HomeWinBuzzer NewsMicrosoft Addresses Critical Zero-Days in September 2024 Patch Tuesday Update

Microsoft Addresses Critical Zero-Days in September 2024 Patch Tuesday Update

Microsoft's September 2024 Patch Tuesday security update addresses 79 vulnerabilities, including four critical zero-day flaws.

-

In its latest security update for September 2024, Microsoft has addressed a total of 79 vulnerabilities. The rollout includes four zero-day flaws that are being actively exploited, demanding prompt action from IT administrators.

Detailed Breakdown

The vulnerabilities span multiple categories: 30 related to elevation of privilege, 23 impacting remote code execution, 11 concerning information disclosure, 8 focused on denial of service, 4 involving security feature bypass, 2 connected to spoofing, and 1 cross-site scripting flaw. Compared to last month’s update of 90 issues, this release is slightly smaller.

Among the four zero-day vulnerabilities, CVE-2024-38014 impacts Windows Installer and is exploited to gain system-level privileges. CVE-2024-38217, discovered by Joe Desimone of Elastic Security, allows bypassing Smart App Control and Mark of the Web warnings through LNK stomping. CVE-2024-38226 targets Microsoft Publisher, letting attackers circumvent macro policies. Lastly, CVE-2024-43491 is a critical flaw in Windows Update that undoes previous patches, enabling remote code execution.

Critical Issues

Seven vulnerabilities have been marked as critical this month. These include flaws in Azure, Microsoft Office SharePoint, Windows Network Address Translation (NAT), and Windows Update. Specific issues like CVE-2024-38216 and CVE-2024-38220 in Azure Stack permit unauthorized system access. Another critical flaw, CVE-2024-38194 in Azure Web Apps, allows privilege escalation due to poor validation.

Two significant vulnerabilities affecting Microsoft Office SharePoint are CVE-2024-38018 and CVE-2024-43464. Both allow remote code execution, with CVE-2024-38018 permitting code execution by users with Site Member permissions and CVE-2024-43464 enabling Site Owners to inject and run code.

Windows Network Address Translation (NAT) and Windows Update

Critical vulnerability CVE-2024-38119 impacts Windows NAT, where attackers can exploit memory issues to execute code remotely. CVE-2024-43491 in Windows Update affects systems like Windows 10 Enterprise 2015 LTSB and involves a rollback of previous patches, bringing back older vulnerabilities.

Microsoft defines zero-day vulnerabilities as those that are either publicly disclosed or actively exploited without an existing fix. One such flaw, CVE-2024-38217, disclosed last month, involves bypassing security warnings via LNK files. Another, CVE-2024-43491, affects certain Windows 10 versions and reintroduces vulnerabilities by restoring Optional Components to original versions.

All Fixed Vulnerabilities from September 2024 Patch Tuesday

CVE ID

Tag

CVE Title

Severity

CVE-2024-43469

Azure CycleCloud

Azure CycleCloud Remote Code Execution Vulnerability

Important

CVE-2024-38188

Azure Network Watcher

Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

Important

CVE-2024-43470

Azure Network Watcher

Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

Important

CVE-2024-38216

Azure Stack

Azure Stack Hub Elevation of Privilege Vulnerability

Critical

CVE-2024-38220

Azure Stack

Azure Stack Hub Elevation of Privilege Vulnerability

Critical

CVE-2024-38194

Azure Web Apps

Azure Web Apps Elevation of Privilege Vulnerability

Critical

CVE-2024-38225

Dynamics Business Central

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

Important

CVE-2024-43492

Microsoft AutoUpdate (MAU)

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Important

CVE-2024-43476

Microsoft Dynamics 365 (on-premises)

