Октябрьские патчи от Microsoft закрывают 118 дыр, пять из которых — 0-day

Октябрьские обновления от Microsoft принесли патчи в общей сложности для 118 уязвимостей. Пять брешей получили статус 0-day, поскольку для них уже доступны рабочие эксплойты.

Согласно сообщениям исследователей, две уязвимости из октябрьского набора активно эксплуатируются в реальных кибератаках. Кроме того, три бреши получили статус критических, так как приводят к удалённому выполнению кода.

По типам проблемы распределились следующим образом:

28 багов повышения прав; 7 возможностей обхода защитных функций; 43 уязвимости, позволяющие выполнить код удалённо; 6 багов раскрытия информации; 26 — DoS; 7 возможностей спуфинга.

Что касается уязвимостей нулевого дня, они получили следующие идентификаторы:

CVE-2024-43573 — возможность спуфинга, затрагивающая платформу Windows MSHTML. Microsoft пока не раскрывает подробности эксплуатации этой бреши. CVE-2024-43572 — удалённое выполнение кода в Microsoft Management Console. С помощью вредоносных файлов в формате Microsoft Saved Console (MSC) злоумышленники могут выполнить код на целевых устройствах. CVE-2024-6197 — тоже RCE, но на этот раз затрагивающая Curl. В уведомлении разработчиков отмечается, что вредоносный сервер может использовать брешь с помощью специально подготовленного TLS-сертификата. CVE-2024-20659 — обход защитных функций в Windows Hyper-V. В случае эксплуатации допускает компрометацию гипервизора и ядра. CVE-2024-43583 — повышение прав в Windows, открывающее атакующим привилегии уровня SYSTEM.

Список всех октябрьских уязвимостей выглядит так:

