndismp6.sys Remote Code Execution Vulnerability	Important
Windows Kerberos	CVE-2024-26183	Windows Kerberos Denial of Service Vulnerability	Important
Windows Kerberos	CVE-2024-26248	Windows Kerberos Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-20693	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-26245	Windows SMB Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-26229	Windows CSC Service Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-26218	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Local Security Authority Subsystem Service (LSASS)	CVE-2024-26209	Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability	Important
Windows Message Queuing	CVE-2024-26232	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	Important
Windows Message Queuing	CVE-2024-26208	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	Important
Windows Mobile Hotspot	CVE-2024-26220	Windows Mobile Hotspot Information Disclosure Vulnerability	Important
Windows Proxy Driver	CVE-2024-26234	Proxy Driver Spoofing Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-28902	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-28900	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-28901	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26255	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26230	Windows Telephony Server Elevation of Privilege Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26239	Windows Telephony Server Elevation of Privilege Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26207	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26217	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26211	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability	Important
Windows Remote Procedure Call	CVE-2024-20678	Remote Procedure Call Runtime Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-26200	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-26179	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-26205	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Secure Boot	CVE-2024-29061	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28921	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-20689	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26250	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28922	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-29062	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-20669	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28898	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-20688	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-23593	Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell	Important
Windows Secure Boot	CVE-2024-28896	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28919	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-23594	Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi	Important
Windows Secure Boot	CVE-2024-28923	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28903	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26189	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26240	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28924	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28897	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28925	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26175	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28920	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26194	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26180	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26171	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26168	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Storage	CVE-2024-29052	Windows Storage Elevation of Privilege Vulnerability	Important
Windows Telephony Server	CVE-2024-26242	Windows Telephony Server Elevation of Privilege Vulnerability	Important
Windows Update Stack	CVE-2024-26236	Windows Update Stack Elevation of Privilege Vulnerability	Important
Windows Update Stack	CVE-2024-26235	Windows Update Stack Elevation of Privilege Vulnerability	Important
Windows USB Print Driver	CVE-2024-26243	Windows USB Print Driver Elevation of Privilege Vulnerability	Important
Windows Virtual Machine Bus	CVE-2024-26254	Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability	Important
Windows Win32K – ICOMP	CVE-2024-26241	Win32k Elevation of Privilege Vulnerability	Important

Mehmet Sait YILMAZ 09/04/2024

0 6 dakika okuma süresi

Microsoft Nisan 2024 Patch Tuesday: 150 Zafiyet, 67 RCE Kapatıldı

Kapatılan zafiyetler aşağıdaki gibi:

Bu ay Zero-Day yok!

Nisan 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

Mehmet Sait YILMAZ

Bir yanıt yazın Yanıtı iptal et

Microsoft Teams Toplantıları İçin 10 İpucu

Windows 10 Üzerinde Kali Linux Kullanımı

Bir Samsung Modeli Daha Android 14 Güncellemesi Aldı. İşte Tüm Modeller!

Acı Kaybımız, Uğur Demir’ i Kaybettik

Bir Veritabanı Sunucusuna Brute Force ile Saldırmak ve Sunucuyu Savunmak

Windows 0x0000011b Ağ Yazdırma Hatası Nasıl Düzeltilir

Kapatılan zafiyetler aşağıdaki gibi:

Bu ay Zero-Day yok!

Nisan 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

Mehmet Sait YILMAZ

Veeam ONE - VID Log Şişme Sorunu

Microsoft 365 ve Teams Lisans Güncellemeleri Yapıldı

İlgili Makaleler

Microsoft PowerShell 7.5 RC1 Yayınlandı! Ocak Ayında Genel Kullanıma Hazır!

Google’dan Yeni Özellik! Screen Time Reminders ile Ekran Süresini Kontrol Edin

Windows on ARM İçin Google Drive Desteği Geldi! İşte Detaylar

Microsoft Bing Wallpaper Uygulaması Artık Microsoft Store’da!

Bir yanıt yazın Yanıtı iptal et

Microsoft Teams Toplantıları İçin 10 İpucu

Windows 10 Üzerinde Kali Linux Kullanımı

Bir Samsung Modeli Daha Android 14 Güncellemesi Aldı. İşte Tüm Modeller!

Acı Kaybımız, Uğur Demir’ i Kaybettik

Bir Veritabanı Sunucusuna Brute Force ile Saldırmak ve Sunucuyu Savunmak

Windows 0x0000011b Ağ Yazdırma Hatası Nasıl Düzeltilir