HomeWinBuzzer NewsMay 2024 Patch Tuesday: Microsoft and VMware Fix Zero-Day Exploits

May 2024 Patch Tuesday: Microsoft and VMware Fix Zero-Day Exploits

Microsoft patched critical bugs including 2 zero-days, while VMware addressed zero-days exploited at Pwn2Own.

-

Microsoft has issued its Patch Tuesday security updates for May 2024, addressing 59 vulnerabilities across various products, including two zero-day vulnerabilities actively exploited in the wild. VMware has also released fixes for zero-day flaws demonstrated at the Pwn2Own Vancouver 2024 event.

Microsoft’s Critical Updates

The updates from Microsoft span a broad array of products, including Windows, Office, .NET Framework, Visual Studio, Microsoft Dynamics 365, Power BI, DHCP Server, Microsoft Edge (Chromium-based), and Windows Mobile Broadband. Of the 59 vulnerabilities, one is rated Critical, 57 are rated Important, and one is rated Moderate in severity.

Two actively exploited zero-day vulnerabilities have been addressed. The first, CVE-2024-30040, is a Windows MSHTML Platform Security Feature Bypass Vulnerability. This flaw bypasses OLE mitigations in Microsoft 365 and Microsoft Office, which protect users from vulnerable COM/OLE controls. Attackers can exploit this vulnerability by tricking users into loading a malicious file, often through deceptive means like email or instant messenger messages. Once the file is manipulated, the attacker can execute arbitrary code in the context of the user.

The second zero-day, CVE-2024-30051, is a Windows DWM Core Library Elevation of Privilege Vulnerability. Exploiting this flaw allows attackers to gain SYSTEM privileges. Microsoft has not disclosed specific details about the attacks exploiting these vulnerabilities.

VMware’s Response to Pwn2Own

VMware has addressed zero-day flaws demonstrated at the Pwn2Own Vancouver 2024 event. These vulnerabilities were critical and required immediate attention to prevent potential exploitation. The company has urged users to apply the updates promptly to secure their systems.

In other security news, MITRE has released the EMB3D Threat Model for embedded devices, aiming to enhance the security of embedded systems. Google has fixed its sixth actively exploited Chrome zero-day of the year, highlighting the ongoing challenges in securing widely-used browsers.

The Phorpiex botnet has been active, sending millions of phishing emails to deliver LockBit Black ransomware, while Apple has warned that threat actors may have exploited a zero-day vulnerability in older iPhones. The City of Helsinki has suffered a data breach, and Russian hackers have defaced local British news sites. Additionally, Australian financial services firm Firstmac Limited has faced a significant security incident.

All May 2024 Patch Tuesday Fixes

CVE ID

Tag

CVE Title

Severity

CVE-2024-30045

.NET and Visual Studio

.NET and Visual Studio Remote Code Execution Vulnerability

Important

CVE-2024-30053

Azure Migrate

Azure Migrate Cross-Site Scripting Vulnerability

Important

CVE-2024-30041

Microsoft Bing

Microsoft Bing Search Spoofing Vulnerability

Important

CVE-2024-30007

Microsoft Brokering File System

Microsoft Brokering File System Elevation of Privilege Vulnerability

Important

CVE-2024-30048

Microsoft Dynamics 365 Customer Insights

Dynamics 365 Customer Insights Spoofing Vulnerability

Important

CVE-2024-30047

Microsoft Dynamics 365 Customer Insights

Dynamics 365 Customer Insights Spoofing Vulnerability

Important

CVE-2024-4558

Microsoft Edge (Chromium-based)

Chromium: CVE-2024-4558 Use after free in ANGLE

Unknown

CVE-2024-4331

Microsoft Edge (Chromium-based)

Chromium: CVE-2024-4331 Use after free in Picture In Picture

Unknown

CVE-2024-4671

Microsoft Edge (Chromium-based)

Chromium: CVE-2024-4671 Use after free in Visuals

Unknown

CVE-2024-30055

Microsoft Edge (Chromium-based)

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Low

CVE-2024-4368

Microsoft Edge (Chromium-based)

Chromium: CVE-2024-4368 Use after free in Dawn

Unknown

CVE-2024-4559

Microsoft Edge (Chromium-based)

Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio

Unknown

CVE-2024-30059

Microsoft Intune

Microsoft Intune for Android Mobile Application Management Tampering Vulnerability

Important

CVE-2024-30042

Microsoft Office Excel

Microsoft Excel Remote Code Execution Vulnerability

Important

CVE-2024-30044

Microsoft Office SharePoint

Microsoft SharePoint Server Remote Code Execution Vulnerability

Critical

CVE-2024-30043

Microsoft Office SharePoint

Microsoft SharePoint Server Information Disclosure Vulnerability

Important

CVE-2024-30006

Microsoft WDAC OLE DB provider for SQL

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Important

CVE-2024-29994

Microsoft Windows SCSI Class System File

Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability

Important

CVE-2024-30033

Microsoft Windows Search Component

Windows Search Service Elevation of Privilege Vulnerability

Important

CVE-2024-30054

Power BI

Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability

Important

CVE-2024-30046

Visual Studio

Visual Studio Denial of Service Vulnerability

Important

CVE-2024-32004

Visual Studio

GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories

Important

CVE-2024-32002

Visual Studio

CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution

Important

CVE-2024-30034

Windows Cloud Files Mini Filter Driver

Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability

Important

CVE-2024-30031

Windows CNG Key Isolation Service

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

Important

CVE-2024-29996

Windows Common Log File System Driver

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important

CVE-2024-30037

Windows Common Log File System Driver

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important

CVE-2024-30025

Windows Common Log File System Driver

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important

CVE-2024-30020

Windows Cryptographic Services

Windows Cryptographic Services Remote Code Execution Vulnerability

Important

CVE-2024-30016

Windows Cryptographic Services

Windows Cryptographic Services Information Disclosure Vulnerability

Important

CVE-2024-30036

Windows Deployment Services

Windows Deployment Services Information Disclosure Vulnerability

Important

CVE-2024-30019

Windows DHCP Server

DHCP Server Service Denial of Service Vulnerability

Important

CVE-2024-30008

Windows DWM Core Library

Windows DWM Core Library Information Disclosure Vulnerability

Important

CVE-2024-30051

Windows DWM Core Library

Windows DWM Core Library Elevation of Privilege Vulnerability

Important

CVE-2024-30035

Windows DWM Core Library

Windows DWM Core Library Elevation of Privilege Vulnerability

Important

CVE-2024-30032

Windows DWM Core Library

Windows DWM Core Library Elevation of Privilege Vulnerability

Important

CVE-2024-30011

Windows Hyper-V

Windows Hyper-V Denial of Service Vulnerability

Important

CVE-2024-30017

Windows Hyper-V

Windows Hyper-V Remote Code Execution Vulnerability

Important

CVE-2024-30010

Windows Hyper-V

Windows Hyper-V Remote Code Execution Vulnerability

Important

CVE-2024-30018

Windows Kernel

Windows Kernel Elevation of Privilege Vulnerability

Important

CVE-2024-30050

Windows Mark of the Web (MOTW)

Windows Mark of the Web Security Feature Bypass Vulnerability

Moderate

CVE-2024-30002

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-29997

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30003

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30012

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-29999

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-29998

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30000

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30005

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30004

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30021

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30001

Windows Mobile Broadband

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Important

CVE-2024-30040

Windows MSHTML Platform

Windows MSHTML Platform Security Feature Bypass Vulnerability

Important

CVE-2024-30027

Windows NTFS

NTFS Elevation of Privilege Vulnerability

Important

CVE-2024-30039

Windows Remote Access Connection Manager

Windows Remote Access Connection Manager Information Disclosure Vulnerability

Important

CVE-2024-30009

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

CVE-2024-30024

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

CVE-2024-30015

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

CVE-2024-30029

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

CVE-2024-30023

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

CVE-2024-30014

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

CVE-2024-30022

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

CVE-2024-26238

Windows Task Scheduler

Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability

Important

CVE-2024-30030

Windows Win32K – GRFX

Win32k Elevation of Privilege Vulnerability

Important

CVE-2024-30038

Windows Win32K – ICOMP

Win32k Elevation of Privilege Vulnerability

Important

CVE-2024-30049

Windows Win32K – ICOMP

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Important

CVE-2024-30028

Windows Win32K – ICOMP

Win32k Elevation of Privilege Vulnerability

Important

Last Updated on November 7, 2024 8:24 pm CET

Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x