Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
Microsoft.NET and Visual Studio CVE-2024-30105 .NET Core and Visual Studio Denial of Service Vulnerability
Microsoft.NET and Visual Studio CVE-2024-38081 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Microsoft.NET and Visual Studio CVE-2024-35264 .NET and Visual Studio Remote Code Execution Vulnerability
Microsoft.NET and Visual Studio CVE-2024-38095 .NET and Visual Studio Denial of Service Vulnerability
GithubActive Directory Rights Management Services CVE-2024-39684 Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability
GitHubActive Directory Rights Management Services CVE-2024-38517 Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability
MicrosoftAzure CycleCloud CVE-2024-38092 Azure CycleCloud Elevation of Privilege Vulnerability
MicrosoftAzure DevOps CVE-2024-35266 Azure DevOps Server Spoofing Vulnerability
MicrosoftAzure DevOps CVE-2024-35267 Azure DevOps Server Spoofing Vulnerability
MicrosoftAzure Kinect SDK CVE-2024-38086 Azure Kinect SDK Remote Code Execution Vulnerability
MicrosoftAzure Network Watcher CVE-2024-35261 Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
IntelIntel CVE-2024-37985 Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers
MicrosoftLine Printer Daemon Service (LPD) CVE-2024-38027 Windows Line Printer Daemon Service Denial of Service Vulnerability
MicrosoftMicrosoft Defender for IoT CVE-2024-38089 Microsoft Defender for IoT Elevation of Privilege Vulnerability
MicrosoftMicrosoft Dynamics CVE-2024-30061 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2024-38079 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2024-38051 Windows Graphics Component Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2024-38021 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Outlook CVE-2024-38020 Microsoft Outlook Spoofing Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38024 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38023 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-32987 Microsoft SharePoint Server Information Disclosure Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38057 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38054 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38052 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Windows Codecs Library CVE-2024-38055 Microsoft Windows Codecs Library Information Disclosure Vulnerability
MicrosoftMicrosoft Windows Codecs Library CVE-2024-38056 Microsoft Windows Codecs Library Information Disclosure Vulnerability
MicrosoftMicrosoft WS-Discovery CVE-2024-38091 Microsoft WS-Discovery Denial of Service Vulnerability
MicrosoftNDIS CVE-2024-38048 Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CERT/CCNPS RADIUS Server CVE-2024-3596 CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
MicrosoftRole: Active Directory Certificate Services; Active Directory Domain Services CVE-2024-38061 DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
MicrosoftRole: Windows Hyper-V CVE-2024-38080 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftSQL Server CVE-2024-28928 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-38088 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-20701 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21317 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21308 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35256 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21303 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21335 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35271 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35272 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-38087 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21425 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21449 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37324 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37330 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37326 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37329 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37328 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37327 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37334 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37321 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37320 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37319 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37322 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37336 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37323 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21398 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21373 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37318 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21428 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21415 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21414 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftWindows BitLocker CVE-2024-38058 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows COM Session CVE-2024-38100 Windows File Explorer Elevation of Privilege Vulnerability
MicrosoftWindows CoreMessaging CVE-2024-21417 Windows Text Services Framework Elevation of Privilege Vulnerability
MicrosoftWindows Cryptographic Services CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability
MicrosoftWindows DHCP Server CVE-2024-38044 DHCP Server Service Remote Code Execution Vulnerability
MicrosoftWindows Distributed Transaction Coordinator CVE-2024-38049 Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
MicrosoftWindows Enroll Engine CVE-2024-38069 Windows Enroll Engine Security Feature Bypass Vulnerability
MicrosoftWindows Fax and Scan Service CVE-2024-38104 Windows Fax Service Remote Code Execution Vulnerability
MicrosoftWindows Filtering CVE-2024-38034 Windows Filtering Platform Elevation of Privilege Vulnerability
MicrosoftWindows Image Acquisition CVE-2024-38022 Windows Image Acquisition Elevation of Privilege Vulnerability
MicrosoftWindows Imaging Component CVE-2024-38060 Windows Imaging Component Remote Code Execution Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38105 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38053 Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38102 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38101 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows iSCSI CVE-2024-35270 Windows iSCSI Service Denial of Service Vulnerability
MicrosoftWindows Kernel CVE-2024-38041 Windows Kernel Information Disclosure Vulnerability
MicrosoftWindows Kernel-Mode Drivers CVE-2024-38062 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
MicrosoftWindows LockDown Policy (WLDP) CVE-2024-38070 Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
MicrosoftWindows Message Queuing CVE-2024-38017 Microsoft Message Queuing Information Disclosure Vulnerability
MicrosoftWindows MSHTML Platform CVE-2024-38112 Windows MSHTML Platform Spoofing Vulnerability
MicrosoftWindows MultiPoint Services CVE-2024-30013 Windows MultiPoint Services Remote Code Execution Vulnerability
MicrosoftWindows NTLM CVE-2024-30081 Windows NTLM Spoofing Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38068 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38067 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38031 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38028 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38019 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38025 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows PowerShell CVE-2024-38043 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows PowerShell CVE-2024-38047 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows PowerShell CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2024-30071 Windows Remote Access Connection Manager Information Disclosure Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2024-30079 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
MicrosoftWindows Remote Desktop CVE-2024-38076 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop CVE-2024-38015 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38071 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38073 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38074 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38072 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38077 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38099 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38065 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37986 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37981 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37987 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-28899 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-26184 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38011 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37984 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37988 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37977 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37978 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37974 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38010 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37989 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37970 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37975 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37972 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37973 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37971 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37969 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Server Backup CVE-2024-38013 Microsoft Windows Server Backup Elevation of Privilege Vulnerability
MicrosoftWindows TCP/IP CVE-2024-38064 Windows TCP/IP Information Disclosure Vulnerability
MicrosoftWindows Themes CVE-2024-38030 Windows Themes Spoofing Vulnerability
MicrosoftWindows Win32 Kernel Subsystem CVE-2024-38085 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - GRFX CVE-2024-38066 Windows Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - ICOMP CVE-2024-38059 Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Workstation Service CVE-2024-38050 Windows Workstation Service Elevation of Privilege Vulnerability
MicrosoftXBox Crypto Graphic Services CVE-2024-38032 Microsoft Xbox Remote Code Execution Vulnerability
MicrosoftXBox Crypto Graphic Services CVE-2024-38078 Xbox Wireless Adapter Remote Code Execution Vulnerability

