Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040)
2024-5-15 01:37:18 Author: www.tenable.com(查看原文) 阅读量:31 收藏

Tenable Security Response Team

A blue gradient background with the Tenable Research logo at the top center of the image. Underneath the logo is a grey rectangular shaped box with the words "MICROSOFT" in bold and "PATCH TUESDAY" underneath it. Below this box are the words "Zero-Day Vulnerabilities Exploited" in white text. The May 2024 Patch Tuesday release includes fixes for two zero-day vulnerabilities that were exploited in the wild (CVE-2024-30051, CVE-2024-30040).

  1. 1Critical
  2. 57Important
  3. 1Moderate
  4. 0Low

Microsoft addresses 59 CVEs in its May 2024 Patch Tuesday release with one critical vulnerability and three zero-day vulnerabilities, two of which were exploited in the wild.

Microsoft patched 59 CVEs in its May 2024 Patch Tuesday release, with one rated critical, 57 rated as important and 1 rated as moderate. Two CVEs were excluded from our count (CVE-2024-32002, CVE-2024-32004) as they are GitHub assigned CVEs and not issued by Microsoft.

A pie chart showing the severity distribution across the Patch Tuesday CVEs patched in May 2024.

This month’s update includes patches for:

  • .NET and Visual Studio
  • Azure Migrate
  • Microsoft Bing
  • Microsoft Brokering File System
  • Microsoft Dynamics 365 Customer Insights
  • Microsoft Intune
  • Microsoft Office Excel
  • Microsoft Office SharePoint
  • Microsoft WDAC OLE DB provider for SQL
  • Microsoft Windows SCSI Class System File
  • Microsoft Windows Search Component
  • Power BI
  • Windows Cloud Files Mini Filter Driver
  • Windows CNG Key Isolation Service
  • Windows Common Log File System Driver
  • Windows Cryptographic Services
  • Windows Deployment Services
  • Windows DHCP Server
  • Windows DWM Core Library
  • Windows Hyper-V
  • Windows Kernel
  • Windows Mark of the Web (MOTW)
  • Windows Mobile Broadband
  • Windows MSHTML Platform
  • Windows NTFS
  • Windows Remote Access Connection Manager
  • Windows Routing and Remote Access Service (RRAS)
  • Windows Task Scheduler
  • Windows Win32K - GRFX
  • Windows Win32K - ICOMP

A bar chart showing the count by impact of CVEs patched in the May 2024 Patch Tuesday release.

Remote code execution (RCE) vulnerabilities accounted for 42.4% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities at 28.8%.

CVE-2024-30051 | Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2024-30051 is an EoP vulnerability in the DWM Core Library in Microsoft Windows. It was assigned a CVSSv3 score of 7.8 and is rated as important. Microsoft noted that it was exploited in the wild as a zero-day and was publicly disclosed prior to a patch being available. A local attacker with a presence on a vulnerable system could exploit this vulnerability to gain SYSTEM privileges. Discovery of this flaw is credited to several researchers at Google Threat Analysis Group, Google Mandiant and Kaspersky. It is also credited to Quan Jin of DBAPPSecurity WeBin Lab, who disclosed CVE-2023-36033, another zero-day vulnerability in the DWM Core Library exploited in the wild that was patched in November 2023. Researchers at Kaspersky have linked this zero-day vulnerability to QakBot and other malware.

In addition to CVE-2024-30051, Microsoft patched two other EoP vulnerabilities in the DWM Core Library (CVE-2024-30032, CVE-2024-30035) and an information disclosure vulnerability (CVE-2024-30008). All three flaws were disclosed to Microsoft by Zhang WangJunJie and He YiSheng of the Hillstone Network Security Research Institute.

CVE-2024-30040 | Windows MSHTML Platform Security Feature Bypass Vulnerability

CVE-2024-30040 is a security feature bypass vulnerability in the MSHTML (Trident) engine in Microsoft Windows that was exploited in the wild as a zero-day. It was assigned a CVSSv3 score of 8.8 and is rated as important. An attacker could exploit this vulnerability by using social engineering tactics via email, social media or instant messaging to convince a target user to open a specially crafted document. Once exploited, an attacker could execute code on the target system. Discovery of this flaw is unattributed.

