Microsoft July 2024 Security Updates

Discussion in 'Software' started by NICK ADSL UK, Jul 9, 2024.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    July 2024 Security Updates



    This release consists of the following 139 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?


    SQL Server CVE-2024-20701

    SQL Server CVE-2024-21303

    SQL Server CVE-2024-21308

    SQL Server CVE-2024-21317

    SQL Server CVE-2024-21331

    SQL Server CVE-2024-21332

    SQL Server CVE-2024-21333

    SQL Server CVE-2024-21335

    SQL Server CVE-2024-21373

    SQL Server CVE-2024-21398

    SQL Server CVE-2024-21414

    SQL Server CVE-2024-21415

    Windows CoreMessaging CVE-2024-21417

    SQL Server CVE-2024-21425

    SQL Server CVE-2024-21428

    SQL Server CVE-2024-21449

    Windows Secure Boot CVE-2024-26184

    Windows Secure Boot CVE-2024-28899

    SQL Server CVE-2024-28928

    Windows MultiPoint Services CVE-2024-30013

    Microsoft Dynamics CVE-2024-30061

    Windows Remote Access Connection Manager CVE-2024-30071

    Windows Remote Access Connection Manager CVE-2024-30079

    Windows NTLM CVE-2024-30081

    Windows Cryptographic Services CVE-2024-30098

    .NET and Visual Studio CVE-2024-30105

    Microsoft Office SharePoint CVE-2024-32987

    SQL Server CVE-2024-35256

    Azure Network Watcher CVE-2024-35261

    .NET and Visual Studio CVE-2024-35264

    Azure DevOps CVE-2024-35266

    Azure DevOps CVE-2024-35267

    Windows iSCSI CVE-2024-35270

    SQL Server CVE-2024-35271

    SQL Server CVE-2024-35272

    SQL Server CVE-2024-37318

    SQL Server CVE-2024-37319

    SQL Server CVE-2024-37320

    SQL Server CVE-2024-37321

    SQL Server CVE-2024-37322

    SQL Server CVE-2024-37323

    SQL Server CVE-2024-37324

    SQL Server CVE-2024-37326

    SQL Server CVE-2024-37327

    SQL Server CVE-2024-37328

    SQL Server CVE-2024-37329

    SQL Server CVE-2024-37330

    SQL Server CVE-2024-37331

    SQL Server CVE-2024-37332

    SQL Server CVE-2024-37333

    SQL Server CVE-2024-37334

    SQL Server CVE-2024-37336

    Windows Secure Boot CVE-2024-37969

    Windows Secure Boot CVE-2024-37970

    Windows Secure Boot CVE-2024-37971

    Windows Secure Boot CVE-2024-37972

    Windows Secure Boot CVE-2024-37973

    Windows Secure Boot CVE-2024-37974

    Windows Secure Boot CVE-2024-37975

    Windows Secure Boot CVE-2024-37977

    Windows Secure Boot CVE-2024-37978

    Windows Secure Boot CVE-2024-37981

    Windows Secure Boot CVE-2024-37984

    Windows Secure Boot CVE-2024-37986

    Windows Secure Boot CVE-2024-37987

    Windows Secure Boot CVE-2024-37988

    Windows Secure Boot CVE-2024-37989

    Windows Secure Boot CVE-2024-38010

    Windows Secure Boot CVE-2024-38011

    Windows Server Backup CVE-2024-38013

    Windows Remote Desktop CVE-2024-38015

    Windows Message Queuing CVE-2024-38017

    Windows Performance Monitor CVE-2024-38019

    Microsoft Office Outlook CVE-2024-38020

    Microsoft Office CVE-2024-38021

    Windows Image Acquisition CVE-2024-38022

    Microsoft Office SharePoint CVE-2024-38023

    Microsoft Office SharePoint CVE-2024-38024

    Windows Performance Monitor CVE-2024-38025

    Line Printer Daemon Service (LPD) CVE-2024-38027

    Windows Performance Monitor CVE-2024-38028

    Windows Themes CVE-2024-38030

    Windows Online Certificate Status Protocol (OCSP) CVE-2024-38031

    XBox Crypto Graphic Services CVE-2024-38032

    Windows PowerShell CVE-2024-38033

    Windows Filtering CVE-2024-38034

    Windows Kernel CVE-2024-38041

    Windows PowerShell CVE-2024-38043

    Windows DHCP Server CVE-2024-38044

