Jetzt Ausprobieren
Patch Tuesday

Microsoft Patch Tuesday – September 2024

6 min. read
10/09/2024
By Esben Dochy
Microsoft Patch Tuesday

⚡ TL;DR | Go Straight to the September 202Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The September 2024 edition of Patch Tuesday brings us 79 new fixes, with 7 rated as critical and 6 exploited. We’ve listed the most important changes below.

Microsoft Windows Update Remote Code Execution Vulnerability

The most dangerous vulnerability this month is CVE-2024-43491 with a CVSS base score of 9.8 and it is known to be exploited. Microsoft identified this vulnerability in the Servicing Stack that has reversed the fixes for certain vulnerabilities impacting Optional Components in Windows 10, version 1507 (the original version released in July 2015).

Only Windows 10 (version 1507), including Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB, with the following Optional Components enabled, are vulnerable. All other Windows 10 versions released since November 2015 are not affected.

  • .NET Framework 4.6 Advanced Services \ ASP.NET 4.6
  • Active Directory Lightweight Directory Services
  • Administrative Tools
  • Internet Explorer 11
  • Internet Information Services \ World Wide Web Services
  • LPD Print Service
  • Microsoft Message Queue (MSMQ) Server Core
  • MSMQ HTTP Support
  • MultiPoint Connector
  • SMB 1.0/CIFS File Sharing Support
  • Windows Fax and Scan
  • Windows Media Player
  • Work Folders Client
  • XPS Viewer

Windows Installer Elevation of Privilege Vulnerability

The second exploited vulnerability is more broad. CVE-2024-38014 got a CVSS base score of 7.8 but doesn’t have a lot of additional information. Microsoft does list that an attacker who successfully exploits this vulnerability can gain SYSTEM privileges.

Microsoft Publisher Security Feature Bypass Vulnerability

The third exploited vulnerability is CVE-2024-38226 with a CVSS base score of 7.3. If exploited, an attacker could bypass Office macro policies used to block untrusted or malicious files. Again, Microsoft it keeping most details for themselves to prevent more exploitation.

Microsoft SharePoint Server Vulnerabilities

A whole range of updates were released for Microsoft SharePoint Server. Ranging from a CVSS base score of 6.5 to 8.8 including one Denial of Service and four Remote Code Execution vulnerabilities.

Microsoft released the following updates to fix these vulnerabilities for Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server 2019, and Microsoft SharePoint Enterprise Server 2016

Run the Patch Tuesday September 2024 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday September 2024 CVE Codes & Titles

CVE NumberCVE Title
CVE-2024-43495Windows libarchive Remote Code Execution Vulnerability
CVE-2024-43492Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVE-2024-43491Microsoft Windows Update Remote Code Execution Vulnerability
CVE-2024-43487Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-43482Microsoft Outlook for iOS Information Disclosure Vulnerability
CVE-2024-43479Microsoft Power Automate Desktop Remote Code Execution Vulnerability
CVE-2024-43476Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-43475Microsoft Windows Admin Center Information Disclosure Vulnerability
CVE-2024-43474Microsoft SQL Server Information Disclosure Vulnerability
CVE-2024-43470Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-43469Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-43467Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43466Microsoft SharePoint Server Denial of Service Vulnerability
CVE-2024-43465Microsoft Excel Elevation of Privilege Vulnerability
CVE-2024-43464Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-43463Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43461Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43458Windows Networking Information Disclosure Vulnerability
CVE-2024-43457Windows Setup and Deployment Elevation of Privilege Vulnerability
CVE-2024-43455Windows Remote Desktop Licensing Service Spoofing Vulnerability
CVE-2024-43454Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38263Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38260Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38259Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-38258Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
CVE-2024-38257Microsoft AllJoyn API Information Disclosure Vulnerability
CVE-2024-38256Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-38254Windows Authentication Information Disclosure Vulnerability
CVE-2024-38253Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38252Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38250Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38249Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38248Windows Storage Elevation of Privilege Vulnerability
CVE-2024-38247Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38246Win32k Elevation of Privilege Vulnerability
CVE-2024-38245Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38244Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38243Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38242Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38241Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38240Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-38239Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38238Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38237Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38236DHCP Server Service Denial of Service Vulnerability
CVE-2024-38235Windows Hyper-V Denial of Service Vulnerability
CVE-2024-38234Windows Networking Denial of Service Vulnerability
CVE-2024-38233Windows Networking Denial of Service Vulnerability
CVE-2024-38232Windows Networking Denial of Service Vulnerability
CVE-2024-38231Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38230Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-38228Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38227Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38226Microsoft Publisher Security Feature Bypass Vulnerability
CVE-2024-38225Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-38220Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38217Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38216Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38194Azure Web Apps Elevation of Privilege Vulnerability
CVE-2024-38188Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-38119Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
CVE-2024-38046PowerShell Elevation of Privilege Vulnerability
CVE-2024-38045Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38018Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38014Windows Installer Elevation of Privilege Vulnerability
CVE-2024-37980Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-37966Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37965Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-37342Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37341Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-37340Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37339Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37338Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37337Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37335Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-30073Windows Security Zone Mapping Security Feature Bypass Vulnerability
CVE-2024-26191Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-26186Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-21416Windows TCP/IP Remote Code Execution Vulnerability