In its May 2024 Patch Tuesday release, Microsoft addressed 60 vulnerabilities, including 2 zero-day vulnerabilities actively exploited in the wild.
The updates cover a range of vulnerability categories.
- 27 Remote Code Execution Vulnerabilities
- 17 Elevation of Privilege Vulnerabilities
- 7 Information Disclosure Vulnerabilities
- 4 Spoofing Vulnerabilities.
- 3 Denial of Service Vulnerabilities
- 2 Security Feature Bypass Vulnerabilities
Zero-Day Vulnerabilities Addressed
Microsoft has patched two actively exploited zero-day vulnerabilities in this update:
CVE-2024-30040 – Windows MSHTML Platform Security Feature Bypass Vulnerability
This flaw could enable attackers to bypass OLE mitigations in Microsoft 365 and Microsoft Office.
An attacker must get the user to load a malicious file onto a weak system by offering something tempting in an email or instant message. Then, they would have to get the user to change the specially made file but not necessarily open or click on the malicious file.
Successful exploitation requires convincing a user to open a malicious document, potentially leading to arbitrary code execution.
CVE-2024-30051 – Windows DWM Core Library Elevation of Privilege Vulnerability
This vulnerability could grant an attacker SYSTEM privileges on Windows devices. Recent Qakbot malware phishing attacks have exploited this flaw to gain elevated privileges.
Vlad Stolyarov and Benoit Sevens of Google Threat Analysis Group, Bryce Abdo, and Adam Brunner of Google Mandiant reported the vulnerability.
Study malware before it attacks: Join 400,000 professionals using the ANY.RUN malware sandbox. Sign up for free
List of 60 Vulnerabilities & Fixes:
Windows Task Scheduler | CVE-2024-26238 |
Microsoft Windows SCSI Class System File | CVE-2024-29994 |
Windows Common Log File System Driver | CVE-2024-29996 |
Windows Mobile Broadband | CVE-2024-29997 |
Windows Mobile Broadband | CVE-2024-29998 |
Windows Mobile Broadband | CVE-2024-29999 |
Windows Mobile Broadband | CVE-2024-30000 |
Windows Mobile Broadband | CVE-2024-30001 |
Windows Mobile Broadband | CVE-2024-30002 |
Windows Mobile Broadband | CVE-2024-30003 |
Windows Mobile Broadband | CVE-2024-30004 |
Windows Mobile Broadband | CVE-2024-30005 |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-30006 |
Microsoft Brokering File System | CVE-2024-30007 |
Windows DWM Core Library | CVE-2024-30008 |
Windows Routing and Remote Access Service (RRAS) | CVE-2024-30009 |
Windows Hyper-V | CVE-2024-30010 |
Windows Hyper-V | CVE-2024-30011 |
Windows Mobile Broadband | CVE-2024-30012 |
Windows Routing and Remote Access Service (RRAS) | CVE-2024-30014 |
Windows Routing and Remote Access Service (RRAS) | CVE-2024-30015 |
Windows Cryptographic Services | CVE-2024-30016 |
Windows Hyper-V | CVE-2024-30017 |
Windows Kernel | CVE-2024-30018 |
Windows DHCP Server | CVE-2024-30019 |
Windows Cryptographic Services | CVE-2024-30020 |
Windows Mobile Broadband | CVE-2024-30021 |
Windows Routing and Remote Access Service (RRAS) | CVE-2024-30022 |
Windows Routing and Remote Access Service (RRAS) | CVE-2024-30023 |
Windows Routing and Remote Access Service (RRAS) | CVE-2024-30024 |
Windows Common Log File System Driver | CVE-2024-30025 |
Windows NTFS | CVE-2024-30027 |
Windows Win32K – ICOMP | CVE-2024-30028 |
Windows Routing and Remote Access Service (RRAS) | CVE-2024-30029 |
Windows Win32K – GRFX | CVE-2024-30030 |
Windows CNG Key Isolation Service | CVE-2024-30031 |
Windows DWM Core Library | CVE-2024-30032 |
Microsoft Windows Search Component | CVE-2024-30033 |
Windows Cloud Files Mini Filter Driver | CVE-2024-30034 |
Windows DWM Core Library | CVE-2024-30035 |
Windows Deployment Services | CVE-2024-30036 |
Windows Common Log File System Driver | CVE-2024-30037 |
Windows Win32K – ICOMP | CVE-2024-30038 |
Windows Remote Access Connection Manager | CVE-2024-30039 |
Windows MSHTML Platform | CVE-2024-30040 |
Microsoft Bing | CVE-2024-30041 |
Microsoft Office Excel | CVE-2024-30042 |
Microsoft Office SharePoint | CVE-2024-30043 |
Microsoft Office SharePoint | CVE-2024-30044 |
.NET and Visual Studio | CVE-2024-30045 |
Visual Studio | CVE-2024-30046 |
Microsoft Dynamics 365 Customer Insights | CVE-2024-30047 |
Microsoft Dynamics 365 Customer Insights | CVE-2024-30048 |
Windows Win32K – ICOMP | CVE-2024-30049 |
Windows Mark of the Web (MOTW) | CVE-2024-30050 |
Windows DWM Core Library | CVE-2024-30051 |
Azure Migrate | CVE-2024-30053 |
Power BI | CVE-2024-30054 |
Microsoft Edge (Chromium-based) | CVE-2024-30055 |
Microsoft Intune | CVE-2024-30059 |
Along with Microsoft, Adobe released security updates addressing the following vulnerabilities:
Users of the affected Microsoft products mentioned in the security advisory are advised to upgrade to the latest software releases to prevent the vulnerabilities from being exploited.
Before installing system updates, it’s highly recommended that you consider the importance of creating a backup for your system or essential documents and data. This precautionary measure is always recommended to prevent data loss.
On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free