In 2023, there were eight vulnerabilities patched in MSHTML including three RCEs, four security feature bypass flaws and one EoP* (CVE-2024-32046) that was exploited as a zero-day:

CVEDescriptionPatched
CVE-2023-21805Windows MSHTML Platform Remote Code Execution VulnerabilityFebruary 2023
CVE-2023-29324Windows MSHTML Platform Security Feature Bypass VulnerabilityMay 2023
CVE-2023-35336Windows MSHTML Platform Security Feature Bypass VulnerabilityJuly 2023
CVE-2023-35308Windows MSHTML Platform Security Feature Bypass VulnerabilityJuly 2023
CVE-2023-32046*Windows MSHTML Platform Elevation of Privilege VulnerabilityJuly 2023
CVE-2023-36805Windows MSHTML Platform Security Feature Bypass VulnerabilitySeptember 2023
CVE-2023-36436Windows MSHTML Platform Remote Code Execution VulnerabilityOctober 2023
CVE-2023-35628Windows MSHTML Platform Remote Code Execution VulnerabilityDecember 2023

CVE-2024-30046 | Visual Studio Denial of Service Vulnerability

CVE-2024-30046 is a denial of service (DoS) vulnerability affecting multiple versions of Microsoft Visual Studio 2022. It was assigned a CVSSv3 score of 5.9 and is rated important. It is listed as being publicly disclosed prior to a patch being made available. It is rated as “Exploitation Less Likely” according to Microsoft’s Exploitability Index and its Attack Complexity rating is listed as High. This is due to the fact that an attacker would need to “invest time in repeated exploitation attempts” through the sending of “constant or intermittent data” to a targeted system. DoS attacks often require a steady stream of requests in order to overwhelm a target system, so these ratings are expected.

CVE-2024-30044 | Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-30044 is a RCE vulnerability in Microsoft SharePoint Server. It was assigned a CVSSv3 score of 8.8 and is rated critical. This vulnerability is rated as “Exploitation More Likely.” However, exploitation of this flaw requires an attacker authenticated to a vulnerable SharePoint Server with Site Owner permissions to perform two steps: 1.) the attacker must upload a specially crafted file to the vulnerable SharePoint Server and 2.) send specially crafted API requests to the SharePoint Server in order to “trigger deserialization of file’s parameters.” Successful exploitation would result in remote code execution “in the context of the SharePoint Server.”

Tenable Solutions

A list of all the plugins released for Tenable’s May 2024 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.

For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on How to Perform Efficient Vulnerability Assessments with Tenable.

Get more information

Join Tenable's Security Response Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

Tenable Security Response Team

Tenable Security Response Team

The Tenable Security Response Team (SRT) tracks threat and vulnerability intelligence feeds to ensure our research teams can deliver sensor coverage to our products as quickly as possible. The SRT also works to analyze and assess technical details and writes white papers, blogs and additional communications to ensure stakeholders are fully informed of the latest risks and threats. The SRT provides breakdowns for the latest vulnerabilities on the Tenable blog.

Related Articles

  • Exposure Management
  • Vulnerability Management

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable Vulnerability Management. A representative will be in touch soon.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable.io. A representative will be in touch soon.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable Vulnerability Management. A representative will be in touch soon.

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Thank You

Thank you for your interest in Tenable Lumin. A representative will be in touch soon.

Request a demo of Tenable Security Center

Please fill out this form with your contact information.

A sales representative will contact you shortly to schedule a demo.

* Field is required

Request a demo of Tenable OT Security

Get the Operational Technology Security You Need.

Reduce the Risk You Don’t.

Request a demo of Tenable Identity Exposure

Continuously detect and respond to Active Directory attacks. No agents. No privileges.

On-prem and in the cloud.

Request a Demo of Tenable Cloud Security

Exceptional unified cloud security awaits you!

We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.

See
Tenable One
In Action

Exposure management for the modern attack surface.

See Tenable Attack Surface Management In Action

Know the exposure of every asset on any platform.

Thank You

Thank you for your interest in Tenable Attack Surface Management. A representative will be in touch soon.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements

Tenable solutions help fulfill all SLCGP requirements. Connect with a Tenable representative to learn more.


文章来源: https://www.tenable.com/blog/microsofts-may-2024-patch-tuesday-addresses-59-cves-cve-2024-30051-cve-2024-30040
如有侵权请联系:admin#unsafe.sh