Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
Microsoft.NET and Visual Studio CVE-2024-30105 .NET Core and Visual Studio Denial of Service Vulnerability
Microsoft.NET and Visual Studio CVE-2024-38081 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Microsoft.NET and Visual Studio CVE-2024-35264 .NET and Visual Studio Remote Code Execution Vulnerability
Microsoft.NET and Visual Studio CVE-2024-38095 .NET and Visual Studio Denial of Service Vulnerability
GithubActive Directory Rights Management Services CVE-2024-39684 Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability
GitHubActive Directory Rights Management Services CVE-2024-38517 Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability
MicrosoftAzure CycleCloud CVE-2024-38092 Azure CycleCloud Elevation of Privilege Vulnerability
MicrosoftAzure DevOps CVE-2024-35266 Azure DevOps Server Spoofing Vulnerability
MicrosoftAzure DevOps CVE-2024-35267 Azure DevOps Server Spoofing Vulnerability
MicrosoftAzure Kinect SDK CVE-2024-38086 Azure Kinect SDK Remote Code Execution Vulnerability
MicrosoftAzure Network Watcher CVE-2024-35261 Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
IntelIntel CVE-2024-37985 Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers
MicrosoftLine Printer Daemon Service (LPD) CVE-2024-38027 Windows Line Printer Daemon Service Denial of Service Vulnerability
MicrosoftMicrosoft Defender for IoT CVE-2024-38089 Microsoft Defender for IoT Elevation of Privilege Vulnerability
MicrosoftMicrosoft Dynamics CVE-2024-30061 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2024-38079 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2024-38051 Windows Graphics Component Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2024-38021 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Outlook CVE-2024-38020 Microsoft Outlook Spoofing Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38024 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38023 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-32987 Microsoft SharePoint Server Information Disclosure Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38057 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38054 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38052 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Windows Codecs Library CVE-2024-38055 Microsoft Windows Codecs Library Information Disclosure Vulnerability
MicrosoftMicrosoft Windows Codecs Library CVE-2024-38056 Microsoft Windows Codecs Library Information Disclosure Vulnerability
MicrosoftMicrosoft WS-Discovery CVE-2024-38091 Microsoft WS-Discovery Denial of Service Vulnerability
MicrosoftNDIS CVE-2024-38048 Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CERT/CCNPS RADIUS Server CVE-2024-3596 CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
MicrosoftRole: Active Directory Certificate Services; Active Directory Domain Services CVE-2024-38061 DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
MicrosoftRole: Windows Hyper-V CVE-2024-38080 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftSQL Server CVE-2024-28928 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-38088 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-20701 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21317 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21308 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35256 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21303 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21335 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35271 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35272 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-38087 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21425 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21449 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37324 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37330 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37326 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37329 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37328 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37327 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37334 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37321 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37320 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37319 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37322 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37336 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37323 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21398 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21373 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37318 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21428 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21415 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21414 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftWindows BitLocker CVE-2024-38058 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows COM Session CVE-2024-38100 Windows File Explorer Elevation of Privilege Vulnerability
MicrosoftWindows CoreMessaging CVE-2024-21417 Windows Text Services Framework Elevation of Privilege Vulnerability
MicrosoftWindows Cryptographic Services CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability
MicrosoftWindows DHCP Server CVE-2024-38044 DHCP Server Service Remote Code Execution Vulnerability
MicrosoftWindows Distributed Transaction Coordinator CVE-2024-38049 Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
MicrosoftWindows Enroll Engine CVE-2024-38069 Windows Enroll Engine Security Feature Bypass Vulnerability
MicrosoftWindows Fax and Scan Service CVE-2024-38104 Windows Fax Service Remote Code Execution Vulnerability
MicrosoftWindows Filtering CVE-2024-38034 Windows Filtering Platform Elevation of Privilege Vulnerability
MicrosoftWindows Image Acquisition CVE-2024-38022 Windows Image Acquisition Elevation of Privilege Vulnerability
MicrosoftWindows Imaging Component CVE-2024-38060 Windows Imaging Component Remote Code Execution Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38105 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38053 Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38102 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38101 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows iSCSI CVE-2024-35270 Windows iSCSI Service Denial of Service Vulnerability
MicrosoftWindows Kernel CVE-2024-38041 Windows Kernel Information Disclosure Vulnerability
MicrosoftWindows Kernel-Mode Drivers CVE-2024-38062 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
MicrosoftWindows LockDown Policy (WLDP) CVE-2024-38070 Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
MicrosoftWindows Message Queuing CVE-2024-38017 Microsoft Message Queuing Information Disclosure Vulnerability
MicrosoftWindows MSHTML Platform CVE-2024-38112 Windows MSHTML Platform Spoofing Vulnerability
MicrosoftWindows MultiPoint Services CVE-2024-30013 Windows MultiPoint Services Remote Code Execution Vulnerability
MicrosoftWindows NTLM CVE-2024-30081 Windows NTLM Spoofing Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38068 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38067 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38031 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38028 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38019 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38025 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows PowerShell CVE-2024-38043 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows PowerShell CVE-2024-38047 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows PowerShell CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2024-30071 Windows Remote Access Connection Manager Information Disclosure Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2024-30079 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
MicrosoftWindows Remote Desktop CVE-2024-38076 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop CVE-2024-38015 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38071 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38073 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38074 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38072 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38077 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38099 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38065 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37986 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37981 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37987 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-28899 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-26184 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38011 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37984 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37988 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37977 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37978 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37974 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38010 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37989 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37970 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37975 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37972 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37973 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37971 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37969 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Server Backup CVE-2024-38013 Microsoft Windows Server Backup Elevation of Privilege Vulnerability
MicrosoftWindows TCP/IP CVE-2024-38064 Windows TCP/IP Information Disclosure Vulnerability
MicrosoftWindows Themes CVE-2024-38030 Windows Themes Spoofing Vulnerability
MicrosoftWindows Win32 Kernel Subsystem CVE-2024-38085 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - GRFX CVE-2024-38066 Windows Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - ICOMP CVE-2024-38059 Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Workstation Service CVE-2024-38050 Windows Workstation Service Elevation of Privilege Vulnerability
MicrosoftXBox Crypto Graphic Services CVE-2024-38032 Microsoft Xbox Remote Code Execution Vulnerability
MicrosoftXBox Crypto Graphic Services CVE-2024-38078 Xbox Wireless Adapter Remote Code Execution Vulnerability

