Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities, only one of them is a publicly disclosed zero-day flaw.
Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities in Windows and Windows Components; Office and Office Components; Azure; Dynamics Business Central; and Visual Studio. Eight of these bugs were reported through the ZDI program.
Only one of these issues is rated Critical and 48 are rated Important in severity.
Only one of these vulnerabilities is listed as publicly known. Fortunately, none are being actively exploited in the wild.
The most severe issue is a Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability tracked as CVE-2024-30080 (CVSS score 9.8).
Remote, unauthenticated attackers can exploit this issue to execute arbitrary code with elevated privileges of systems where MSMQ is enabled. The flaw is wormable between those servers where MSMQ is disabled.
“To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. This could result in remote code execution on the server side.” reads the advisory.
The publicly disclosed zero-day vulnerability, tracked as CVE-2023-50868 (CVSS score 7.5), is regarding a vulnerability in DNSSEC validation. An attacker could exploit standard DNSSEC protocols intended for DNS integrity by using excessive resources on a resolver, causing a denial of service for legitimate users. MITRE created this CVE on their behalf.
Another interesting issue addressed by Microsoft Patch Tuesday security updates for June 2024 is a Windows Wi-Fi Driver Remote Code Execution vulnerability tracked as CVE-2024-30078 (CVSS score 8.8). An unauthenticated attacker can exploit this vulnerability to execute code on an affected system by sending the target a specially crafted network packet. The target would need to be in Wi-Fi range of the attacker and using a Wi-Fi adapter.
“Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.” reads the advisory. “An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.”
The full list of vulnerabilities addressed by Microsoft for June 2024 is available here:
https://www.zerodayinitiative.com/blog/2024/6/11/the-june-2024-security-update-review
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Microsoft Patch Tuesday)