Затронутый компонент Идентификатор CVE Название CVE Уровень риска .NET and Visual Studio CVE-2024-38229 .NET and Visual Studio Remote Code Execution Vulnerability Важная .NET and Visual Studio CVE-2024-43485 .NET and Visual Studio Denial of Service Vulnerability Важная .NET, .NET Framework, Visual Studio CVE-2024-43484 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Важная .NET, .NET Framework, Visual Studio CVE-2024-43483 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Важная Azure CLI CVE-2024-43591 Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability Важная Azure Monitor CVE-2024-38097 Azure Monitor Agent Elevation of Privilege Vulnerability Важная Azure Stack CVE-2024-38179 Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability Важная BranchCache CVE-2024-43506 BranchCache Denial of Service Vulnerability Важная BranchCache CVE-2024-38149 BranchCache Denial of Service Vulnerability Важная Code Integrity Guard CVE-2024-43585 Code Integrity Guard Security Feature Bypass Vulnerability Важная DeepSpeed CVE-2024-43497 DeepSpeed Remote Code Execution Vulnerability Важная Internet Small Computer Systems Interface (iSCSI) CVE-2024-43515 Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability Важная Microsoft ActiveX CVE-2024-43517 Microsoft ActiveX Data Objects Remote Code Execution Vulnerability Важная Microsoft Configuration Manager CVE-2024-43468 Microsoft Configuration Manager Remote Code Execution Vulnerability Критическая Microsoft Defender for Endpoint CVE-2024-43614 Microsoft Defender for Endpoint for Linux Spoofing Vulnerability Важная Microsoft Edge (Chromium-based) CVE-2024-9369 Chromium: CVE-2024-9369 Insufficient data validation in Mojo Неизвестно Microsoft Edge (Chromium-based) CVE-2024-9370 Chromium: CVE-2024-9370 Inappropriate implementation in V8 Неизвестно Microsoft Edge (Chromium-based) CVE-2024-7025 Chromium: CVE-2024-7025 Integer overflow in Layout Неизвестно Microsoft Graphics Component CVE-2024-43534 Windows Graphics Component Information Disclosure Vulnerability Важная Microsoft Graphics Component CVE-2024-43508 Windows Graphics Component Information Disclosure Vulnerability Важная Microsoft Graphics Component CVE-2024-43556 Windows Graphics Component Elevation of Privilege Vulnerability Важная Microsoft Graphics Component CVE-2024-43509 Windows Graphics Component Elevation of Privilege Vulnerability Важная Microsoft Management Console CVE-2024-43572 Microsoft Management Console Remote Code Execution Vulnerability Важная Microsoft Office CVE-2024-43616 Microsoft Office Remote Code Execution Vulnerability Важная Microsoft Office CVE-2024-43576 Microsoft Office Remote Code Execution Vulnerability Важная Microsoft Office CVE-2024-43609 Microsoft Office Spoofing Vulnerability Важная Microsoft Office Excel CVE-2024-43504 Microsoft Excel Remote Code Execution Vulnerability Важная Microsoft Office SharePoint CVE-2024-43503 Microsoft SharePoint Elevation of Privilege Vulnerability Важная Microsoft Office Visio CVE-2024-43505 Microsoft Office Visio Remote Code Execution Vulnerability Важная Microsoft Simple Certificate Enrollment Protocol CVE-2024-43544 Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability Важная Microsoft Simple Certificate Enrollment Protocol CVE-2024-43541 Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability Важная Microsoft WDAC OLE DB provider for SQL CVE-2024-43519 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Важная Microsoft Windows Speech CVE-2024-43574 Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability Важная OpenSSH for Windows CVE-2024-43615 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability Важная OpenSSH for Windows CVE-2024-43581 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability Важная OpenSSH for Windows CVE-2024-38029 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability Важная Outlook for Android CVE-2024-43604 Outlook for Android Elevation of Privilege Vulnerability Важная Power BI CVE-2024-43612 Power BI Report Server Spoofing Vulnerability Важная Power BI CVE-2024-43481 Power BI Report Server Spoofing Vulnerability Важная Remote Desktop Client CVE-2024-43533 Remote Desktop Client Remote Code Execution Vulnerability Важная Remote Desktop Client CVE-2024-43599 Remote Desktop Client Remote Code Execution Vulnerability Важная Role: Windows Hyper-V CVE-2024-43521 Windows Hyper-V Denial of Service Vulnerability Важная Role: Windows Hyper-V CVE-2024-20659 Windows Hyper-V Security Feature Bypass Vulnerability Важная Role: Windows Hyper-V CVE-2024-43567 Windows Hyper-V Denial of Service Vulnerability Важная Role: Windows Hyper-V CVE-2024-43575 Windows Hyper-V Denial of Service Vulnerability Важная RPC Endpoint Mapper Service CVE-2024-43532 Remote Registry Service Elevation of Privilege Vulnerability Важная Service Fabric CVE-2024-43480 Azure Service Fabric for Linux Remote Code Execution Vulnerability Важная Sudo for Windows CVE-2024-43571 Sudo for Windows Spoofing Vulnerability Важная Visual C++ Redistributable Installer CVE-2024-43590 Visual C++ Redistributable Installer Elevation of Privilege Vulnerability Важная Visual Studio CVE-2024-43603 Visual Studio Collector Service Denial of Service Vulnerability Важная Visual Studio Code CVE-2024-43488 Visual Studio Code extension for Arduino Remote Code Execution Vulnerability Критическая Visual Studio Code CVE-2024-43601 Visual Studio Code for Linux Remote Code Execution Vulnerability Важная Windows Ancillary Function Driver for WinSock CVE-2024-43563 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Важная Windows BitLocker CVE-2024-43513 BitLocker Security Feature Bypass Vulnerability Важная Windows Common Log File System Driver CVE-2024-43501 Windows Common Log File System Driver Elevation of Privilege Vulnerability Важная Windows Cryptographic Services CVE-2024-43546 Windows