Overview
On July 10, NSFOCUS CERT detected that Microsoft released a security update patch for July, which fixed 139 security issues involving Windows, Microsoft SQL Server, Microsoft Office, Azure and other widely used products, including high-risk vulnerabilities such as privilege escalation and remote code execution.
Among the vulnerabilities fixed in Microsoft’s monthly update this month, 5 are critical and 132 are important. These include 2 exploitable vulnerabilities:
Windows Hyper-V privilege escalation vulnerability (CVE-2024-38080)
Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-38112)
Please update patches for protection as soon as possible. For a complete list of vulnerabilities, see the appendix.
Reference link: https://msrc.microsoft.com/update-guide/releaseNote/2024-Jul
Key Vulnerabilities
Screen out the vulnerabilities with great impact in this update according to product popularity and vulnerability importance. Please pay attention to them:
Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2024-38023/CVE-2024-38024/CVE-2024-38094):
Multiple remote code execution vulnerabilities are present in Microsoft SharePoint Server due to insecure input validation when processing serialized data within the Microsoft SharePoint Server. An attacker with site owner privileges or higher can execute arbitrary code in the context of SharePoint Server by uploading specially crafted files to the target SharePoint Server and making specialized API requests that trigger deserialization of file parameters.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38023
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38024
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38094
Remote Code Execution Vulnerability of Windows Imaging Component (CVE-2024-38060):
The Windows Imaging component has a remote code execution vulnerability. Due to the buffer overflow issue in the Windows Imaging component, an attacker with ordinary user rights can upload malicious TIFF files to the server and execute arbitrary code on the target system.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38060
Remote code execution vulnerability of Windows remote desktop authorization service (CVE-2024-38074/CVE-2024-38076/CVE-2024-38077):
CVE-2024-38074: The Windows Remote Desktop Authorization Service has a remote code execution vulnerability. Due to integer underflow or wrapback issues in the Windows Remote Desktop Authorization Service, unauthenticated attackers can send special packets to the server set as the remote desktop authorization server, triggering integer underflow and executing arbitrary codes on the target system.
CVE-2024-38076/CVE-2024-38077: The Windows remote desktop authorization service has multiple remote code execution vulnerabilities. Due to the heap-based buffer overflow in the Windows remote desktop authorization service, unauthenticated attackers can send special packets to the server set as the remote desktop authorization server, triggering the buffer overflow and executing arbitrary codes on the target system.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38074
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38076
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38077
Windows Hyper-V privilege escalation vulnerability (CVE-2024-38080):
Windows Hyper-V has a privilege escalation vulnerability. Due to integer overflow or wrapping issues in Windows Hyper-V, local attackers authenticated by ordinary users can exploit this vulnerability by running special programs to obtain SYSTEM permissions of the target system. At present, this vulnerability has been found to be exploited.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080
Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-38112):
Windows MSHTML Platform has a spoofing vulnerability, which can be exploited by an unauthenticated remote attacker sending a special malicious file to the victim and tricking it into running due to improper input validation. At present, this vulnerability has been found to be exploited.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38112
Scope of Impact
The following are some affected product versions that focus on vulnerabilities. For the scope of other products affected by vulnerabilities, please refer to the official announcement link.
| Vulnerability No. | Affected product versions |
| CVE-2024-38023 CVE-2024-38024 CVE-2024-38094 | Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 |
| CVE-2024-38060 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2024-38074 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
| CVE-2024-38076 | Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
| CVE-2024-38077 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
| CVE-2024-38080 | Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 |
| CVE-2024-38112 | Windows 10 Version 1809 for 32-bit Systems Windows Server 2019 Windows 11 Version 22H2 for x64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows Server 2022 Windows 11 version 21H2 for x64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2022 (Server Core installation) Windows 10 Version 21H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows 10 Version 22H2 for 32-bit Systems Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows 10 Version 1809 for ARM64-based Systems Windows Server 2016 (Server Core installation) Windows 10 Version 21H2 for 32-bit Systems Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 for 32-bit Systems Windows 11 Version 23H2 for x64-based Systems Windows 10 Version 22H2 for x64-based Systems |
Mitigation
Patch update
At present, Microsoft has officially released security patches to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install patches as soon as possible for protection. The official download link:
https://msrc.microsoft.com/update-guide/releaseNote/2024-Jul
Note: Patch update of Windows Update may fail due to network problems, computer environment problems and other reasons. After installing the patch, users shall check whether the patch is successfully updated in time.
Right-click on the Windows icon, select “Settings (N)”, select “Updates and Security”-“Windows Updates” to view prompts on this page, or click “View Update History” to view historical updates. For updates that have not been successfully installed, you can click the name of the update to jump to Microsoft’s official download page. It is recommended that users click on the link on this page and go to the “Microsoft Update Catalog” website to download the independent package and install it.