CVE-2024-30061 - Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30061
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must be on the network to monitor domain network traffic (PR:L) while monitoring for user (UI:R) generated network traffic, or alternatively that attacker convinces an authenticated user to execute a malicious script, as a step to exploit this vulnerability.


What type of information could be disclosed by this vulnerability?

This vulnerability discloses data stored in the underlying datasets in Dataverse, that could include Personal Identifiable Information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30061
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.1 5037940 (Security Update) Important Information Disclosure None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 9.1.28.09 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30061 Erik Donker

CVE-2024-21417 - Windows Text Services Framework Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21417
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Text Services Framework Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level or a High Integrity Level.

Please refer to AppContainer isolation and Mandatory Integrity Control for more information.


According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21417
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21417 None

CVE-2024-28899 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28899
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


How could an attacker successfully exploit this vulnerability?

To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install a malicious .wim file


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28899
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28899 Azure Yang with Kunlun Lab

CVE-2024-30081 - Windows NTLM Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30081
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows NTLM Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30081
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Spoofing 5039289
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Spoofing 5039289
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Spoofing 5039236 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30081 Jimmy Bayne

CVE-2024-30098 - Windows Cryptographic Services Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30098
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Cryptographic Services Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to create a SHA1 hash collision successfully.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass digital signatures on a vulnerable system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30098
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30098 Anonymous

CVE-2024-35264 - .NET and Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35264
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: .NET and Visual Studio Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


How could an attacker exploit this vulnerability?

An attacker could exploit this by closing an http/3 stream while the request body is being processed leading to a race condition. This could result in remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35264
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 8.0.7 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.10.4 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.8.12 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35264 Radek Zikmund of Microsoft Corporation

CVE-2024-35270 - Windows iSCSI Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35270
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows iSCSI Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.3/TemporalScore:4.6
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35270
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35270 Azure Yang with Kunlun Lab

CVE-2024-38088 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38088
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38088
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38088 Anonymous

CVE-2024-38087 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38087
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38087
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38087 Anonymous

CVE-2024-21332 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21332
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21332
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21332 Anonymous

CVE-2024-21333 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21333
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21333
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21333 Anonymous

CVE-2024-21335 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21335
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21335
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21335 Anonymous

CVE-2024-21373 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21373
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21373
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21373 Anonymous

CVE-2024-21398 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21398
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21398
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21398 Anonymous

CVE-2024-21414 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21414
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21414
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21414 Anonymous

CVE-2024-21415 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21415
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21415
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21415 Anonymous

CVE-2024-21428 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21428
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21428
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21428 Anonymous

CVE-2024-37318 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37318
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37318
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37318 Anonymous

CVE-2024-37332 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37332
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37332
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37332 Yuki Chen

CVE-2024-37331 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37331
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37331
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37331 Anonymous

CVE-2024-37969 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37969
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37969
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37969 Azure Yang with Kunlun Lab

CVE-2024-37970 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37970
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37970
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37970 Azure Yang with Kunlun Lab

CVE-2024-37974 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37974
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37974
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37974 Azure Yang with Kunlun Lab

CVE-2024-37981 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37981
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37981
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37981 Azure Yang with Kunlun Lab

CVE-2024-37985 - Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37985
MITRE
NVD

Issuing CNA: Intel

 CVE Title: Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers
CVSS:

CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.2
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


Why is this Intel CVE included in the Security Update Guide?

Intel assigned this CVE to a problem that affects certain ARM-based operating systems. This update mitigates against this vulnerability.