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Important

CVE-2024-38247

Microsoft Graphics Component

Windows Graphics Component Elevation of Privilege Vulnerability

Important

CVE-2024-38250

Microsoft Graphics Component

Windows Graphics Component Elevation of Privilege Vulnerability

Important

CVE-2024-38249

Microsoft Graphics Component

Windows Graphics Component Elevation of Privilege Vulnerability

Important

CVE-2024-38259

Microsoft Management Console

Microsoft Management Console Remote Code Execution Vulnerability

Important

CVE-2024-43465

Microsoft Office Excel

Microsoft Excel Elevation of Privilege Vulnerability

Important

CVE-2024-38226

Microsoft Office Publisher

Microsoft Publisher Security Feature Bypass Vulnerability

Important

CVE-2024-38227

Microsoft Office SharePoint

Microsoft SharePoint Server Remote Code Execution Vulnerability

Important

CVE-2024-43464

Microsoft Office SharePoint

Microsoft SharePoint Server Remote Code Execution Vulnerability

Critical

CVE-2024-38018

Microsoft Office SharePoint

Microsoft SharePoint Server Remote Code Execution Vulnerability

Critical

CVE-2024-38228

Microsoft Office SharePoint

Microsoft SharePoint Server Remote Code Execution Vulnerability

Important

CVE-2024-43466

Microsoft Office SharePoint

Microsoft SharePoint Server Denial of Service Vulnerability

Important

CVE-2024-43463

Microsoft Office Visio

Microsoft Office Visio Remote Code Execution Vulnerability

Important

CVE-2024-43482

Microsoft Outlook for iOS

Microsoft Outlook for iOS Information Disclosure Vulnerability

Important

CVE-2024-38245

Microsoft Streaming Service

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Important

CVE-2024-38241

Microsoft Streaming Service

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Important

CVE-2024-38242

Microsoft Streaming Service

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Important

CVE-2024-38244

Microsoft Streaming Service

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Important

CVE-2024-38243

Microsoft Streaming Service

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Important

CVE-2024-38237

Microsoft Streaming Service

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Important

CVE-2024-38238

Microsoft Streaming Service

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Important

CVE-2024-43479

Power Automate

Microsoft Power Automate Desktop Remote Code Execution Vulnerability

Important

CVE-2024-38235

Role: Windows Hyper-V

Windows Hyper-V Denial of Service Vulnerability

Important

CVE-2024-37338

SQL Server

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Important

CVE-2024-37980

SQL Server

Microsoft SQL Server Elevation of Privilege Vulnerability

Important

CVE-2024-26191

SQL Server

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Important

CVE-2024-37339

SQL Server

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Important

CVE-2024-37337

SQL Server

Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Important

CVE-2024-26186

SQL Server

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Important

CVE-2024-37342

SQL Server

Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Important

CVE-2024-43474

SQL Server

Microsoft SQL Server Information Disclosure Vulnerability

Important

CVE-2024-37335

SQL Server

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Important

CVE-2024-37966

SQL Server

Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Important

CVE-2024-37340

SQL Server

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Important

CVE-2024-37965

SQL Server

Microsoft SQL Server Elevation of Privilege Vulnerability

Important

CVE-2024-37341

SQL Server

Microsoft SQL Server Elevation of Privilege Vulnerability

Important

CVE-2024-43475

Windows Admin Center

Microsoft Windows Admin Center Information Disclosure Vulnerability

Important

CVE-2024-38257

Windows AllJoyn API

Microsoft AllJoyn API Information Disclosure Vulnerability

Important

CVE-2024-38254

Windows Authentication Methods

Windows Authentication Information Disclosure Vulnerability

Important

CVE-2024-38236

Windows DHCP Server

DHCP Server Service Denial of Service Vulnerability

Important

CVE-2024-38014

Windows Installer

Windows Installer Elevation of Privilege Vulnerability

Important

CVE-2024-38239

Windows Kerberos

Windows Kerberos Elevation of Privilege Vulnerability

Important

CVE-2024-38256

Windows Kernel-Mode Drivers

Windows Kernel-Mode Driver Information Disclosure Vulnerability

Important

CVE-2024-43495

Windows Libarchive

Windows libarchive Remote Code Execution Vulnerability

Important

CVE-2024-38217

Windows Mark of the Web (MOTW)

Windows Mark of the Web Security Feature Bypass Vulnerability

Important

CVE-2024-43487

Windows Mark of the Web (MOTW)

Windows Mark of the Web Security Feature Bypass Vulnerability

Moderate

CVE-2024-43461

Windows MSHTML Platform

Windows MSHTML Platform Spoofing Vulnerability

Important

CVE-2024-38119

Windows Network Address Translation (NAT)

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability

Critical

CVE-2024-38232

Windows Network Virtualization

Windows Networking Denial of Service Vulnerability

Important

CVE-2024-38233

Windows Network Virtualization

Windows Networking Denial of Service Vulnerability

Important

CVE-2024-38234

Windows Network Virtualization

Windows Networking Denial of Service Vulnerability

Important

CVE-2024-43458

Windows Network Virtualization

Windows Networking Information Disclosure Vulnerability

Important

CVE-2024-38046

Windows PowerShell

PowerShell Elevation of Privilege Vulnerability

Important

CVE-2024-38240

Windows Remote Access Connection Manager

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Important

CVE-2024-38231

Windows Remote Desktop Licensing Service

Windows Remote Desktop Licensing Service Denial of Service Vulnerability

Important

CVE-2024-38258

Windows Remote Desktop Licensing Service

Windows Remote Desktop Licensing Service Information Disclosure Vulnerability

Important

CVE-2024-43467

Windows Remote Desktop Licensing Service

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Important

CVE-2024-43454

Windows Remote Desktop Licensing Service

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Important

CVE-2024-38263

Windows Remote Desktop Licensing Service

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Important

CVE-2024-38260

Windows Remote Desktop Licensing Service

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Important

CVE-2024-43455

Windows Remote Desktop Licensing Service

Windows Remote Desktop Licensing Service Spoofing Vulnerability

Important

CVE-2024-30073

Windows Security Zone Mapping

Windows Security Zone Mapping Security Feature Bypass Vulnerability

Important

CVE-2024-43457

Windows Setup and Deployment

Windows Setup and Deployment Elevation of Privilege Vulnerability

Important

CVE-2024-38230

Windows Standards-Based Storage Management Service

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important

CVE-2024-38248

Windows Storage

Windows Storage Elevation of Privilege Vulnerability

Important

CVE-2024-21416

Windows TCP/IP

Windows TCP/IP Remote Code Execution Vulnerability

Important

CVE-2024-38045

Windows TCP/IP

Windows TCP/IP Remote Code Execution Vulnerability

Important

CVE-2024-43491

Windows Update

Microsoft Windows Update Remote Code Execution Vulnerability

Critical

CVE-2024-38246

Windows Win32K – GRFX

Win32k Elevation of Privilege Vulnerability

Important

CVE-2024-38252

Windows Win32K – ICOMP

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Important

CVE-2024-38253

Windows Win32K – ICOMP

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Important

Last Updated on November 18, 2024 12:02 pm CET

Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x