Microsoft June 2024 Patch Tuesday updates have been released, fixing 51 security loopholes across a variety of their products. Available in the Microsoft Update Catalog, this month’s updates encompass critical patches for Windows, Office, Azure, Dynamics Business Central, and Visual Studio. Noteworthy is the absence of zero-day vulnerabilities, a deviation from recent history.
MSMQ Vulnerability at the Forefront
Among the critical issues addressed is the Microsoft Message Queuing (MSMQ) vulnerability, designated CVE-2024-30080. This flaw, scoring 9.8 on the CVSS scale, allows attackers to remotely execute arbitrary code on systems with MSMQ enabled. The vulnerability can spread across servers due to its wormable nature, simply by sending a specially crafted MSMQ packet, which could lead to remote code execution.
New Fix for DNSSEC Zero-Day Issue
Microsoft also tackled a previously disclosed zero-day flaw in DNSSEC validation, CVE-2023-50868. Carrying a CVSS score of 7.5, this flaw can be exploited to cause a denial of service by using up resources on a resolver, impacting legitimate users. The issue lies in standard DNSSEC protocols intended to ensure DNS data integrity. A proof of concept for this vulnerability is available.
Another critical issue addressed involves a Remote Code Execution vulnerability in Windows Wi-Fi drivers, tagged as CVE-2024-30078 with a CVSS score of 8.8. For exploitation, an attacker needs to be in close proximity to the target system to interact with its Wi-Fi adapter using a crafted networking packet, leading to potential remote code execution.
Microsoft Office Security Patches
This release also includes several important fixes for Remote Code Execution vulnerabilities in Microsoft Office. Notable are CVE-2024-30101, CVE-2024-30104, CVE-2024-30102, and CVE-2024-30103, with CVSS scores from 7.3 to 8.8. These vulnerabilities involve Use After Free and Improper Link Resolution flaws, which necessitate user interaction for exploitation.
One more significant fix targets the Microsoft Event Trace Log File Parsing Remote Code Execution vulnerability (CVE-2024-30072), attributed to an integer overflow issue. Systems affected include Windows Server 2022 and Windows 11.
Full June 2024 Patch Tuesday Changelog
CVE ID |
Tag |
CVE Title |
Azure Data Science Virtual Machines |
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability |
|
Azure File Sync |
Microsoft Azure File Sync Elevation of Privilege Vulnerability |
|
Azure Monitor |
Azure Monitor Agent Elevation of Privilege Vulnerability |
|
Azure SDK |
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability |
|
Azure Storage Library |
Azure Storage Movement Client Library Denial of Service Vulnerability |
|
Dynamics Business Central |
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability |
|
Dynamics Business Central |
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability |
|
Microsoft Dynamics |
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
|
Microsoft Edge (Chromium-based) |
Chromium: CVE-2024-5498 Use after free in Presentation API |
|
Microsoft Edge (Chromium-based) |
Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC |
|
Microsoft Edge (Chromium-based) |
Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs |
|
Microsoft Edge (Chromium-based) |
Chromium: CVE-2024-5495 Use after free in Dawn |
|
Microsoft Edge (Chromium-based) |
Chromium: CVE-2024-5499 Out of bounds write in Streams API |
|
Microsoft Edge (Chromium-based) |
Chromium: CVE-2024-5494 Use after free in Dawn |
|
Microsoft Edge (Chromium-based) |
Chromium: CVE-2024-5496 Use after free in Media Session |
|
Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability |
|
Microsoft Office |
Microsoft Office Remote Code Execution Vulnerability |
|
Microsoft Office Outlook |
Microsoft Outlook Remote Code Execution Vulnerability |
|
Microsoft Office SharePoint |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
|
Microsoft Office Word |
Microsoft Office Remote Code Execution Vulnerability |
|
Microsoft Streaming Service |
Microsoft Streaming Service Elevation of Privilege Vulnerability |
|
Microsoft Streaming Service |
Microsoft Streaming Service Elevation of Privilege Vulnerability |
|
Microsoft WDAC OLE DB provider for SQL |
Windows OLE Remote Code Execution Vulnerability |
|
Microsoft Windows |
MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU |
|
Microsoft Windows Speech |
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability |
|
Visual Studio |
Visual Studio Remote Code Execution Vulnerability |
|
Visual Studio |
Visual Studio Elevation of Privilege Vulnerability |
|
Visual Studio |
GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM |
|
Windows Cloud Files Mini Filter Driver |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
|
Windows Container Manager Service |
Windows Container Manager Service Elevation of Privilege Vulnerability |
|
Windows Cryptographic Services |
Windows Cryptographic Services Information Disclosure Vulnerability |
|
Windows DHCP Server |
DHCP Server Service Denial of Service Vulnerability |
|
Windows Distributed File System (DFS) |
Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
|
Windows Event Logging Service |
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability |
|
Windows Kernel |
Windows Kernel Elevation of Privilege Vulnerability |
|
Windows Kernel |
Windows Kernel Elevation of Privilege Vulnerability |
|
Windows Kernel-Mode Drivers |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
|
Windows Kernel-Mode Drivers |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
|
Windows Link Layer Topology Discovery Protocol |
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
|
Windows Link Layer Topology Discovery Protocol |
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
|
Windows NT OS Kernel |
Windows Kernel Elevation of Privilege Vulnerability |
|
Windows NT OS Kernel |
Windows Kernel Elevation of Privilege Vulnerability |
|
Windows Perception Service |
Windows Perception Service Elevation of Privilege Vulnerability |
|
Windows Remote Access Connection Manager |
Windows Remote Access Connection Manager Information Disclosure Vulnerability |
|
Windows Routing and Remote Access Service (RRAS) |
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
|
Windows Routing and Remote Access Service (RRAS) |
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
|
Windows Server Service |
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability |
|
Windows Server Service |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
|
Windows Standards-Based Storage Management Service |
Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
|
Windows Storage |
Windows Storage Elevation of Privilege Vulnerability |
|
Windows Themes |
Windows Themes Denial of Service Vulnerability |
|
Windows Wi-Fi Driver |
Windows Wi-Fi Driver Remote Code Execution Vulnerability |
|
Windows Win32 Kernel Subsystem |
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
|
Windows Win32K – GRFX |
Win32k Elevation of Privilege Vulnerability |
|
Windows Win32K – GRFX |
Win32k Elevation of Privilege Vulnerability |
|
Windows Win32K – GRFX |
Win32k Elevation of Privilege Vulnerability |
|
Winlogon |
Winlogon Elevation of Privilege Vulnerability |
|
Winlogon |
Winlogon Elevation of Privilege Vulnerability |