    Windows PowerShell CVE-2024-38047

    NDIS CVE-2024-38048

    Windows Distributed Transaction Coordinator CVE-2024-38049

    Windows Workstation Service CVE-2024-38050

    Microsoft Graphics Component CVE-2024-38051

    Microsoft Streaming Service CVE-2024-38052

    Windows Internet Connection Sharing (ICS) CVE-2024-38053

    Microsoft Streaming Service CVE-2024-38054

    Microsoft Windows Codecs Library CVE-2024-38055

    Microsoft Windows Codecs Library CVE-2024-38056

    Microsoft Streaming Service CVE-2024-38057

    Windows BitLocker CVE-2024-38058

    Windows Win32K - ICOMP CVE-2024-38059

    Microsoft Windows Codecs Library CVE-2024-38060

    Role: Active Directory Certificate Services; Active Directory Domain Services CVE-2024-38061

    Windows Kernel-Mode Drivers CVE-2024-38062

    Windows TCP/IP CVE-2024-38064

    Windows Secure Boot CVE-2024-38065

    Windows Win32K - GRFX CVE-2024-38066

    Windows Online Certificate Status Protocol (OCSP) CVE-2024-38067

    Windows Online Certificate Status Protocol (OCSP) CVE-2024-38068

    Windows Enroll Engine CVE-2024-38069

    Windows LockDown Policy (WLDP) CVE-2024-38070

    Windows Remote Desktop Licensing Service CVE-2024-38071

    Windows Remote Desktop Licensing Service CVE-2024-38072

    Windows Remote Desktop Licensing Service CVE-2024-38073

    Windows Remote Desktop Licensing Service CVE-2024-38074

    Active Directory Federation Services CVE-2024-38075

    Windows Remote Desktop CVE-2024-38076

    Windows Remote Desktop Licensing Service CVE-2024-38077

    XBox Crypto Graphic Services CVE-2024-38078

    Microsoft Graphics Component CVE-2024-38079

    Role: Windows Hyper-V CVE-2024-38080

    .NET and Visual Studio CVE-2024-38081

    Windows Win32 Kernel Subsystem CVE-2024-38085

    Azure Kinect SDK CVE-2024-38086

    SQL Server CVE-2024-38087

    SQL Server CVE-2024-38088

    Microsoft Defender for IoT CVE-2024-38089

    Microsoft WS-Discovery CVE-2024-38091

    Azure CycleCloud CVE-2024-38092

    Microsoft Office SharePoint CVE-2024-38094

    .NET and Visual Studio CVE-2024-38095

    Windows Remote Desktop Licensing Service CVE-2024-38099

    Windows COM Session CVE-2024-38100

    Windows Internet Connection Sharing (ICS) CVE-2024-38101

    Windows Internet Connection Sharing (ICS) CVE-2024-38102

    Windows Fax and Scan Service CVE-2024-38104

    Windows Internet Connection Sharing (ICS) CVE-2024-38105

    Windows MSHTML Platform CVE-2024-38112



    We are republishing 4 non-Microsoft CVEs:

    CNA Tag CVE FAQs? Workarounds? Mitigations?

    CERT/CC NPS RADIUS Server CVE-2024-3596 Yes No No

    Intel Intel CVE-2024-37985 Yes No No

    GitHub Active Directory Rights Management Services CVE-2024-38517 Yes No No

    Github Active Directory Rights Management Services CVE-2024-39684 Yes No No



    Security Update Guide Blog Posts

    Date Blog Post

    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs

    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs

    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide



    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    5040427 Windows 10, version 21H2, Windows 10, version 22H2

    5040430 Windows 10, version 1809, Windows Server 2019

    5040431 Windows 11, version 21H2

    5040437 Windows Server 2022

    5040442 Windows 11, version 22H2, Windows 11, version 23H2

    5040490 Windows Server 2008 (Security-only update)

    5040499 Windows Server 2008 (Monthly Rollup)




    Released: Jul 9, 2024

    July 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Jul 9, 2024
    #1
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds