Sam's Tech Hub

Welcome to Sam's Tech Hub - a dedicated space for enthusiasts and professionals to explore everything Microsoft! From the latest tech news, trending topics, and insightful articles to hands-on solutions, step-by-step guides, product updates, and in-depth reviews, Sam's Tech Hub is your go-to resource for all things Microsoft. Dive in for valuable learning support and stay up-to-date with evolving technologies in the Microsoft Platform. Sam's Tech Hub - Keep Exploring. Happy Learning! :)

Sunday, September 15, 2024

⚡Microsoft's September 2024 Patch Tuesday: A Comprehensive Overview⚡

Posted by Samitha Dasun Peiris on September 15, 2024

Introduction

Microsoft's September 2024 Patch Tuesday has addressed a total of 79 security vulnerabilities, including four zero-day vulnerabilities and seven critical vulnerabilities. This month's updates span across various Microsoft products and services, enhancing security and stability for users worldwide. Below is a detailed breakdown of these vulnerabilities by type:
  • Remote Code Execution (RCE): 12
  • Elevation of Privilege (EoP): 35
  • Denial of Service (DoS): 4
  • Spoofing Vulnerabilities: 3
  • Security Feature Bypass (SFB): 3
  • Information Disclosure: 18
  • Cross-Site Scripting (XSS): 1
  • Other vulnerabilities: 3

Key Highlights

01. Zero-Day Vulnerabilities
  • Mark-of-the-Web Bypass (CVE-2024-38217): Actively exploited, allowing crafted files to bypass SmartScreen or attachment services. This vulnerability highlights risks associated with file downloads.
  • Windows Installer EoP (CVE-2024-38014): Exploited locally to grant SYSTEM privileges due to improper privilege management.
  • Microsoft Publisher Macro Policy Bypass (CVE-2024-38226): Requires local user authentication to bypass macro restrictions, posing risks for organizations.
  • SharePoint Critical RCEs (e.g., CVE-2024-38018): Exploits deserialization flaws to gain control via malicious uploads, emphasizing the need for secure configurations.

02. Critical RCE Vulnerabilities
  • Affect key products like SharePoint and Windows Network Address Translation (NAT). The NAT vulnerability (CVE-2024-38119) involves a "use-after-free" flaw, requiring network adjacency for exploitation.
03. Product-Specific Updates
  • Windows: Multiple privilege elevation and RCE patches for Windows 10, 11, and Server editions.
  • Microsoft 365 Apps: Fixes for Excel, Publisher, and SharePoint vulnerabilities.
  • Power Automate: An RCE vulnerability (CVE-2024-43479) addressed for secure automation workflows.
04. Zero-Day Defense Recommendations
  • Regularly update software to prevent exploitation.
  • Enable enhanced security features like SmartScreen and macro-blocking policies.
  • Monitor for suspicious activity on systems running affected versions.

Conclusion

With 35 elevation-of-privilege vulnerabilities addressed and critical fixes for RCE vulnerabilities in widely-used tools like SharePoint, the September 2024 Patch Tuesday underlines Microsoft's commitment to securing its ecosystem. Organizations should prioritize deploying these patches to ensure compliance and maintain a robust security posture.

The complete list of the vulnerabilities can be found here - Microsoft release notes.

Keep Exploring. Happy Learning! 😊
Posted in , , , ,