The August 2024 Patch Tuesday Update bundle from Microsoft is huge, with 10 zero-day fixes. This month’s security update also addressed 9 critical-severity vulnerabilities, patching 94 bugs in total. The severity of the vulnerabilities addressed with August updates makes it crucial for all Microsoft users to patch their systems immediately.
Microsoft Released 10 Zero-Day Security Fixes
The most noteworthy security patches with August Patch Tuesday from Microsoft address the following 10 zero-day flaws. Out of these 10, the following 6 vulnerabilities went under attack prior public disclosure and patching.
Publicly Exploited Zero-Days
- CVE-2024-38189 (CVSS 8.8; important): A remote code execution vulnerability in Microsoft Project that an adversary could trigger by luring the victim into opening a maliciously crafted Microsoft Office Project file.
- CVE-2024-38178 (CVSS 7.5; important): A memory corruption vulnerability in the Scripting Engine that an unauthenticated attacker could exploit by sending a maliciously crafted URL to the victim.
- CVE-2024-38193 (CVSS 7.8; important): A privilege escalation vulnerability in Windows Ancillary Function Driver for WinSock, allowing SYSTEM privileges to an adversary. Microsoft did not share many details about the exploitation.
- CVE-2024-38106 (CVSS 7.0; important): A privilege escalation flaw in Windows Kernel that could allow SYSTEM privileges to an adversary upon triggering a race condition.
- CVE-2024-38107 (CVSS 7.8; important): A privilege escalation flaw affecting Windows Power Dependency Coordinator. Again, Microsoft did not share precise details about the exploit besides disclosing that successful exploitation of this vulnerability grants SYSTEM privileges to an attacker.
- CVE-2024-38213 (CVSS 6.5; moderate): A Windows Mark of the Web Security Feature Bypass that allows an adversary to bypass Windows SmartScreen. Exploiting the flaw requires an adversary to lure the victim into opening a maliciously crafted file.
Publicly Disclosed Zero-Days
While not exploited, the remaining 4 vulnerabilities became publicly known before Microsoft could fix them. The tech giant shared mitigations for these vulnerabilities in the respective advisories.
- CVE-2024-38200 (CVSS 6.5; important): A spoofing vulnerability affecting Microsoft Office.
- CVE-2024-38199 (CVSS 9.8; important): Remote code execution vulnerability in the Windows Line Printer Daemon (LPD) Service.
- CVE-2024-21302 (CVSS 6.7; important): A privilege escalation vulnerability in Windows Secure Kernel Mode, exploiting which allowed SYSTEM privileges.
- CVE-2024-38202 (CVSS; important): A privilege escalation vulnerability in Windows Update Stack. This vulnerability, together with CVE-2024-21302, could allow downgrade attacks that unpatch Windows systems.
Other Important Patch Tuesday August 2024 Updates From Microsoft
Alongside the huge number of zero-day vulnerabilities, Microsoft also addressed 9 critical severity vulnerabilities and 74 important severity issues this month. These include 6 denial of service vulnerabilities, 30 privilege escalation issues, 9 information disclosure flaws, 28 remote code execution vulnerabilities, 2 security feature bypass issues, 4 spoofing flaws, a single tampering issue, and 2 cross-site scripting vulnerabilities.
When compared to the July Patch Tuesday, which addressed over 140 vulnerabilities, this month’s security update bundle appears rather modest in that it includes 94 security fixes. However, it is more important for users as it addresses a huge number of zero-day vulnerabilities and critical severity flaws. Therefore, all users must ensure that their systems are updated as soon as possible by manually checking for updates instead of waiting for the automatic updates to arrive.
Let us know your thoughts in the comments.