Cryptographic Information Disclosure Vulnerability Важная Windows cURL Implementation CVE-2024-6197 Open Source Curl Remote Code Execution Vulnerability Важная Windows EFI Partition CVE-2024-37982 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability Важная Windows EFI Partition CVE-2024-37976 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability Важная Windows EFI Partition CVE-2024-37983 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability Важная Windows Hyper-V CVE-2024-30092 Windows Hyper-V Remote Code Execution Vulnerability Важная Windows Kerberos CVE-2024-43547 Windows Kerberos Information Disclosure Vulnerability Важная Windows Kerberos CVE-2024-38129 Windows Kerberos Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-43502 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-43511 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-43520 Windows Kernel Denial of Service Vulnerability Важная Windows Kernel CVE-2024-43527 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-43570 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel CVE-2024-37979 Windows Kernel Elevation of Privilege Vulnerability Важная Windows Kernel-Mode Drivers CVE-2024-43554 Windows Kernel-Mode Driver Information Disclosure Vulnerability Важная Windows Kernel-Mode Drivers CVE-2024-43535 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Важная Windows Local Security Authority (LSA) CVE-2024-43522 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Важная Windows Mobile Broadband CVE-2024-43555 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43540 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43536 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Важная Windows Mobile Broadband CVE-2024-43538 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43525 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Важная Windows Mobile Broadband CVE-2024-43559 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43561 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43558 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43542 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43557 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows Mobile Broadband CVE-2024-43526 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Важная Windows Mobile Broadband CVE-2024-43543 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Важная Windows Mobile Broadband CVE-2024-43523 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Важная Windows Mobile Broadband CVE-2024-43524 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Важная Windows Mobile Broadband CVE-2024-43537 Windows Mobile Broadband Driver Denial of Service Vulnerability Важная Windows MSHTML Platform CVE-2024-43573 Windows MSHTML Platform Spoofing Vulnerability Средняя Windows Netlogon CVE-2024-38124 Windows Netlogon Elevation of Privilege Vulnerability Важная Windows Network Address Translation (NAT) CVE-2024-43562 Windows Network Address Translation (NAT) Denial of Service Vulnerability Важная Windows Network Address Translation (NAT) CVE-2024-43565 Windows Network Address Translation (NAT) Denial of Service Vulnerability Важная Windows NT OS Kernel CVE-2024-43553 NT OS Kernel Elevation of Privilege Vulnerability Важная Windows NTFS CVE-2024-43514 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Важная Windows Online Certificate Status Protocol (OCSP) CVE-2024-43545 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Важная Windows Print Spooler Components CVE-2024-43529 Windows Print Spooler Elevation of Privilege Vulnerability Важная Windows Remote Desktop CVE-2024-43582 Remote Desktop Protocol Server Remote Code Execution Vulnerability Критическая Windows Remote Desktop Licensing Service CVE-2024-38262 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Важная Windows Remote Desktop Services CVE-2024-43456 Windows Remote Desktop Services Tampering Vulnerability Важная Windows Resilient File System (ReFS) CVE-2024-43500 Windows Resilient File System (ReFS) Information Disclosure Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43592 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43589 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38212 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43593 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38261 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43611 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43453 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-38265 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43607 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43549 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43608 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Routing and Remote Access Service (RRAS) CVE-2024-43564 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Важная Windows Scripting CVE-2024-43584 Windows Scripting Engine Security Feature Bypass Vulnerability Важная Windows Secure Channel CVE-2024-43550 Windows Secure Channel Spoofing Vulnerability Важная Windows Secure Kernel Mode CVE-2024-43516 Windows Secure Kernel Mode Elevation of Privilege Vulnerability Важная Windows Secure Kernel Mode CVE-2024-43528 Windows Secure Kernel Mode Elevation of Privilege Vulnerability Важная Windows Shell CVE-2024-43552 Windows Shell Remote Code Execution Vulnerability Важная Windows Standards-Based Storage Management Service CVE-2024-43512 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Важная Windows Storage CVE-2024-43551 Windows Storage Elevation of Privilege Vulnerability Важная Windows Storage Port Driver CVE-2024-43560 Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability Важная Windows Telephony Server CVE-2024-43518 Windows Telephony Server Remote Code Execution Vulnerability Важная Winlogon CVE-2024-43583 Winlogon Elevation of Privilege Vulnerability Важная