Jetzt Ausprobieren
Patch Tuesday

Microsoft Patch Tuesday – March 2024

5 min. read
12/03/2024
By Esben Dochy
Microsoft-Patch-Tuesday-May-2022

⚡ TL;DR | Go Straight to the March 202Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The March 2024 edition of Patch Tuesday brings us 60 new fixes, with 2 rated as critical. We’ve listed the most important changes below.

Windows Hyper-V Vulnerabilities

The only two critial vulnerabilities this month are in Hyper-V. CVE-2024-21407, a remote code execution vulnerability and CVE-2024-21408, a denial of service vulnerability.

To exploit the RCE vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server.

For the denial of service vulnerability, Microsoft doesn’t provide any additional data.

Both vulnerabilities obviously require the usage of Hyper-v, something you can easily discover and map using the built-in „Hyper-V: Virtual guest machines“ Report.

Windows Print Spooler Elevation of Privilege Vulnerability

The print spooler comes back this month with a vulnerability that is more likely to be exlpoited. CVE-2024-21433 requires an attacker to win a race condition and can lead to the attacker gaining SYSTEM priviliges.

Windows Kernel Elevation of Privilege Vulnerability

The last highlight of this month’s patch Tuesday is CVE-2024-26182. A vulnerability in the Windows Kernel that if exploited allows attackers to gain SYSTEM privileges. Similar to most vulnreabilities, not a lot of additional information was provided.

Run the Patch Tuesday March 2024 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday March 2024 CVE Codes & Titles

CVE NumberCVE Title
CVE-2024-20671Microsoft Defender Security Feature Bypass Vulnerability
CVE-2024-21392.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-21411Skype for Consumer Remote Code Execution Vulnerability
CVE-2024-21418Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
CVE-2024-21421Azure SDK Spoofing Vulnerability
CVE-2024-21426Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-21429Windows USB Hub Driver Remote Code Execution Vulnerability
CVE-2024-21430Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability
CVE-2024-21438Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2024-21439Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-21441Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21442Windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-21443Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21444Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21445Windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-21446NTFS Elevation of Privilege Vulnerability
CVE-2024-21450Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21451Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-26197Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-26159Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-26190Microsoft QUIC Denial of Service Vulnerability
CVE-2024-26198Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2024-26199Microsoft Office Elevation of Privilege Vulnerability
CVE-2024-26201Microsoft Intune Linux Agent Elevation of Privilege Vulnerability
CVE-2024-26203Azure Data Studio Elevation of Privilege Vulnerability
CVE-2024-26161Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-26164Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability
CVE-2024-21330Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2024-21334Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
CVE-2024-21390Microsoft Authenticator Elevation of Privilege Vulnerability
CVE-2024-21400Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-21407Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-21408Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21419Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-21427Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-21431Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
CVE-2024-21432Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-21434Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
CVE-2024-21435Windows OLE Remote Code Execution Vulnerability
CVE-2024-21436Windows Installer Elevation of Privilege Vulnerability
CVE-2024-21440Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-21448Microsoft Teams for Android Information Disclosure Vulnerability
CVE-2024-26162Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-26166Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-26169Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2024-26173Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26174Windows Kernel Information Disclosure Vulnerability
CVE-2024-26176Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26177Windows Kernel Information Disclosure Vulnerability
CVE-2024-26178Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26181Windows Kernel Denial of Service Vulnerability
CVE-2023-28746Intel: CVE-2023-28746 Register File Data Sampling (RFDS)
CVE-2024-26204Outlook for Android Information Disclosure Vulnerability
CVE-2024-26165Visual Studio Code Elevation of Privilege Vulnerability
CVE-2024-21433Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-21437Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-26160Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2024-26170Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability
CVE-2024-26182Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26185Windows Compressed Folder Tampering Vulnerability