This week marked the release of the monthly Patch Tuesday updates for Microsoft users, rolling out as the June updates. This one is a rather modest bundle with some 50 vulnerability fixes and a few third-party updates. Users must ensure updating their systems with the latest security fixes to avoid potential threats.
Microsoft Patch Tuesday For June 2024 Rolled Out
The Redmond giant addressed 49 vulnerabilities (to be precise) across different Microsoft products with the June 2024 Patch Tuesday updates.
The most important is a critical remote code execution vulnerability, CVE-2024-30080 (CVSS 9.8), affecting the Microsoft Message Queuing (MSMQ) service. Microsoft’s advisory described it as a use-after-free vulnerability, which an adversary could exploit by sending maliciously crafted MSMQ packets to the target MSMQ server to gain code execution privileges.
Alongside patching the vulnerability, Microsoft advised the users to check their systems for it, as it only affects systems with the messaging queuing service enabled.
You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine.
Besides this single critical severity issue, all the remaining 48 vulnerabilities have received an important severity rating. These include 4 denial of service vulnerabilities, 24 privilege escalation issues, 3 information disclosure vulnerabilities, and 17 remote code execution flaws.
Some noteworthy vulnerabilities include,
- CVE-2024-30064 (CVSS 8.8): A privilege escalation vulnerability that could allow a logged-in adversary to run a maliciously crafted application and take control of the target system.
- CVE-2024-30068 (CVSS 8.8): Another privilege escalation flaw allowing a logged-in adversary to gain SYSTEM privileges by running a maliciously crafted application.
- CVE-2024-30103 (CVSS 8.8): A remote code execution vulnerability affecting Microsoft Outlook that an authenticated adversary could exploit via the Preview Pane to bypass Outlook registry blocklists and create malicious DLLs.
- CVE-2024-30078 (CVSS 8.8): A remote code execution flaw affecting the Windows WiFi driver. An unauthenticated near the target device, with the capability to send/receive radio transmissions, could exploit the flaw by sending a maliciously crafted networking packet.
This month’s updates address no low-severity issues, highlighting the importance of this Patch Tuesday. Hence, users must rush to patch their systems accordingly at the earliest.
Let us know your thoughts in the comments.