Quelle: microsoft.com
Microsoft Juli 2024 Patch Tuesday behebt 142 Schwachstellen, 4 Zero-Days
Heute ist Microsofts Patch Tuesday für Juli 2024, der Sicherheitsupdates für 142 Schwachstellen enthält, darunter zwei aktiv ausgenutzte und zwei öffentlich gemeldete Zero-Days.
An diesem Patch-Dienstag wurden fünf kritische Sicherheitslücken behoben, bei denen es sich um Schwachstellen bei der Remotecodeausführung handelt.
Die Anzahl der Fehler in jeder Schwachstellenkategorie ist unten aufgeführt:
- 26 Anfälligkeiten für die Erhöhung von Berechtigungen (Elevation of Privilege)
- 24 Anfälligkeiten für die Umgehung von Sicherheitsfunktionen
- 59 Sicherheitslücken durch Remotecode-Ausführung
- 9 Schwachstellen in Bezug auf die Offenlegung von Informationen
- 17 Denial-of-Service-Schwachstellen
- 7 Spoofing-Schwachstellen
Weitere Informationen zu den heute veröffentlichten nicht sicherheitsrelevanten Updates finden Sie in unseren Artikeln über das neue Windows 11 KB5040442-Update und das Windows 10 KB5040427-Update.
Vier Zero-Days behoben
Der diesmonatige Patch Tuesday behebt zwei aktiv ausgenutzte und zwei weitere öffentlich gemeldete Zero-Day-Schwachstellen.
Microsoft klassifiziert eine Zero-Day-Schwachstelle als eine, die öffentlich bekannt ist oder aktiv ausgenutzt wird, für die aber noch kein offizieller Fix verfügbar ist.
Die beiden aktiv ausgenutzten Zero-Day-Schwachstellen in den heutigen Updates sind:
CVE-2024-38080 - Windows Hyper-V-Sicherheitslücke mit erhöhtem Zugriffsrecht (Elevation of Privilege)
Microsoft hat eine aktiv ausgenutzte Sicherheitsanfälligkeit in Hyper-V behoben, die Angreifern SYSTEM-Rechte verleiht.
"Ein Angreifer, der diese Sicherheitsanfälligkeit erfolgreich ausnutzt, könnte SYSTEM-Rechte erlangen", erklärt Microsoft.
Obwohl Microsoft angibt, dass die Schwachstelle aktiv ausgenutzt wird, hat es keine weiteren Details über die Schwachstelle bekannt gegeben, auch nicht, wer sie entdeckt hat.
CVE-2024-38112 - Windows MSHTML Platform Spoofing Sicherheitslücke
Microsoft hat eine aktiv ausgenutzte Windows MSHTML Spoofing-Schwachstelle behoben.
"Um diese Sicherheitslücke erfolgreich auszunutzen, muss ein Angreifer vor dem Ausnutzen zusätzliche Maßnahmen ergreifen, um die Zielumgebung vorzubereiten", erklärt Microsoft.
"Ein Angreifer müsste dem Opfer eine bösartige Datei schicken, die das Opfer dann ausführen müsste", so Microsoft weiter.
Microsoft hat keine weiteren Details darüber bekannt gegeben, wie die Schwachstelle ausgenutzt wurde.
Die Schwachstelle wurde von Haifei Li von Check Point Research aufgedeckt.
Die beiden öffentlich gemeldeten Sicherheitslücken sind:
CVE-2024-35264 - .NET- und Visual Studio-Schwachstelle für Remotecodeausführung
Microsoft hat eine öffentlich gemeldete .NET- und Visual Studio-RCE-Schwachstelle behoben.
"Ein Angreifer könnte dies ausnutzen, indem er einen http/3-Stream schließt, während der Request Body verarbeitet wird, was zu einer Race Condition führt. Dies könnte zu einer Remotecodeausführung führen", erklärt Microsoft.
Microsoft hat nicht mitgeteilt, wo die Schwachstelle öffentlich bekannt gemacht wurde, und sagte, dass sie intern von Radek Zikmund von Microsoft Corporation entdeckt wurde.
CVE-2024-37985 - Arm: CVE-2024-37985 Systematische Identifizierung und Charakterisierung von proprietären Prefetchern
Microsoft hat einen zuvor bekannt gewordenen "FetchBench"-Seitenkanalangriff behoben, der zum Stehlen von "geheimen Informationen" verwendet werden kann.
"Ein Angreifer, der diese Sicherheitsanfälligkeit erfolgreich ausnutzt, könnte den Heap-Speicher eines privilegierten Prozesses, der auf dem Server läuft, einsehen", erklärt Microsoft.
"Um diese Sicherheitsanfälligkeit erfolgreich auszunutzen, muss ein Angreifer vor der Ausnutzung zusätzliche Maßnahmen ergreifen, um die Zielumgebung vorzubereiten", so Microsoft weiter.
Die Sicherheitsupdates für den Patch Tuesday im Juli 2024
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET and Visual Studio | CVE-2024-30105 | .NET Core and Visual Studio Denial of Service Vulnerability | Important |
| .NET and Visual Studio | CVE-2024-38081 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | Important |
| .NET and Visual Studio | CVE-2024-35264 | .NET and Visual Studio Remote Code Execution Vulnerability | Important |
| .NET and Visual Studio | CVE-2024-38095 | .NET and Visual Studio Denial of Service Vulnerability | Important |
| Active Directory Rights Management Services | CVE-2024-39684 | Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability | Moderate |
| Active Directory Rights Management Services | CVE-2024-38517 | Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability | Moderate |
| Azure CycleCloud | CVE-2024-38092 | Azure CycleCloud Elevation of Privilege Vulnerability | Important |
| Azure DevOps | CVE-2024-35266 | Azure DevOps Server Spoofing Vulnerability | Important |
| Azure DevOps | CVE-2024-35267 | Azure DevOps Server Spoofing Vulnerability | Important |
| Azure Kinect SDK | CVE-2024-38086 | Azure Kinect SDK Remote Code Execution Vulnerability | Important |
| Azure Network Watcher | CVE-2024-35261 | Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | Important |
| Intel | CVE-2024-37985 | Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers | Important |
| Line Printer Daemon Service (LPD) | CVE-2024-38027 | Windows Line Printer Daemon Service Denial of Service Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2024-38089 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-30061 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2024-38079 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2024-38051 | Windows Graphics Component Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2024-38021 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook | CVE-2024-38020 | Microsoft Outlook Spoofing Vulnerability | Moderate |
| Microsoft Office SharePoint | CVE-2024-38024 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-38023 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2024-32987 | Microsoft SharePoint Server Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-38094 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38057 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38054 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38052 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2024-38055 | Microsoft Windows Codecs Library Information Disclosure Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2024-38056 | Microsoft Windows Codecs Library Information Disclosure Vulnerability | Important |
| Microsoft WS-Discovery | CVE-2024-38091 | Microsoft WS-Discovery Denial of Service Vulnerability | Important |
| NDIS | CVE-2024-38048 | Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability | Important |
| NPS RADIUS Server | CVE-2024-3596 | CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability | Important |
| Role: Active Directory Certificate Services; Active Directory Domain Services | CVE-2024-38061 | DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2024-38080 | Windows Hyper-V Elevation of Privilege Vulnerability | Important |
| SQL Server | CVE-2024-28928 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-38088 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-20701 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21317 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21331 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21308 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21333 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-35256 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21303 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21335 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-35271 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-35272 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21332 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-38087 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21425 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21449 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37324 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37330 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37326 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37329 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37328 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37327 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37334 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37321 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37320 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37319 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37322 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37333 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37336 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37323 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37331 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21398 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21373 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37318 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21428 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21415 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37332 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-21414 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important |
| Windows BitLocker | CVE-2024-38058 | BitLocker Security Feature Bypass Vulnerability | Important |
| Windows COM Session | CVE-2024-38100 | Windows File Explorer Elevation of Privilege Vulnerability | Important |
| Windows CoreMessaging | CVE-2024-21417 | Windows Text Services Framework Elevation of Privilege Vulnerability | Important |
