Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws

TagCVE IDCVE TitleSeverity.NETCVE-2024-21386.NET Denial of Service VulnerabilityImportant.NETCVE-2024-21404.NET Denial of Service VulnerabilityImportantAzure Active DirectoryCVE-2024-21401Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege VulnerabilityImportantAzure Active DirectoryCVE-2024-21381Microsoft Azure Active Directory B2C Spoofing VulnerabilityImportantAzure Connected Machine AgentCVE-2024-21329Azure Connected Machine Agent Elevation of Privilege VulnerabilityImportantAzure DevOpsCVE-2024-20667Azure DevOps Server Remote Code Execution VulnerabilityImportantAzure File SyncCVE-2024-21397Microsoft Azure File Sync Elevation of Privilege VulnerabilityImportantAzure Site RecoveryCVE-2024-21364Microsoft Azure Site Recovery Elevation of Privilege VulnerabilityModerateAzure StackCVE-2024-20679Azure Stack Hub Spoofing VulnerabilityImportantInternet Shortcut FilesCVE-2024-21412Internet Shortcut Files Security Feature Bypass VulnerabilityImportantMarinerCVE-2024-21626UnknownUnknownMicrosoft ActiveXCVE-2024-21349Microsoft ActiveX Data Objects Remote Code Execution VulnerabilityImportantMicrosoft Azure Kubernetes ServiceCVE-2024-21403Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityImportantMicrosoft Azure Kubernetes ServiceCVE-2024-21376Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution VulnerabilityImportantMicrosoft Defender for EndpointCVE-2024-21315Microsoft Defender for Endpoint Protection Elevation of Privilege VulnerabilityImportantMicrosoft DynamicsCVE-2024-21393Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2024-21389Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2024-21395Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2024-21380Microsoft Dynamics Business Central/NAV Information Disclosure VulnerabilityCriticalMicrosoft DynamicsCVE-2024-21328Dynamics 365 Sales Spoofing VulnerabilityImportantMicrosoft DynamicsCVE-2024-21394Dynamics 365 Field Service Spoofing VulnerabilityImportantMicrosoft DynamicsCVE-2024-21396Dynamics 365 Sales Spoofing VulnerabilityImportantMicrosoft DynamicsCVE-2024-21327Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting VulnerabilityImportantMicrosoft Edge (Chromium-based)CVE-2024-1284Chromium: CVE-2024-1284 Use after free in MojoUnknownMicrosoft Edge (Chromium-based)CVE-2024-21399Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityModerateMicrosoft Edge (Chromium-based)CVE-2024-1060Chromium: CVE-2024-1060 Use after free in CanvasUnknownMicrosoft Edge (Chromium-based)CVE-2024-1077Chromium: CVE-2024-1077 Use after free in NetworkUnknownMicrosoft Edge (Chromium-based)CVE-2024-1283Chromium: CVE-2024-1283 Heap buffer overflow in SkiaUnknownMicrosoft Edge (Chromium-based)CVE-2024-1059Chromium: CVE-2024-1059 Use after free in WebRTCUnknownMicrosoft Exchange ServerCVE-2024-21410Microsoft Exchange Server Elevation of Privilege VulnerabilityCriticalMicrosoft OfficeCVE-2024-21413Microsoft Outlook Remote Code Execution VulnerabilityCriticalMicrosoft OfficeCVE-2024-20673Microsoft Office Remote Code Execution VulnerabilityImportantMicrosoft Office OneNoteCVE-2024-21384Microsoft Office OneNote Remote Code Execution VulnerabilityImportantMicrosoft Office OutlookCVE-2024-21378Microsoft Outlook Remote Code Execution VulnerabilityImportantMicrosoft Office OutlookCVE-2024-21402Microsoft Outlook Elevation of Privilege VulnerabilityImportantMicrosoft Office WordCVE-2024-21379Microsoft Word Remote Code Execution VulnerabilityImportantMicrosoft Teams for AndroidCVE-2024-21374Microsoft Teams for Android Information DisclosureImportantMicrosoft WDAC ODBC DriverCVE-2024-21353Microsoft WDAC ODBC Driver Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21370Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21350Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21368Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21359Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21365Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21367Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21420Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21366Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21369Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21375Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21361Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21358Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21391Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21360Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2024-21352Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WindowsCVE-2024-21406Windows Printing Service Spoofing VulnerabilityImportantMicrosoft Windows DNSCVE-2024-21377Windows DNS Information Disclosure VulnerabilityImportantRole: DNS ServerCVE-2023-50387MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolversImportantRole: DNS ServerCVE-2024-21342Windows DNS Client Denial of Service VulnerabilityImportantSkype for BusinessCVE-2024-20695Skype for Business Information Disclosure VulnerabilityImportantSQL ServerCVE-2024-21347Microsoft ODBC Driver Remote Code Execution VulnerabilityImportantTrusted Compute BaseCVE-2024-21304Trusted Compute Base Elevation of Privilege VulnerabilityImportantWindows Hyper-VCVE-2024-20684Windows Hyper-V Denial of Service VulnerabilityCriticalWindows Internet Connection Sharing (ICS)CVE-2024-21343Windows Network Address Translation (NAT) Denial of Service VulnerabilityImportantWindows Internet Connection Sharing (ICS)CVE-2024-21348Internet Connection Sharing (ICS) Denial of Service VulnerabilityImportantWindows Internet Connection Sharing (ICS)CVE-2024-21357Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCriticalWindows Internet Connection Sharing (ICS)CVE-2024-21344Windows Network Address Translation (NAT) Denial of Service VulnerabilityImportantWindows KernelCVE-2024-21371Windows Kernel Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2024-21338Windows Kernel Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2024-21341Windows Kernel Remote Code Execution VulnerabilityImportantWindows KernelCVE-2024-21345Windows Kernel Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2024-21362Windows Kernel Security Feature Bypass VulnerabilityImportantWindows KernelCVE-2024-21340Windows Kernel Information Disclosure VulnerabilityImportantWindows LDAP – Lightweight Directory Access ProtocolCVE-2024-21356Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityImportantWindows Message QueuingCVE-2024-21363Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityImportantWindows Message QueuingCVE-2024-21355Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImportantWindows Message QueuingCVE-2024-21405Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImportantWindows Message QueuingCVE-2024-21354Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImportantWindows OLECVE-2024-21372Windows OLE Remote Code Execution VulnerabilityImportantWindows SmartScreenCVE-2024-21351Windows SmartScreen Security Feature Bypass VulnerabilityModerateWindows USB Serial DriverCVE-2024-21339Windows USB Generic Parent Driver Remote Code Execution VulnerabilityImportantWindows Win32K – ICOMPCVE-2024-21346Win32k Elevation of Privilege VulnerabilityImportant