For more information on this vulnerability, please see: Systematic Identification and Characterization of Proprietary Prefetchers


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37985
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37985

CVE-2024-37986 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37986
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37986
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37986 Azure Yang with Kunlun Lab

CVE-2024-37987 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37987
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37987
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37987 Azure Yang with Kunlun Lab

CVE-2024-38013 - Microsoft Windows Server Backup Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38013
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows Server Backup Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker would be able to delete any system files.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38013
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38013 3wyeye5 with OSR

CVE-2024-38015 - Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38015
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38015
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38015 Lewis Lee & Zhiniang Peng

CVE-2024-38022 - Windows Image Acquisition Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38022
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Image Acquisition Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38022
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38022 BochengXiang(@Crispr) with FDU


goodbyeselene

CVE-2024-38023 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38023
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit the vulnerability?

An authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger deserialization of file's parameters. This would enable the attacker to perform remote code execution in the context of the SharePoint Server.


According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38023
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Critical Remote Code Execution 5002604 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft SharePoint Server 2019 5002615 (Security Update) Critical Remote Code Execution 5002602 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10412.20001 Maybe None
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Critical Remote Code Execution 5002603 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38023 zcgonvh

CVE-2024-38024 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38024
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.


How could an attacker exploit the vulnerability?

An authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger deserialization of file's parameters. This would enable the attacker to perform remote code execution in the context of the SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38024
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Important Remote Code Execution 5002604 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft SharePoint Server 2019 5002615 (Security Update) Important Remote Code Execution 5002602 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10412.20001 Maybe None
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Important Remote Code Execution 5002603 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38024 zcgonvh

CVE-2024-38025 - Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38025
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

To exploit this vulnerability, a victim machine must be running a performance counter collection tool such as Performance Monitor to collect performance counter data from an attacker machine. An attacker with local admin authority on the attacker machine could run malicious code remotely in the victim machine's performance counter data collector process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38025
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38025 QingHe Xie


FangMing Gu

CVE-2024-38034 - Windows Filtering Platform Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38034
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Filtering Platform Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38034
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38034 go2bed

CVE-2024-38041 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38041
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is one byte of kernel memory could be leaked back to the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38041
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38041 Le Tran Hai Tung with Viettel Cyber Security

CVE-2024-38043 - PowerShell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38043
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: PowerShell Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could elevate their user privileges from those of a restrained user to an unrestrained WDAC user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38043
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38043 Jimmy Bayne

CVE-2024-38517 - Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38517
MITRE
NVD

Issuing CNA: GitHub

 CVE Title: Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Why is this GitHub CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in RapidJSON library which is consumed by Microsoft Active Directory Rights Management Services Client. The CVE for this open source component, which is used in a Microsoft product, is assigned by GitHub CNA.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Moderate Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38517
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2016 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Moderate Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Moderate Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Moderate Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38517 Anonymous

CVE-2024-38051 - Windows Graphics Component Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38051
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Graphics Component Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38051
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38051 Anonymous

CVE-2024-38054 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38054
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38054
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38054 Angelboy (@scwuaptx) with DEVCORE

CVE-2024-38055 - Microsoft Windows Codecs Library Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38055
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain kernel memory content.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38055
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Information Disclosure 5039289
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Information Disclosure 5039289
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38055 Angelboy (@scwuaptx) with DEVCORE

CVE-2024-38056 - Microsoft Windows Codecs Library Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38056
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38056
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38056 Angelboy (@scwuaptx) with DEVCORE

CVE-2024-38059 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38059
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38059
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38059 Zhang WangJunJie, He YiSheng with Hillstone Network Security Research Institute

CVE-2024-38060 - Windows Imaging Component Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38060
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Imaging Component Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An authenticated attacker could exploit the vulnerability by uploading a malicious TIFF file to a server.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38060
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Critical Remote Code Execution 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Critical Remote Code Execution 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Critical Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Critical Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Critical Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Critical Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Critical Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Critical Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Critical Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Critical Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Critical Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Critical Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Critical Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Critical Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Critical Remote Code Execution 5039289
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Critical Remote Code Execution 5039289
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38060 George Holmes with Microsoft

CVE-2024-38061 - DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38061
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain domain administrator privileges.


Mitigations:

The following mitigating factors might be helpful in your situation:

Setting LegacyAuthenticationLevel - Win32 apps | Microsoft Docs to 5= RPC_C_AUTHN_LEVEL_PKT_INTEGRITY might protect most processes on the machine against this attack. Note that COM does not currently have a notion of minimum authentication level if authenticated, for example it is not possible to accept calls at RPC_C_AUTHN_LEVEL_NONE or >= RPC_C_AUTHN_LEVEL_PKT_INTEGRITY (server-side concern, but mentioning for completeness as it limits configuration-based options), nor is there a way to set the client-side authentication level for a process independent of the server-side authentication level. See LegacyAuthenticationLevel for more information about this value.

For information on how to set the applicable system-wide registry value see the Setting System-Wide Default Authentication Level section of Setting System-Wide Security Using DCOMCNFG.


Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38061
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38061 Tianze Ding (@D1iv3)

CVE-2024-38062 - Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38062
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38062
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38062 Philippe Laulheret with Cisco Talos


Philippe Laulheret of Cisco Talos

CVE-2024-38064 - Windows TCP/IP Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38064
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows TCP/IP Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38064
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Information Disclosure 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Information Disclosure 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38064 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-38071 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38071
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of availability (A:H)? What does that mean for this vulnerability?

An attacker could impact availability of the service resulting in Denial of Service (DoS).


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38071
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38071 Lewis Lee, Chunyang Han and Zhiniang Peng

CVE-2024-38072 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38072
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of availability (A:H)? What does that mean for this vulnerability?

An attacker could impact availability of the service resulting in Denial of Service (DoS).


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38072
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38072 Lewis Lee, Chunyang Han and Zhiniang Peng

CVE-2024-38077 - Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38077
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How would an attacker exploit this vulnerability?

An unauthenticated attacker could connect to the Remote Desktop Licensing Service and send a malicious message which could allow remote code execution.


Mitigations:

The following mitigation may be helpful in your situation.

In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Licensing Service disabled:

1. Disable Remote Desktop Licensing Service if is not required.

If you no longer need this service on your system, consider disabling it as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.


Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38077
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Critical Remote Code Execution 5039245
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Critical Remote Code Execution 5039245
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Critical Remote Code Execution 5039245
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Critical Remote Code Execution 5039245
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Critical Remote Code Execution 5039289
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Critical Remote Code Execution 5039289
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38077 Lewis Lee


Chunyang Han

CVE-2024-38080 - Windows Hyper-V Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38080
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38080
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38080 Anonymous

CVE-2024-38085 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38085
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38085
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38085 Anonymous

CVE-2024-38086 - Azure Kinect SDK Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38086
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure Kinect SDK Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.4/TemporalScore:5.6
Base score metrics
Attack VectorPhysical
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability?

An attacker needs physical access to the target computer to plug in a malicious USB drive.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38086
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Kinect SDK Release Notes (Security Update) Important Remote Code Execution None Base: 6.4
Temporal: 5.6
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.4.2 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38086 VictorV(Tang tianwen) with Kunlun Lab

CVE-2024-38091 - Microsoft WS-Discovery Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38091
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft WS-Discovery Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38091
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38091 Azure Yang with Kunlun Lab

CVE-2024-38100 - Windows File Explorer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38100
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows File Explorer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38100
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38100 Andrea Pierini with Semperis

CVE-2024-38102 - Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38102
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38102
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38102 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-38104 - Windows Fax Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38104
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Fax Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

The following mitigating factor might be helpful in your situation:

To be exploitable by this vulnerability the Windows Fax Service has to be installed and configured. If Windows Fax Service is enabled, consider disabling it until you have installed this update that addresses this vulnerability.


How could an attacker exploit this vulnerability?

An authenticated attacker with normal user privileges that has already compromised a fax server, to which the victim is connected, can exploit this vulnerability to execute arbitrary code on the victim machine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38104
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38104 lm0963 with TianGongLab of Legendsec at QI-ANXIN Group

CVE-2024-38112 - Windows MSHTML Platform Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38112
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows MSHTML Platform Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker would have to send the victim a malicious file that the victim would have to execute.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38112
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19044.4651		 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19044.4651		 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19044.4651		 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19045.4651
 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19045.4651
 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19045.4651
 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22621.3880		 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22621.3880		 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22631.3880
 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22631.3880
 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)		 Important Spoofing 5039245

5034120		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22769

1.001		 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)		 Important Spoofing 5039245

5034120		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22769

1.001		 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)		 Important Spoofing 5039245

5034120		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22769

1.001		 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)		 Important Spoofing 5039245

5034120		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22769

1.001		 Yes 5040499
5040490
Windows Server 2012 R2 5040426 (IE Cumulative)
5040456 (Monthly Rollup)		 Important Spoofing 5034120
5039294		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 1.001
6.3.9600.22074		 Yes None
Windows Server 2012 R2 (Server Core installation) 5040426 (IE Cumulative)
5040456 (Monthly Rollup)		 Important Spoofing 5034120
5039294		 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 1.001
6.3.9600.22074		 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Spoofing 5039236 Base: 7.5
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38112

Haifei Li with Check Point Research

CVE-2024-26184 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26184
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


How could an attacker successfully exploit this vulnerability?

To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install a malicious .bcd file.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26184
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26184 Azure Yang with Kunlun Lab

CVE-2024-30013 - Windows MultiPoint Services Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30013
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows MultiPoint Services Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An unauthenticated attacker can exploit this vulnerability by sending a malicious request packet via a client machine to a Windows Server configured to be a Multipoint Service over a network, and then waiting for the server to stop or restart.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires an admin user to stop or restart the service.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30013
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30013 k0shl with Kunlun Lab

CVE-2024-32987 - Microsoft SharePoint Server Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32987
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Server Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, cryptographic nonces, and other sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32987
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Important Information Disclosure 5002604 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft SharePoint Server 2019 5002615 (Security Update) Important Information Disclosure 5002602 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.10412.20001 Maybe None
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Important Information Disclosure 5002603 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32987 Anonymous

CVE-2024-30071 - Windows Remote Access Connection Manager Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30071
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30071
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 4.7
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30071 George Hughey with MSRC Vulnerabilities & Mitigations

CVE-2024-30079 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30079
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30079
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30079 George Hughey with MSRC Vulnerabilities & Mitigations

CVE-2024-3596 - CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3596
MITRE
NVD

Issuing CNA: CERT/CC

 CVE Title: CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

Why is this CERT/CC CVE included in the Security Update Guide?