| Windows Cryptographic Services | CVE-2024-30098 | Windows Cryptographic Services Security Feature Bypass Vulnerability | Important |
| Windows DHCP Server | CVE-2024-38044 | DHCP Server Service Remote Code Execution Vulnerability | Important |
| Windows Distributed Transaction Coordinator | CVE-2024-38049 | Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | Important |
| Windows Enroll Engine | CVE-2024-38069 | Windows Enroll Engine Security Feature Bypass Vulnerability | Important |
| Windows Fax and Scan Service | CVE-2024-38104 | Windows Fax Service Remote Code Execution Vulnerability | Important |
| Windows Filtering | CVE-2024-38034 | Windows Filtering Platform Elevation of Privilege Vulnerability | Important |
| Windows Image Acquisition | CVE-2024-38022 | Windows Image Acquisition Elevation of Privilege Vulnerability | Important |
| Windows Imaging Component | CVE-2024-38060 | Windows Imaging Component Remote Code Execution Vulnerability | Critical |
| Windows Internet Connection Sharing (ICS) | CVE-2024-38105 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important |
| Windows Internet Connection Sharing (ICS) | CVE-2024-38053 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | Important |
| Windows Internet Connection Sharing (ICS) | CVE-2024-38102 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important |
| Windows Internet Connection Sharing (ICS) | CVE-2024-38101 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important |
| Windows iSCSI | CVE-2024-35270 | Windows iSCSI Service Denial of Service Vulnerability | Important |
| Windows Kernel | CVE-2024-38041 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel-Mode Drivers | CVE-2024-38062 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important |
| Windows LockDown Policy (WLDP) | CVE-2024-38070 | Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability | Important |
| Windows Message Queuing | CVE-2024-38017 | Microsoft Message Queuing Information Disclosure Vulnerability | Important |
| Windows MSHTML Platform | CVE-2024-38112 | Windows MSHTML Platform Spoofing Vulnerability | Important |
| Windows MultiPoint Services | CVE-2024-30013 | Windows MultiPoint Services Remote Code Execution Vulnerability | Important |
| Windows NTLM | CVE-2024-30081 | Windows NTLM Spoofing Vulnerability | Important |
| Windows Online Certificate Status Protocol (OCSP) | CVE-2024-38068 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Important |
| Windows Online Certificate Status Protocol (OCSP) | CVE-2024-38067 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Important |
| Windows Online Certificate Status Protocol (OCSP) | CVE-2024-38031 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Important |
| Windows Performance Monitor | CVE-2024-38028 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Important |
| Windows Performance Monitor | CVE-2024-38019 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Important |
| Windows Performance Monitor | CVE-2024-38025 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Important |
| Windows PowerShell | CVE-2024-38043 | PowerShell Elevation of Privilege Vulnerability | Important |
| Windows PowerShell | CVE-2024-38047 | PowerShell Elevation of Privilege Vulnerability | Important |
| Windows PowerShell | CVE-2024-38033 | PowerShell Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2024-30071 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2024-30079 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
| Windows Remote Desktop | CVE-2024-38076 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop | CVE-2024-38015 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38071 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38073 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38074 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Licensing Service | CVE-2024-38072 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38077 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Licensing Service | CVE-2024-38099 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Important |
| Windows Secure Boot | CVE-2024-38065 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37986 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37981 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37987 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-28899 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-26184 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-38011 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37984 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37988 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37977 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37978 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37974 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-38010 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37989 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37970 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37975 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37972 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37973 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37971 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2024-37969 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Server Backup | CVE-2024-38013 | Microsoft Windows Server Backup Elevation of Privilege Vulnerability | Important |
| Windows TCP/IP | CVE-2024-38064 | Windows TCP/IP Information Disclosure Vulnerability | Important |
| Windows Themes | CVE-2024-38030 | Windows Themes Spoofing Vulnerability | Important |
| Windows Win32 Kernel Subsystem | CVE-2024-38085 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Windows Win32K - GRFX | CVE-2024-38066 | Windows Win32k Elevation of Privilege Vulnerability | Important |
| Windows Win32K - ICOMP | CVE-2024-38059 | Win32k Elevation of Privilege Vulnerability | Important |
| Windows Workstation Service | CVE-2024-38050 | Windows Workstation Service Elevation of Privilege Vulnerability | Important |
| XBox Crypto Graphic Services | CVE-2024-38032 | Microsoft Xbox Remote Code Execution Vulnerability | Important |
| XBox Crypto Graphic Services | CVE-2024-38078 | Xbox Wireless Adapter Remote Code Execution Vulnerability | Important |