Microsoft Patch Tuesday – July 2024

⚡ TL;DR | Go Straight to the July 2024 Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The July 2024 edition of Patch Tuesday brings us 142 new fixes, with 5 rated as critical and 2 exploited. We’ve listed the most important changes below.

Windows Hyper-V Elevation of Privilege Vulnerability

The first exploited vulnerability is one in Hyper-V, CVE-2024-38080 has a CVSS base score of 7.8. If exploited successfully, an attacker can gain SYSTEM privileges.

As per usual, Microsoft doesn’t give too much information about these exploits as they want people to be protected. But the vulnerability does seem limited to Windows 11 and Server 2022

Windows MSHTML Platform Spoofing Vulnerability

The second exploited vulnerability is more broad, affecting most, if not all supported Windows versions. CVE-2024-38112 has a CVSS base score of 7.5 however, exploitation requires an attacker to send the victim a malicious file that the victim would have to execute.

SharePoint & Windows Imaging Component RCE

Both SharePoint and the Windows Imaging Component have an RCE vulnerability that is rated as critical and also listed as more likely, to be exploited.

CVE-2024-38023 is the SharePoint RCE, which has a CVSS base score of 7.2. Microsoft lists the following regarding potential exploitation.

An authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger deserialization of file’s parameters. This would enable the attacker to perform remote code execution in the context of the SharePoint Server.

CVE-2024-38060 is the WIC RCE and has a CVSS base score of 8.8. Exploitation requires an authenticated attacker to upload a malicious TIFF file to a server. Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

Run the Patch Tuesday July 2024 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday July 2024 CVE Codes & Titles

CVE Number	CVE Title
CVE-2024-38080	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2024-38112	Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-30061	Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2024-21417	Windows Text Services Framework Elevation of Privilege Vulnerability
CVE-2024-28899	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-30081	Windows NTLM Spoofing Vulnerability
CVE-2024-30098	Windows Cryptographic Services Security Feature Bypass Vulnerability
CVE-2024-35264	.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-35270	Windows iSCSI Service Denial of Service Vulnerability
CVE-2024-38088	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-38087	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21332	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21333	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21335	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21373	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21398	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21414	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21415	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21428	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37318	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37332	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37331	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37969	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37970	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37974	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37981	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37985	Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers
CVE-2024-37986	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37987	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38013	Microsoft Windows Server Backup Elevation of Privilege Vulnerability
CVE-2024-38015	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2024-38022	Windows Image Acquisition Elevation of Privilege Vulnerability
CVE-2024-38025	Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38034	Windows Filtering Platform Elevation of Privilege Vulnerability
CVE-2024-38041	Windows Kernel Information Disclosure Vulnerability
CVE-2024-38043	PowerShell Elevation of Privilege Vulnerability
CVE-2024-38517	Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability
CVE-2024-38051	Windows Graphics Component Remote Code Execution Vulnerability
CVE-2024-38055	Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2024-38056	Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2024-38061	DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
CVE-2024-38062	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-38064	Windows TCP/IP Information Disclosure Vulnerability
CVE-2024-38071	Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38072	Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38077	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38086	Azure Kinect SDK Remote Code Execution Vulnerability
CVE-2024-38091	Microsoft WS-Discovery Denial of Service Vulnerability
CVE-2024-38102	Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38104	Windows Fax Service Remote Code Execution Vulnerability
CVE-2024-26184	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-30013	Windows MultiPoint Services Remote Code Execution Vulnerability
CVE-2024-32987	Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2024-30071	Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-30079	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-3596	CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
CVE-2024-30105	.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2024-35261	Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
CVE-2024-35266	Azure DevOps Server Spoofing Vulnerability
CVE-2024-35267	Azure DevOps Server Spoofing Vulnerability
CVE-2024-35271	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-35272	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-20701	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21303	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21308	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21317	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21425	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21331	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37319	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37320	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37321	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37322	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37323	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37324	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21449	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37326	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37327	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37328	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37329	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37330	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37334	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-37333	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37336	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-28928	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-35256	SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37971	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37972	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37973	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37975	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37977	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37978	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37984	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37988	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37989	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38010	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38011	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38017	Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-38019	Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38020	Microsoft Outlook Spoofing Vulnerability
CVE-2024-38027	Windows Line Printer Daemon Service Denial of Service Vulnerability
CVE-2024-38028	Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38030	Windows Themes Spoofing Vulnerability
CVE-2024-38031	Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-38032	Microsoft Xbox Remote Code Execution Vulnerability
CVE-2024-38033	PowerShell Elevation of Privilege Vulnerability
CVE-2024-38044	DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-38047	PowerShell Elevation of Privilege Vulnerability
CVE-2024-38048	Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CVE-2024-38049	Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
CVE-2024-38050	Windows Workstation Service Elevation of Privilege Vulnerability
CVE-2024-38053	Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
CVE-2024-38057	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38058	BitLocker Security Feature Bypass Vulnerability
CVE-2024-38065	Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38067	Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-38068	Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-38069	Windows Enroll Engine Security Feature Bypass Vulnerability
CVE-2024-38070	Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
CVE-2024-38073	Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38074	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38076	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38078	Xbox Wireless Adapter Remote Code Execution Vulnerability
CVE-2024-38081	.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2024-38089	Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-38092	Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2024-38095	.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38101	Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38105	Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38023	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38024	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38054	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38059	Win32k Elevation of Privilege Vulnerability
CVE-2024-38060	Windows Imaging Component Remote Code Execution Vulnerability
CVE-2024-38085	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38100	Windows File Explorer Elevation of Privilege Vulnerability
CVE-2024-38021	Microsoft Office Remote Code Execution Vulnerability
CVE-2024-38052	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38066	Windows Win32k Elevation of Privilege Vulnerability
CVE-2024-38079	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38094	Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2024-38099	Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-39684	Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability