В августе Microsoft закрыла 89 дыр, шесть уже используются в кибератаках

Августовские обновления от Microsoft включают патчи для 89 уязвимостей, из которых шесть уже используются в реальных кибератаках, а для трёх есть общедоступные эксплойты. Кроме того, разработчики готовят заплатку ещё для одной 0-day.

В наборе присутствуют восемь уязвимостей, которым присвоили статус критических. Среди них возможность повышения привилегий, выполнения кода и раскрытия информации.

По категориям в этом месяце имеем следующую картину:

36 багов повышения привилегий; 4 возможности обхода защитных функций; 28 уязвимостей удалённого выполнения кода; 6 — DoS; 7 — спуфинг.

Что касается уже эксплуатируемых брешей, они получили следующие идентификаторы и описания:

CVE-2024-38178 — уязвимость в скриптовом движке, которая может привести к повреждению памяти. По словам Microsoft, для атаки требуется, чтобы аутентифицированный клиент прошёл по ссылке (сработает только в браузере Microsoft Edge, запущенном в режиме Internet Explorer). В этом случае у злоумышленника появляется возможность выполнить код удалённо. CVE-2024-38193 — затрагивает драйвер Windows Ancillary Function для WinSock и позволяет повысить права до уровня SYSTEM. CVE-2024-38213 — возможность обхода защитной функции Windows Mark of the Web. CVE-2024-38106 — затрагивающая ядро Windows проблема повышения прав до уровня SYSTEM. CVE-2024-38107 — повышение привилегий в Windows Power Dependency Coordinator. CVE-2024-38189 — возможность удалённого выполнения кода в Microsoft Project.

Полный список устранённых брешей выглядит так:

Затронутый компонент CVE-идентификатор CVE-название Степень риска .NET and Visual Studio CVE-2024-38168 .NET and Visual Studio Denial of Service Vulnerability Важная .NET and Visual Studio CVE-2024-38167 .NET and Visual Studio Information Disclosure Vulnerability Важная Azure Connected Machine Agent CVE-2024-38162 Azure Connected Machine Agent Elevation of Privilege Vulnerability Важная Azure Connected Machine Agent CVE-2024-38098 Azure Connected Machine Agent Elevation of Privilege Vulnerability Важная Azure CycleCloud CVE-2024-38195 Azure CycleCloud Remote Code Execution Vulnerability Важная Azure Health Bot CVE-2024-38109 Azure Health Bot Elevation of Privilege Vulnerability Критическая Azure IoT SDK CVE-2024-38158 Azure IoT SDK Remote Code Execution Vulnerability Важная Azure IoT SDK CVE-2024-38157 Azure IoT SDK Remote Code Execution Vulnerability Важная Azure Stack CVE-2024-38108 Azure Stack Hub Spoofing Vulnerability Важная Azure Stack CVE-2024-38201 Azure Stack Hub Elevation of Privilege Vulnerability Важная Line Printer Daemon Service (LPD) CVE-2024-38199 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Важная Microsoft Bluetooth Driver CVE-2024-38123 Windows Bluetooth Driver Information Disclosure Vulnerability Важная Microsoft Copilot Studio CVE-2024-38206 Microsoft Copilot Studio Information Disclosure Vulnerability Критическая Microsoft Dynamics CVE-2024-38166 Microsoft Dynamics 365 Cross-site Scripting Vulnerability Критическая Microsoft Dynamics CVE-2024-38211 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Важная Microsoft Edge (Chromium-based) CVE-2024-7256 Chromium: CVE-2024-7256 Insufficient data validation in Dawn Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7536 Chromium: CVE-2024-7550 Type Confusion in V8 Неизвестно Microsoft Edge (Chromium-based) CVE-2024-6990 Chromium: CVE-2024-6990 Uninitialized Use in Dawn Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7255 Chromium: CVE-2024-7255 Out of bounds read in WebTransport Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7534 Chromium: CVE-2024-7535 Inappropriate implementation in V8 Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7532 Chromium: CVE-2024-7533 Use after free in Sharing Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7550 Chromium: CVE-2024-7532 Out of bounds memory access in ANGLE Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7535 Chromium: CVE-2024-7536 Use after free in WebAudio Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7533 Chromium: CVE-2024-7534 Heap buffer overflow in Layout Неизвестно Microsoft Edge (Chromium-based) CVE-2024-38218 Microsoft Edge (HTML-based) Memory Corruption Vulnerability Важная Microsoft Edge (Chromium-based) CVE-2024-38219 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Microsoft Edge (Chromium-based) CVE-2024-38222 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Неизвестно Microsoft Local Security Authority Server (lsasrv) CVE-2024-38118 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability Важная Microsoft Local Security Authority Server (lsasrv) CVE-2024-38122 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability Важная Microsoft Office CVE-2024-38200 Microsoft Office Spoofing Vulnerability Важная Microsoft Office CVE-2024-38084 Microsoft OfficePlus Elevation of Privilege Vulnerability Важная Microsoft Office Excel CVE-2024-38172 Microsoft Excel Remote Code Execution Vulnerability Важная Microsoft Office Excel CVE-2024-38170 Microsoft Excel Remote Code Execution Vulnerability Важная Microsoft Office Outlook CVE-2024-38173 Microsoft Outlook Remote Code Execution Vulnerability Важная Microsoft Office PowerPoint CVE-2024-38171 Microsoft PowerPoint Remote Code Execution Vulnerability Важная Microsoft Office Project CVE-2024-38189 Microsoft Project Remote Code Execution Vulnerability Важная Microsoft Office Visio CVE-2024-38169 Microsoft Office Visio Remote Code Execution Vulnerability Важная Microsoft Streaming Service CVE-2024-38134 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Важная Microsoft Streaming Service CVE-2024-38144 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Важная Microsoft Streaming Service CVE-2024-38125 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Важная Microsoft Teams CVE-2024-38197 Microsoft Teams for iOS Spoofing Vulnerability Важная Microsoft WDAC OLE DB provider for SQL CVE-2024-38152 Windows OLE Remote Code Execution Vulnerability Важная Microsoft Windows DNS CVE-2024-37968 Windows DNS Spoofing Vulnerability Важная Reliable Multicast Transport Driver (RMCAST) CVE-2024-38140 Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Критическая Windows Ancillary Function Driver for WinSock CVE-2024-38141 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Важная Windows Ancillary Function Driver for WinSock CVE-2024-38193 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Важная Windows App Installer CVE-2024-38177 Windows App Installer Spoofing Vulnerability Важная Windows Clipboard Virtual Channel Extension CVE-2024-38131 Clipboard Virtual Channel Extension Remote Code Execution Vulnerability Важная Windows Cloud Files Mini Filter Driver CVE-2024-38215 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Важная Windows Common Log File System Driver CVE-2024-38196 Windows Common Log File System Driver Elevation of Privilege Vulnerability Важная Windows Compressed Folder CVE-2024-38165 Windows Compressed Folder Tampering Vulnerability Важная Windows Deployment Services CVE-2024-38138 Windows Deployment Services Remote Code Execution Vulnerability Важная Windows DWM Core Library CVE-2024-38150 Windows DWM Core Library Elevation of Privilege Vulnerability Важная Windows DWM Core Library CVE-2024-38147 Microsoft DWM Core Library Elevation of Privilege Vulnerability Важная Windows Initial Machine Configuration CVE-2024-38223 Windows Initial Machine Configuration Elevation of Privilege Vulnerability Важная Windows IP Routing Management Snapin CVE-2024-38114 Windows IP Routing Management Snapin Remote Code Execution Vulnerability Важная Windows IP Routing Management Snapin CVE-2024-38116 Windows IP Routing Management Snapin Remote Code Execution Vulnerability Важная Windows IP Routing Management Snapin CVE-2024-38115 Windows IP Routing Management Snapin Remote Code Execution Vulnerability Важная Windows Kerberos CVE-2024-29995 Windows Kerberos Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-38151 Windows Kernel Information Disclosure Vulnerability Важная Windows Kernel CVE-2024-38133 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-38127 Windows Hyper-V Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-38153 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-38106 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel-Mode Drivers CVE-2024-38187 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Важная Windows Kernel-Mode Drivers CVE-2024-38191 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Важная Windows Kernel-Mode Drivers CVE-2024-38184 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Важная Windows Kernel-Mode Drivers CVE-2024-38186 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Важная Windows Kernel-Mode Drivers CVE-2024-38185 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Важная Windows Layer-2 Bridge Network Driver CVE-2024-38146 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Важная Windows Layer-2 Bridge Network Driver CVE-2024-38145 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Важная Windows Mark of the Web (MOTW) CVE-2024-38213 Windows Mark of the Web Security Feature Bypass Vulnerability Moderate Windows Mobile Broadband CVE-2024-38161 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Важная Windows Network Address Translation (NAT) CVE-2024-38132 Windows Network Address Translation (NAT) Denial of Service Vulnerability Важная Windows Network Address Translation (NAT) CVE-2024-38126 Windows Network Address Translation (NAT) Denial of Service Vulnerability Важная Windows Network Virtualization CVE-2024-38160 Windows Network Virtualization Remote Code Execution Vulnerability Критическая Windows Network Virtualization CVE-2024-38159 Windows Network Virtualization Remote Code Execution Vulnerability Критическая Windows NT OS Kernel CVE-2024-38135 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Важная Windows NTFS CVE-2024-38117 NTFS Elevation of Privilege Vulnerability Важная Windows Power Dependency Coordinator CVE-2024-38107 Windows Power Dependency Coordinator Elevation of Privilege Vulnerability Важная Windows Print Spooler Components CVE-2024-38198 Windows Print Spooler Elevation of Privilege Vulnerability Важная Windows Resource Manager CVE-2024-38137 Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability Важная Windows Resource Manager CVE-2024-38136 Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38130 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38128 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38154 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38121 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38214 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38120 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Scripting CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Важная Windows Secure Boot CVE-2022-3775 Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequences Критическая Windows Secure Boot CVE-2023-40547 Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass Критическая Windows Secure Boot CVE-2022-2601 Redhat: CVE-2022-2601 grub2 - Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass Важная Windows Secure Kernel Mode CVE-2024-21302 Windows Secure Kernel Mode Elevation of Privilege Vulnerability Важная Windows Secure Kernel Mode CVE-2024-38142 Windows Secure Kernel Mode Elevation of Privilege Vulnerability Важная Windows Security Center CVE-2024-38155 Security Center Broker Information Disclosure Vulnerability Важная Windows SmartScreen CVE-2024-38180 Windows SmartScreen Security Feature Bypass Vulnerability Важная Windows TCP/IP CVE-2024-38063 Windows TCP/IP Remote Code Execution Vulnerability Критическая Windows Transport Security Layer (TLS) CVE-2024-38148 Windows Secure Channel Denial of Service Vulnerability Важная Windows Update Stack CVE-2024-38202 Windows Update Stack Elevation of Privilege Vulnerability Важная Windows Update Stack CVE-2024-38163 Windows Update Stack Elevation of Privilege Vulnerability Важная Windows WLAN Auto Config Service CVE-2024-38143 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Важная