Appendix: Vulnerability List
| Affected products | CVE No. | Vulnerability Name | Severity |
| Microsoft Office | CVE-2024-38023 | Microsoft SharePoint Server Remote Execution Vulnerability | Critical |
| Windows | CVE-2024-38060 | Windows Imaging Component Remote Code Execution Vulnerability | Critical |
| Windows | CVE-2024-38077 | Windows Remote Desktop Licensing Service Vulnerability | Critical |
| Windows | CVE-2024-38074 | Windows Remote Desktop Licensing Service Vulnerability | Critical |
| Windows | CVE-2024-38076 | Windows Remote Desktop Licensing Service Vulnerability | Critical |
| Microsoft Dynamics | CVE-2024-30061 | Microsoft Dynamics 365 (On-Premises) Vulnerability | Important |
| Windows | CVE-2024-21417 | Windows Text Services Framework Permission Escalation Vulnerability | Important |
| Windows | CVE-2024-28899 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-30081 | Windows NTLM spoofing vulnerability | Important |
| Windows | CVE-2024-30098 | Windows Cryptographic Services Security Features Bypass Vulnerabilities | Important |
| .NET,Microsoft Visual Studio | CVE-2024-35264 | .NET and Visual Studio remote code execution vulnerabilities | Important |
| Windows | CVE-2024-35270 | Windows iSCSI Service Denial of Service Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-38088 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-38087 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21332 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21333 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21335 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21373 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21398 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21414 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21415 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21428 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37318 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37332 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37331 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Windows | CVE-2024-37969 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37970 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37974 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37981 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37986 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37987 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-38013 | Microsoft Windows Server Backup Permission Escalation Vulnerability | Important |
| Windows | CVE-2024-38015 | Windows Remote Desktop Gateway (RD Gateway) Denial-of-Service Vulnerability | Important |
| Windows | CVE-2024-38022 | Windows Image Acquisition Permission Escalation Vulnerability | Important |
| Microsoft Office | CVE-2024-38024 | Microsoft SharePoint Server Remote Execution Vulnerability | Important |
| Windows | CVE-2024-38025 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Important |
| Windows | CVE-2024-38034 | Windows Filtering Platform Privilege Escalation Vulnerability | Important |
| Windows | CVE-2024-38041 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows | CVE-2024-38043 | PowerShell privilege escalation vulnerability | Important |
| Windows | CVE-2024-38051 | Windows Graphics Component Remote Code Execution Vulnerability | Important |
| Windows | CVE-2024-38054 | Kernel Streaming WOW Thunk Service Driver Permission Upgrade Vulnerability | Important |
| Windows | CVE-2024-38055 | Microsoft Windows Codecs Library Information Disclosure Vulnerabilities | Important |
| Windows | CVE-2024-38056 | Microsoft Windows Codecs Library Information Disclosure Vulnerabilities | Important |
| Windows | CVE-2024-38059 | Win32k privilege escalation vulnerability | Important |
| Windows | CVE-2024-38061 | DCOM Remote Cross-Session Activation Privilege Escalation Vulnerability | Important |
| Windows | CVE-2024-38062 | Windows Kernel-Mode Driver Privilege Escalation Vulnerability | Important |
| Windows | CVE-2024-38064 | Windows TCP/IP Information Disclosure Vulnerability | Important |
| Windows | CVE-2024-38071 | Windows Remote Desktop Licensing Service Vulnerability | Important |
| Windows | CVE-2024-38072 | Windows Remote Desktop Licensing Service Vulnerability | Important |
| Windows | CVE-2024-38080 | Windows Hyper-V privilege escalation vulnerability | Important |
| Windows | CVE-2024-38085 | Windows Graphics Component Permission Escalation Vulnerability | Important |
| Azure | CVE-2024-38086 | Remote code execution vulnerability in Azure Kinect SDK | Important |
| Windows | CVE-2024-38091 | Microsoft WS-Discovery Denial of Service Vulnerability | Important |
| Windows | CVE-2024-38100 | Windows File Explorer privilege escalation vulnerability | Important |
| Windows | CVE-2024-38102 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important |
| Windows | CVE-2024-38104 | Windows Fax Service Remote Code Execution Vulnerability | Important |
| Windows | CVE-2024-38112 | Windows MSHTML Platform Spoofing Vulnerability | Important |
| Windows | CVE-2024-26184 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-30013 | Windows MultiPoint Services remote code execution vulnerability | Important |
| Microsoft Office | CVE-2024-32987 | Microsoft SharePoint Server Disclosure Vulnerability | Important |
| Windows | CVE-2024-30071 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | Important |
| Windows | CVE-2024-30079 | Windows Remote Access Connection Manager Privilege Escalation Vulnerability | Important |
| .NET,Microsoft Visual Studio | CVE-2024-30105 | .NET Core and Visual Studio Denial-of-Service Vulnerabilities | Important |
| Azure | CVE-2024-35261 | Azure Network Watcher VM Extension Permission Escalation Vulnerability | Important |
| Azure | CVE-2024-35266 | Azure DevOps Server Spoofing Vulnerability | Important |