CVE-2024-30061 - Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30061
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must be on the network to monitor domain network traffic (PR:L) while monitoring for user (UI:R) generated network traffic, or alternatively that attacker convinces an authenticated user to execute a malicious script, as a step to exploit this vulnerability.


What type of information could be disclosed by this vulnerability?

This vulnerability discloses data stored in the underlying datasets in Dataverse, that could include Personal Identifiable Information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30061
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.1 5037940 (Security Update) Important Information Disclosure None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
9.1.28.09 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30061 Erik Donker


CVE-2024-21417 - Windows Text Services Framework Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21417
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Text Services Framework Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level or a High Integrity Level.

Please refer to AppContainer isolation and Mandatory Integrity Control for more information.


According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21417
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21417 None

CVE-2024-28899 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28899
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


How could an attacker successfully exploit this vulnerability?

To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install a malicious .wim file


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28899
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28899 Azure Yang with Kunlun Lab


CVE-2024-30081 - Windows NTLM Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30081
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows NTLM Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30081
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Spoofing 5039289
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Spoofing 5039289
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Spoofing 5039236 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30081 Jimmy Bayne


CVE-2024-30098 - Windows Cryptographic Services Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30098
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Cryptographic Services Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to create a SHA1 hash collision successfully.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass digital signatures on a vulnerable system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30098
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30098 Anonymous


CVE-2024-35264 - .NET and Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35264
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: .NET and Visual Studio Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


How could an attacker exploit this vulnerability?

An attacker could exploit this by closing an http/3 stream while the request body is being processed leading to a race condition. This could result in remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35264
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8.0.7 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.10.4 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.8.12 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35264 Radek Zikmund of Microsoft Corporation


CVE-2024-35270 - Windows iSCSI Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35270
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows iSCSI Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.3/TemporalScore:4.6
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35270
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35270 Azure Yang with Kunlun Lab


CVE-2024-38088 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38088
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38088
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38088 Anonymous


CVE-2024-38087 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38087
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38087
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38087 Anonymous


CVE-2024-21332 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21332
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21332
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21332 Anonymous


CVE-2024-21333 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21333
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21333
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21333 Anonymous


CVE-2024-21335 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21335
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21335
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21335 Anonymous


CVE-2024-21373 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21373
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21373
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21373 Anonymous


CVE-2024-21398 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21398
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21398
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21398 Anonymous


CVE-2024-21414 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21414
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21414
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21414 Anonymous


CVE-2024-21415 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21415
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21415
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21415 Anonymous


CVE-2024-21428 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21428
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21428
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21428 Anonymous


CVE-2024-37318 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37318
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37318
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37318 Anonymous


CVE-2024-37332 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37332
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37332
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37332 Yuki Chen


CVE-2024-37331 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37331
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37331
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37331 Anonymous


CVE-2024-37969 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37969
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37969
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Featur