A vulnerability exists in the RADIUS protocol that potentially affects many products and implementations of the RFC 2865 in the UDP version of the RADIUS protocol. In brief, RADIUS protocol (RFC 2865) is susceptible to forgery attacks that can modify Access-Accept or Access-Reject RADIUS response. CERT/CC assigned a CVE ID for this vulnerability which all vendors are using for their affected products.

Please see KB5040268: How to manage the Access-Request packets attack vulnerability associated with CVE-2024-3596 for information on additional steps that should be done to protect your environment from this vulnerability.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3596
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Spoofing 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Spoofing 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Spoofing 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Spoofing 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3596 [info needed]

CVE-2024-30105 - .NET Core and Visual Studio Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30105
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: .NET Core and Visual Studio Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30105
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 8.0.7 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.10.4 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.8.12 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30105



CVE-2024-35261 - Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35261
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Is there any action I need to take to be protected from this vulnerability?

If you have enabled automatic updates, you will automatically receive the update as soon as it is available. If you have not enabled automatic updates, you will need to update the product manually.

Please see Update Network Watcher extension to the latest version - Azure Virtual Machines | Microsoft Learn for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35261
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Network Watcher VM Extension for Windows Release Notes (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 1.4.3320.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35261 R4nger & Zhiniang Peng

CVE-2024-35266 - Azure DevOps Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35266
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure DevOps Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required  is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must send the user a malicious file and convince the user to open it.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), and integrity (I:H) and some loss of availability (A:L). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could view sensitive information, a token in this scenario (Confidentiality) and make changes to disclosed information (Integrity), and they might be able to force a crash within the server (Availability).


What actions do customers need to take to protect themselves from this vulnerability?

Customers using Azure DevOps 2022.1 must update to Azure DevOps Server 2022.2 released on 09 July, 2024 to be protected. For more information on this recent Azure DevOps release, see here: Azure DevOps Server 2022 Update 2 Release Notes.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35266
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure DevOps Server 2022.1 Release Notes (Security Update) Important Spoofing None Base: 7.6
Temporal: 6.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
 20240702.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35266 Felix Boulet

CVE-2024-35267 - Azure DevOps Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35267
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure DevOps Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), and integrity (I:H) and some loss of availability (A:L). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could view sensitive information, a token in this scenario (Confidentiality) and make changes to disclosed information (Integrity), and they might be able to force a crash within the server (Availability).


What actions do customers need to take to protect themselves from this vulnerability?

Customers using Azure DevOps 2022.1 must update to Azure DevOps Server 2022.2 released on 09 July, 2024 to be protected. For more information on this recent Azure DevOps release, see here: Azure DevOps Server 2022 Update 2 Release Notes.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35267
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure DevOps Server 2022.1 Release Notes (Security Update) Important Spoofing None Base: 7.6
Temporal: 6.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
 20240702.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35267 Felix Boulet

CVE-2024-35271 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35271
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35271
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35271 Anonymous

CVE-2024-35272 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35272
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35272
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35272 Anonymous

CVE-2024-20701 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20701
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20701
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20701 Anonymous

CVE-2024-21303 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21303
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21303
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21303 Anonymous

CVE-2024-21308 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21308
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21308
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21308 Anonymous

CVE-2024-21317 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21317
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21317
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21317 Anonymous

CVE-2024-21331 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21331
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21331
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21331 Anonymous

CVE-2024-21425 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21425
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21425
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21425 Anonymous

CVE-2024-37319 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37319
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37319
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37319 Anonymous

CVE-2024-37320 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37320
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37320
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37320 Anonymous

CVE-2024-37321 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37321
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37321
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37321 Anonymous

CVE-2024-37322 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37322
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37322
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37322 Anonymous

CVE-2024-37323 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37323
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37323
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37323 Anonymous

CVE-2024-37324 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37324
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37324
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37324 Anonymous

CVE-2024-21449 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21449
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21449
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21449 Anonymous

CVE-2024-37326 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37326
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37326
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37326 Anonymous

CVE-2024-37327 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37327
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37327
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37327 Anonymous

CVE-2024-37328 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37328
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37328
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37328 Anonymous

CVE-2024-37329 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37329
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37329
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37329 Anonymous

CVE-2024-37330 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37330
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37330
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37330 Anonymous

CVE-2024-37334 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37334
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37334
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft OLE DB Driver 18 for SQL Server 5040711 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 18.7.0004.0 Maybe None
Microsoft OLE DB Driver 19 for SQL Server 5040712 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 19.3.0005.0 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37334 Anonymous

CVE-2024-37333 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37333
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37333
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37333 Yuki Chen

CVE-2024-37336 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37336
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37336
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37336 Yuki Chen

CVE-2024-28928 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28928
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28928
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28928 Anonymous

CVE-2024-35256 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35256
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35256
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35256 Anonymous

CVE-2024-37971 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37971
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37971
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37971 Azure Yang with Kunlun Lab

CVE-2024-37972 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37972
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37972
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37972 Azure Yang with Kunlun Lab

CVE-2024-37973 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37973
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37973
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37973 Azure Yang with Kunlun Lab

CVE-2024-37975 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37975
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37975
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37975 Azure Yang with Kunlun Lab

CVE-2024-37977 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37977
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37977
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37977 Azure Yang with Kunlun Lab

CVE-2024-37978 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37978
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37978
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37978 Azure Yang with Kunlun Lab

CVE-2024-37984 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37984
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37984
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37984 Maxim Suhanov (MTS RED, dfir.ru)

CVE-2024-37988 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37988
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37988
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37988 Azure Yang with Kunlun Lab

CVE-2024-37989 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37989
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37989
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37989 Azure Yang with Kunlun Lab

CVE-2024-38010 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38010
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38010
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38010 Azure Yang with Kunlun Lab

CVE-2024-38011 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38011
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38011
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38011 Azure Yang with Kunlun Lab

CVE-2024-38017 - Microsoft Message Queuing Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38017
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Message Queuing Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38017
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211		 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212		 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Information Disclosure 5039245
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Information Disclosure 5039289
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Information Disclosure 5039289
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38017 cdpython with AlpineLab


9oat with AlpineLab


g3un with AlpineLab


cdpython, 9oat and g3un with AlpineLab

CVE-2024-38019 - Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38019
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

To successfully exploit this vulnerability, an attacker or the targeted user would need to achieve a high level of control over a machine, as the attack requires access to processes typically restricted from average users.

Essentially, the exploitation necessitates elevated privileges on the compromised machine due to the requirement of manipulating processes beyond the reach of standard user permissions.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38019
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38019 Fangming Gu


Qinghe Xie


Anonymous

CVE-2024-38020 - Microsoft Outlook Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38020
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Outlook Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires that a user open a specially crafted file.

  • In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
  • In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.

An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.


What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of NTLM hashes.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Moderate Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38020
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Moderate Spoofing None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Moderate Spoofing None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2016 (32-bit edition) 5002620 (Security Update) Moderate Spoofing 5002591 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft Office 2016 (64-bit edition) 5002620 (Security Update) Moderate Spoofing 5002591 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Outlook 2016 (32-bit edition) 5002621 (Security Update) Moderate Spoofing 5002600 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft Outlook 2016 (64-bit edition) 5002621 (Security Update) Moderate Spoofing 5002600 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38020 JimSRush with PrivSec Consulting

CVE-2024-38021 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38021
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could the attacker exploit this vulnerability?

An attacker could craft a malicious link that bypasses the Protected View Protocol, which leads to the leaking of local NTLM credential information and remote code execution (RCE).


According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution?

This attack requires a user to allow blocked content sent from an external attacker to initiate remote code execution.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38021
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2016 (32-bit edition) 5002620 (Security Update) Important Remote Code Execution 5002591 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft Office 2016 (64-bit edition) 5002620 (Security Update) Important Remote Code Execution 5002591 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38021 Arnold Osipov with Morphisec


Shmuel Uzan with Morphisec


Michael Gorelik (michael.gorelik.us@gmail.com) With Morphisec

CVE-2024-38027 - Windows Line Printer Daemon Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38027
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Line Printer Daemon Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38027
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38027 Anonymous

CVE-2024-38028 - Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38028
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

To exploit this vulnerability, a victim machine must be running a performance counter collection tool such as Performance Monitor to collect performance counter data from an attacker machine. An attacker with local admin authority on the attacker machine could run malicious code remotely in the victim machine's performance counter data collector process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38028
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38028 QingHe Xie and FangMing Gu

CVE-2024-38030 - Windows Themes Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38030
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Themes Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker would have to convince the user to load a malicious file onto a vulnerable system, typically by way of an enticement in an Email or Instant Messenger message, and then convince the user to manipulate the specially crafted file, but not necessarily click or open the malicious file.


Mitigations:

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigations might apply in your situation:

  • Systems that have disabled NTLM are not affected.

  • Apply the existing group policy to block NTLM hash. With this policy enabled, this issue for a remote SMB location client or server can be mitigated. To enable the policy: Select Computer Configuration > Windows Settings > ** Security Settings** > Local Policies > Security Options. On the right pane, double-click the Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers policy per the options listed below in the Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers documentation.

References:


Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38030
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38030 Tomer Peled with Akamai

CVE-2024-38031 - Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38031
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38031
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38031 k0shl with Kunlun Lab

CVE-2024-38032 - Microsoft Xbox Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38032
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Xbox Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to obtain special or uncommon hardware.


