Critical Fixes for March 2024 Patch Tuesday
Background
Microsoft has issued Patch Tuesday for March 2024, fixing 61 security flaws. Two vulnerabilities are categorized as critical in maximum severity in Microsoft advisories; no zero-day vulnerabilities exist in this month’s release.
A wide range of vulnerabilities are the subject of the March 2024 Patch Tuesday; the number of vulnerabilities in each category is as follows:
Vulnerability Category | Quantity | Severities |
---|---|---|
Denial of Service Vulnerability | 6 | Critical: 1 Important: 5 |
Elevation of Privilege Vulnerability | 24 | Important: 24 |
Information Disclosure Vulnerability | 6 | Important: 6 |
Remote Code Execution Vulnerability | 18 | Critical: 1 Important: 17 |
Security Feature Bypass Vulnerability | 3 | Important: 3 |
Details of critical vulnerabilities
CVE-2024-21407 | Windows Hyper-V RCE:
CVE-2024-21408 | Windows Hyper-V DOS:
CVE-2024-21334 | OMI RCE:
CVE-2024-21400 | Azure Kubernetes EOP:
According to Microsoft, “An attacker who successfully exploited this vulnerability could steal credentials and affect resources beyond the security scope managed by Azure Kubernetes Service Confidential Containers (AKSCC)” despite the fact that this vulnerability is not yet being actively abused.
Microsoft has advised customers to ensure they are using the most recent versions of Kata Image and az confcom, which are components of the Azure CLI, in order to safeguard themselves against this issue.
CVE-2024-21426 | Sharepoint arbitrary code execution:
CVE-2024-21433 | Windows Print Spooler EOP:
CVE-2024-21443, CVE-2024-26173, CVE-2024-26176, CVE-2024-26178 and CVE-2024-26182 | Windows Kernel EOP:
CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, and CVE-2024-26166 | Microsoft WDAC OLE DB provider for SQL Server RCE:
Recommendations
According to Microsoft and cyber security researchers’ most recent updates, there haven’t been any widespread reports of CVE-2024-21407, CVE-2024-21400, or CVE-2024-26164 being actively exploited. However, as attackers want to take advantage of unpatched systems, the revelation of these vulnerabilities raises the possibility of exploitation attempts.
As part of its March 2024 Patch Tuesday updates, Microsoft has made patches available for these vulnerabilities. To reduce the risk, make sure your systems are updated as soon as possible.
References
https://msrc.microsoft.com/update-guide/
https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21407
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21408