Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs


Today is Microsoft’s March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws.

This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution and denial of service flaws.

The number of bugs in each vulnerability category is listed below

  • 24 Elevation of Privilege Vulnerabilities
  • 3 Security Feature Bypass Vulnerabilities
  • 18 Remote Code Execution Vulnerabilities
  • 6 Information Disclosure Vulnerabilities
  • 6 Denial of Service Vulnerabilities
  • 2 Spoofing Vulnerabilities

The total count of 60 flaws does not include 4 Microsoft Edge flaws fixed on March 7th.

Furthermore, Microsoft did not disclose any zero-days as part of today’s Patch Tuesday updates.

To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5035853 update and the Windows 10 KB5035845 update.

Flaws of interest

This month’s Patch Tuesday does not fix any zero-day vulnerabilities but does include some interesting flaws, which we have listed below.

CVE-2024-21400 – Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

Microsoft fixed a vulnerability in Azure Kubernetes Service that could allow attackers to gain elevated privileges and steal credentials.

“An attacker who successfully exploited this vulnerability could steal credentials and affect resources beyond the security scope managed by Azure Kubernetes Service Confidential Containers (AKSCC),” explains a Microsoft security advisory.

The flaw was discovered by Yuval Avrahami.

CVE-2024-26199 – Microsoft Office Elevation of Privilege Vulnerability

Microsoft has fixed a Office vulnerability allowing any authenticated user to gain SYSTEM privileges.

“Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges,” explains Microsoft.

The flaw was discovered by Iván Almuiña from Hacking Corporation Sàrl.

CVE-2024-20671 – Microsoft Defender Security Feature Bypass Vulnerability

Microsoft has fixed a Microsoft Defender vulnerability that could 

“An authenticated attacker who successfully exploited this vulnerability could prevent Microsoft Defender from starting,” explains Microsoft.

However, this will be resolved by Windows Defender Antimalware Platform updates that are automatically installed on Windows devices.

This flaw is fixed in version 4.18.24010.12 of the Antimalware Platform.

Microsoft says that this flaw was discovered by Manuel Feifel with Infoguard (Vurex).

CVE-2024-21411 – Skype for Consumer Remote Code Execution Vulnerability

Microsoft has fixed a remote code execution vulnerability Skype for Consumer that can be triggered by a malicious link or image.

“An attacker could exploit the vulnerability by sending the user a malicious link or a malicious image via Instant Message and then convincing the user to click the link or image,” explains Microsoft.

Microsoft says this flaw was discovered by Hector Peralta  and Nicole Armua working with Trend Micro Zero Day Initiative.

Recent updates from other companies

Other vendors who released updates or advisories in March 2024 include:

The March 2024 Patch Tuesday Security Updates

Below is the complete list of resolved vulnerabilities in the March 2024 Patch Tuesday updates.

To access the full description of each vulnerability and the systems it affects, you can view the full report here.

Tag CVE ID CVE Title Severity
.NET CVE-2024-21392 .NET and Visual Studio Denial of Service Vulnerability Important
Azure Data Studio CVE-2024-26203 Azure Data Studio Elevation of Privilege Vulnerability Important
Azure SDK CVE-2024-21421 Azure SDK Spoofing Vulnerability Important
Intel CVE-2023-28746 Intel: CVE-2023-28746 Register File Data Sampling (RFDS) Important
Microsoft Authenticator CVE-2024-21390 Microsoft Authenticator Elevation of Privilege Vulnerability Important
Microsoft Azure Kubernetes Service CVE-2024-21400 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Important
Microsoft Django Backend for SQL Server CVE-2024-26164 Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability Important
Microsoft Dynamics CVE-2024-21419 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2024-2174 Chromium: CVE-2024-2174 Inappropriate implementation in V8 Unknown
Microsoft Edge (Chromium-based) CVE-2024-2173 Chromium: CVE-2024-2173 Out of bounds memory access in V8 Unknown
Microsoft Edge (Chromium-based) CVE-2024-2176 Chromium: CVE-2024-2176 Use after free in FedCM Unknown
Microsoft Edge for Android CVE-2024-26167 Microsoft Edge for Android Spoofing Vulnerability Unknown
Microsoft Exchange Server CVE-2024-26198 Microsoft Exchange Server Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2024-21437 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Intune CVE-2024-26201 Microsoft Intune Linux Agent Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2024-26199 Microsoft Office Elevation of Privilege Vulnerability Important
Microsoft Office SharePoint CVE-2024-21426 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft QUIC CVE-2024-26190 Microsoft QUIC Denial of Service Vulnerability Important
Microsoft Teams for Android CVE-2024-21448 Microsoft Teams for Android Information Disclosure Vulnerability Important
Microsoft WDAC ODBC Driver CVE-2024-21451 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2024-21441 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2024-26161 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2024-26166 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2024-21444 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2024-21450 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Microsoft Windows SCSI Class System File CVE-2024-21434 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability Important
Open Management Infrastructure CVE-2024-21330 Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability Important
Open Management Infrastructure CVE-2024-21334 Open Management Infrastructure (OMI) Remote Code Execution Vulnerability Important
Outlook for Android CVE-2024-26204 Outlook for Android Information Disclosure Vulnerability Important
Role: Windows Hyper-V CVE-2024-21407 Windows Hyper-V Remote Code Execution Vulnerability Critical
Role: Windows Hyper-V CVE-2024-21408 Windows Hyper-V Denial of Service Vulnerability Critical
Skype for Consumer CVE-2024-21411 Skype for Consumer Remote Code Execution Vulnerability Important
Software for Open Networking in the Cloud (SONiC) CVE-2024-21418 Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability Important
Visual Studio Code CVE-2024-26165 Visual Studio Code Elevation of Privilege Vulnerability Important
Windows AllJoyn API CVE-2024-21438 Microsoft AllJoyn API Denial of Service Vulnerability Important
Windows Cloud Files Mini Filter Driver CVE-2024-26160 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Important
Windows Composite Image File System CVE-2024-26170 Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability Important
Windows Compressed Folder CVE-2024-26185 Windows Compressed Folder Tampering Vulnerability Important
Windows Defender CVE-2024-20671 Microsoft Defender Security Feature Bypass Vulnerability Important
Windows Error Reporting CVE-2024-26169 Windows Error Reporting Service Elevation of Privilege Vulnerability Important
Windows Hypervisor-Protected Code Integrity CVE-2024-21431 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Important
Windows Installer CVE-2024-21436 Windows Installer Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2024-21427 Windows Kerberos Security Feature Bypass Vulnerability Important
Windows Kernel CVE-2024-26177 Windows Kernel Information Disclosure Vulnerability Important
Windows Kernel CVE-2024-26176 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2024-26174 Windows Kernel Information Disclosure Vulnerability Important
Windows Kernel CVE-2024-26182 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2024-26181 Windows Kernel Denial of Service Vulnerability Important
Windows Kernel CVE-2024-26178 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2024-26173 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2024-21443 Windows Kernel Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2024-21446 NTFS Elevation of Privilege Vulnerability Important
Windows ODBC Driver CVE-2024-21440 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows ODBC Driver CVE-2024-26162 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows ODBC Driver CVE-2024-26159 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows OLE CVE-2024-21435 Windows OLE Remote Code Execution Vulnerability Important
Windows Print Spooler Components CVE-2024-21433 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2024-26197 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Telephony Server CVE-2024-21439 Windows Telephony Server Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2024-21432 Windows Update Stack Elevation of Privilege Vulnerability Important
Windows USB Hub Driver CVE-2024-21429 Windows USB Hub Driver Remote Code Execution Vulnerability Important
Windows USB Print Driver CVE-2024-21442 Windows USB Print Driver Elevation of Privilege Vulnerability Important
Windows USB Print Driver CVE-2024-21445 Windows USB Print Driver Elevation of Privilege Vulnerability Important
Windows USB Serial Driver CVE-2024-21430 Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability Important



Source link