The Patch Tuesday update bundle for March 2024 carries some important security fixes for various Microsoft products. Nonetheless, no specific zero days were reported for this month’s fix.
Microsoft March 2024 Patch Tuesday Overview
With March updates, the Redmond giant addressed dozens of security vulnerabilities affecting different products. But interestingly, the updates do not include any zero-day fixes this time. So, while these updates do not demand an immediate rush from users, they are still important to secure eligible devices from potential threats.
The most noteworthy security fixes with the March 2024 Patch Tuesday bundle arrive for two critical vulnerabilities in Microsoft Hyper-V. These include,
- CVE-2024-21407 (CVSS 8.1): A critical severity remote code execution vulnerability allowing attacks from an authenticated attacker. An adversary could exploit the flaw by sending maliciously crafted file operation requests to the guest VM that could allow code execution. Exploiting the flaw requires the attacker to first prepare the target environment by gathering specific information.
- CVE-2024-21408 (CVSS 5.5): A denial-of-service vulnerability affecting Windows Hyper-V. While this vulnerability received a low CVSS score, it still achieved a critical severity rating given its impact.
Except for these two vulnerabilities, all other security issues received important severity ratings. These vulnerabilities affected different Microsoft products, including Windows Kernel, Print Spooler, Microsoft Edge, Windows Installer, and Microsoft Defender. From these, some noteworthy vulnerabilities include,
- CVE-2024-26199 (CVSS 7.8): A privilege escalation vulnerability affecting Microsoft Office that could let an authenticated adversary gain SYSTEM privileges on the target system.
- CVE-2024-26198 (CVSS 8.8): A remote code execution flaw in Microsoft Exchange Server. An unauthenticated attacker could exploit the flaw by placing a maliciously crafted file in an online directory or local network location, and tricking the victim user into opening the file which would load the malicious DLL.
While these updates would automatically reach all eligible systems, users must still check their devices manually for updates to ensure that they are promptly receiving the security fixes.
Let us know your thoughts in the comments.