| Azure | CVE-2024-35267 | Azure DevOps Server Spoofing Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-35271 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-35272 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-20701 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21303 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21308 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21317 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21331 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21425 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37319 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37320 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37321 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37322 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37323 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37324 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-21449 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37326 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37327 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37328 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37329 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37330 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server,Microsoft OLE DB Driver | CVE-2024-37334 | Microsoft OLE DB Driver for SQL Server RemoteCodeExecutionVulnerability | Important |
| Microsoft SQL Server | CVE-2024-37333 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-37336 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-28928 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Microsoft SQL Server | CVE-2024-35256 | SQL Server Native Client OLE DB Provider Remote Execution Vulnerability | Important |
| Windows | CVE-2024-37971 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37972 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37973 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37975 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37977 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37978 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37984 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37988 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-37989 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-38010 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-38011 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-38017 | Microsoft Message Queuing Vulnerability | Important |
| Windows | CVE-2024-38019 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2024-38021 | Microsoft Office remote code execution vulnerability | Important |
| Windows | CVE-2024-38027 | Windows Line Printer Daemon Service Vulnerability | Important |
| Windows | CVE-2024-38028 | Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | Important |
| Windows | CVE-2024-38030 | Windows Themes Spoofing Vulnerability | Important |
| Windows | CVE-2024-38031 | Windows Online Certificate Status Protocol (OCSP) Server Denial-of-Service Vulnerability | Important |
| Windows | CVE-2024-38032 | Microsoft Xbox remote code execution vulnerability | Important |
| Windows | CVE-2024-38033 | PowerShell privilege escalation vulnerability | Important |
| Windows | CVE-2024-38044 | DHCP Server Service remote code execution vulnerability | Important |
| Windows | CVE-2024-38047 | PowerShell privilege escalation vulnerability | Important |
| Windows | CVE-2024-38048 | Windows Network Driver Interface Specification (NDIS) Denial-of-Service Vulnerability | Important |
| Windows | CVE-2024-38049 | Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | Important |
| Windows | CVE-2024-38050 | Windows Workstation Service privilege escalation vulnerability | Important |
| Windows | CVE-2024-38052 | Kernel Streaming WOW Thunk Service Driver Permission Upgrade Vulnerability | Important |
| Windows | CVE-2024-38053 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | Important |
| Windows | CVE-2024-38057 | Kernel Streaming WOW Thunk Service Driver Permission Upgrade Vulnerability | Important |
| Windows | CVE-2024-38058 | BitLocker security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-38065 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2024-38066 | Windows Win32k privilege escalation vulnerability | Important |
| Windows | CVE-2024-38067 | Windows Online Certificate Status Protocol (OCSP) Server Denial-of-Service Vulnerability | Important |
| Windows | CVE-2024-38068 | Windows Online Certificate Status Protocol (OCSP) Server Denial-of-Service Vulnerability | Important |
| Windows | CVE-2024-38069 | Windows Enroll Engine Security Feature Bypass Vulnerabilities | Important |
| Windows | CVE-2024-38070 | Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerabilities | Important |
| Windows | CVE-2024-38073 | Windows Remote Desktop Licensing Service Vulnerability | Important |
| Windows | CVE-2024-38078 | Xbox Wireless Adapter remote code execution vulnerability | Important |
| Windows | CVE-2024-38079 | Windows Graphics Component Permission Escalation Vulnerability | Important |
| Microsoft .NET Framework,.NET,Microsoft Visual Studio | CVE-2024-38081 | .NET, .NET Framework, and Visual Studio Permissions Escalation vulnerability | Important |
| System Center | CVE-2024-38089 | Microsoft Defender for IoT Privilege Elevation Vulnerability | Important |
| Azure | CVE-2024-38092 | Azure CycleCloud privilege escalation vulnerability | Important |
| Microsoft Office | CVE-2024-38094 | Microsoft SharePoint remote code execution vulnerability | Important |
| .NET,Microsoft Visual Studio | CVE-2024-38095 | .NET and Visual Studio Denial of Service Vulnerabilities | Important |
| Windows | CVE-2024-38099 | Windows Remote Desktop Licensing Service Vulnerability | Important |
| Windows | CVE-2024-38101 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important |
| Windows | CVE-2024-38105 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important |
| Microsoft Office | CVE-2024-38020 | Microsoft Outlook Spoofing Vulnerability | Moderate |
Statement
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.
About NSFOCUS
NSFOCUS, a pioneering leader in cybersecurity, is dedicated to safeguarding telecommunications, Internet service providers, hosting providers, and enterprises from sophisticated cyberattacks.
Founded in 2000, NSFOCUS operates globally with over 4000 employees at two headquarters in Beijing, China, and Santa Clara, CA, USA, and over 50 offices worldwide. It has a proven track record of protecting over 25% of the Fortune Global 500 companies, including four of the five largest banks and six of the world’s top ten telecommunications companies.
Leveraging technical prowess and innovation, NSFOCUS delivers a comprehensive suite of security solutions, including the Intelligent Security Operations Platform (ISOP) for modern SOC, DDoS Protection, Continuous Threat Exposure Management (CTEM) Service and Web Application and API Protection (WAAP). All the solutions and services are augmented by the Security Large Language Model (SecLLM), ML, patented algorithms and other cutting-edge research achievements developed by NSFOCUS.