How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38032
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38032 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-38033 - PowerShell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38033
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: PowerShell Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required  is low (PR:L). What does that mean for this vulnerability?

An authorized attacker with standard user privileges could place a malicious file and then wait for the privileged victim to run the calling command.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38033
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38033 Tom Norfolk with AJ Bell




Jimmy Bayne

CVE-2024-38044 - DHCP Server Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38044
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DHCP Server Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated DHCP Server privileges. As is best practice, regular validation and audits of administrative groups should be conducted.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38044
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38044 wkai with Codesafe Team of Legendsec at QI-ANXIN Group

CVE-2024-38047 - PowerShell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38047
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: PowerShell Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could elevate their user privileges from those of a restrained user to an unrestrained WDAC user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38047
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38047 Jimmy Bayne

CVE-2024-38048 - Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38048
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38048
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38048 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-38049 - Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38049
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.6/TemporalScore:5.8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38049
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Remote Code Execution 5039245
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Remote Code Execution 5039289
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38049 wkai with Codesafe Team of Legendsec at QI-ANXIN Group

CVE-2024-38050 - Windows Workstation Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38050
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Workstation Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

If successfully exploited, this vulnerability could case attacker-controlled data on the heap to overwrite critical structures of the service, leading to arbitrary memory write or control flow hijacking, resulting in privilege escalation


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38050
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38050 A1gxer


afang5472

CVE-2024-38052 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38052
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38052
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38052 Angelboy (@scwuaptx) with DEVCORE

CVE-2024-38053 - Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38053
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet over the ethernet to an adjacent system that is employing a networking adapter, which could enable remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38053
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38053 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-38057 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38057
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38057
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38057 Angelboy (@scwuaptx) with DEVCORE

CVE-2024-38058 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38058
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: BitLocker Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38058
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38058 Bill Demirkapi of Microsoft

CVE-2024-38065 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38065
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Secure Boot Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38065
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38065 Zammis Clark

CVE-2024-38066 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38066
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38066
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38066 Marcin Wiazowski working with Trend Micro Zero Day Initiative

CVE-2024-38067 - Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38067
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38067
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38067 k0shl with Kunlun Lab

CVE-2024-38068 - Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38068
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38068
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38068 k0shl with Kunlun Lab

CVE-2024-38069 - Windows Enroll Engine Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38069
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Enroll Engine Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass certificate validation during the account enrollment process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38069
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38069 Izzy Whistlecroft of Microsoft's Security Response Center

CVE-2024-38070 - Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38070
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass the execution policy for the Windows LockDown Policy (WLDP) for the WDAC API.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38070
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38070 Rajiv Chikine with Microsoft

CVE-2024-38073 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38073
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of availability (A:H)? What does that mean for this vulnerability?

An attacker could impact availability of the service resulting in Denial of Service (DoS).


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38073
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38073 Lewis Lee, Chunyang Han and Zhiniang Peng

CVE-2024-38074 - Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38074
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could send a specially crafted packet to a server set up as a Remote Desktop Licensing server, which will cause remote code execution.


Mitigations:

The following mitigation may be helpful in your situation.

In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Licensing Service disabled:

1. Disable Remote Desktop Licensing Service if is not required.

If you no longer need this service on your system, consider disabling it as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.


Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38074
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Critical Remote Code Execution 5039289
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Critical Remote Code Execution 5039289
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38074 Lewis Lee, Chunyang Han and Zhiniang Peng

CVE-2024-38076 - Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38076
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could send a specially crafted packet to a server set up as a Remote Desktop Licensing server, which will cause remote code execution.


Mitigations:

The following mitigation may be helpful in your situation.

In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Licensing Service disabled:

1. Disable Remote Desktop Licensing Service if is not required.

If you no longer need this service on your system, consider disabling it as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.


Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38076
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38076 Lewis Lee, Chunyang Han and Zhiniang Peng

CVE-2024-38078 - Xbox Wireless Adapter Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38078
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Xbox Wireless Adapter Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.


How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38078
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38078 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-38079 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38079
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38079
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38079 Anonymous

CVE-2024-38081 - .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38081
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of this vulnerability requires that a local user executes the Visual Studio installer


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

The attacker must have permissions to access the target domain environment to be able to exploit this vulnerability


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38081
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 8.0.7 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2.0.50727.8977 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2.0.50727.8977 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2.0.50727.8977 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2.0.50727.8977 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2016 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2016 (Server Core installation) 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for ARM64-based Systems 5041020 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems 5041020 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) 5041017 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 5041016 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) 5041016 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for ARM64-based Systems 5041020 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for x64-based Systems 5041020 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 5041016 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) 5041016 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) 5039895 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.30729.8972 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.30729.8972 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.4101.04 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5041021 (Monthly Rollup)
5041026 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5041021 (Monthly Rollup)
5041026 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.5.30729.8971 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5041024 (Monthly Rollup)
5041027 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5041026 (Security Only) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5041026 (Security Only)
5041021 (Monthly Rollup)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.01
4.7.4101.02		 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6/4.6.2 on Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Microsoft .NET Framework 4.6/4.6.2 on Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems 5039885 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.04739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems 5039885 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.04739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5041021 (Monthly Rollup)
5041026 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.02
4.8.4739.03		 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5041021 (Monthly Rollup)
5041026 (Security Only)		 Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.02
4.8.4739.03		 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 5039885 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.04739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) 5039885 (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.04739.02 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.8.12 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38081 goodbyeselene


goodbyeselene

CVE-2024-38089 - Microsoft Defender for IoT Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38089
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.1/TemporalScore:7.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability would gain the ability to escape the AppContainer and impersonate a non-AppContainer token.


According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.


How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by escaping the sensor-app docker container (which is running the web application) and running commands on the host. This would allow them to enter any other containers and potentially gain control over the system.


Mitigations:

The following mitigating factor might be helpful in your situation:

Consider upgrading to Defender for IoT version 24.1.4 or newer.


Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38089
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Defender for IoT Release Notes (Security Update) Important Elevation of Privilege None Base: 9.1
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 24.1.4 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38089 Siemens Energy

CVE-2024-38092 - Azure CycleCloud Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38092
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure CycleCloud Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

The attacker who successfully exploited the vulnerability could elevate privileges to the Administrator role in the vulnerable Azure CycleCloud instance.


According to the CVSS metric, privileges required is Low (PR:L). What does that mean for this vulnerability?

To exploit this vulnerability an attacker must have an account with the User role assigned.


What actions do customers need to take to protect themselves from this vulnerability?

Azure CycleCloud versions 7.9.0 - 7.9.11 were retired on 30 September, 2023 as documented here: CycleCloud 7 Retirement Guide. Customers with existing CycleCloud deployments using versions 7.9.0 - 7.9.11 must migrate their resources to CycleCloud version 8.6.2 to be protected by following the instructions here: Upgrading CycleCloud.

Customers with existing CycleCloud deployments using versions 8.0.0 - 8.6.0 should update their resources to CycleCloud version 8.6.2 to be protected by following the instructions here: Upgrading CycleCloud.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38092
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure CycleCloud 7.9.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.10 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.11 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.3 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.4 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.5 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.6 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.7 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.8 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 7.9.9 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.0.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.0.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.0.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.1.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.1.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.2.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.2.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.2.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.3.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.4.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.4.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.4.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.5.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None
Azure CycleCloud 8.6.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8.8
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 8.6.2 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38092 Christian Bortone with Merck KGaA

CVE-2024-38094 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38094
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38094
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Important Remote Code Execution 5002604 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5456.1000 Maybe None
Microsoft SharePoint Server 2019 5002615 (Security Update) Important Remote Code Execution 5002602 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10412.20001 Maybe None
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Important Remote Code Execution 5002603 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38094

CVE-2024-38095 - .NET and Visual Studio Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38095
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: .NET and Visual Studio Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38095
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 8.0.7 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.10.4 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Denial of Service None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.8.12 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38095

CVE-2024-38099 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38099
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.2
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to possess advanced reverse engineering skills to identify and gain unauthorized access to specific remote procedure call (RPC) endpoints.


Are there additional actions I need to take after I have installed the update?

Yes. If your RD session hosts and RD licensing servers are joined to a work group, you need to ensure that your RD session hosts have the necessary credentials to access your RD licensing servers. For more information see: License Remote Desktop session hosts. No additional action is needed for RD session hosts and RD licensing servers joined to a domain.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38099
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Important Denial of Service 5039245
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Important Denial of Service 5039289
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38099 Philemon Orphee Favrod with Microsoft


Josh Watson with Microsoft


Gus Catalano with Microsoft


Ray Reskusich with Microsoft

CVE-2024-38101 - Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38101
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38101
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38101 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-38105 - Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38105
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38105
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38105 Wei in Kunlun Lab with Cyber KunLun

CVE-2024-39684 - Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-39684
MITRE
NVD

Issuing CNA: Github

 CVE Title: Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Why is this GitHub CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in RapidJSON library which is consumed by Microsoft Active Directory Rights Management Services Client. The CVE for this open source component, which is used in a Microsoft product, is assigned by GitHub CNA.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Jul-24    

Information published.


 Moderate Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-39684
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Moderate Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Moderate Elevation of Privilege 5039225 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.4651
 Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.4651		 Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.3079
 Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.3880
 Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22631.3880		 Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Moderate Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Moderate Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)		 Moderate Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)		 Moderate Elevation of Privilege 5039245
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22769
 Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)		 Moderate Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)		 Moderate Elevation of Privilege 5039289
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Moderate Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Moderate Elevation of Privilege 5039260 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Moderate Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Moderate Elevation of Privilege 5039294 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Moderate Elevation of Privilege 5039217
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.6054
 Yes 5040430
Windows Server 2022 5040437 (Security Update) Moderate Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Moderate Elevation of Privilege 5039227
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2582
 Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Moderate Elevation of Privilege 5039236 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-39684 Anonymous