February, 2024: Patch Tuesday - Two Zero Days

Welcome to my February Patch Tuesday. Today Microsoft released updates for 73 vulnerabilities and an additional 33 updates since the previous Patch Tuesday for a total of 106 updates this month. Of these we have two zero-days to highlight first.

Our first zero-day is CVE-2024-21351. According to CVSS metric, user interaction is required and the privileges required are low. This means an attacker must send the user a malicious file and convince the user to open it. This results in Windows SmartScreen being bypassed and potentially allowing an attacker to gain code execution which could lead to data exposure or a lack of system availability. So this is one that needs to be patched ASAP.

Our second zero-day is CVE-2024-21412. Exploitation is similar to 21351 above since an attacker would have to convince the end user to click on a file link. You will want to make sure that your OS updates get installed ASAP to protect your end users from these sneaky attacks.

We also have 8 other vulnerabilities that, although not zero-days, have an exploitability assessment of "Exploitation More Likely". Beside Windows OS's, these affect Exchange Server, Outlook and Microsoft Word. So you will want to review these updates, get them tested and then get them installed very soon as well.

Besides this there isn't much to talk about this month. Last month I had a webinar showing how my Supercharger product can help you collect the events you need from your domain controllers to detect malicious activity. Unfortunately our webinar service provider had a few audio issues. We still managed to do the live event but if you missed it or were there and want to see a recording of it you can register for it here.

Happy patching!

Patch data provided by:

LOGbinder.com

Technology

Products Affected

Severity

Reference

Workaround/ Exploited / Publicly Disclosed

Vulnerability Info

Windows

Windows 10, 11

Server 2008 SP2, 2008R2 SP1, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations

Microsoft Printer Metadata Troubleshooter Tool

Critical

CVE-2023-50387
CVE-2024-20684
CVE-2024-21304
CVE-2024-21338
CVE-2024-21339
CVE-2024-21340
CVE-2024-21341
CVE-2024-21342
CVE-2024-21343
CVE-2024-21344
CVE-2024-21345
CVE-2024-21346
CVE-2024-21347
CVE-2024-21348
CVE-2024-21349
CVE-2024-21350
CVE-2024-21351
CVE-2024-21352
CVE-2024-21353
CVE-2024-21354
CVE-2024-21355
CVE-2024-21356
CVE-2024-21357
CVE-2024-21358
CVE-2024-21359
CVE-2024-21360
CVE-2024-21361
CVE-2024-21362
CVE-2024-21363
CVE-2024-21365
CVE-2024-21366
CVE-2024-21367
CVE-2024-21368
CVE-2024-21369
CVE-2024-21370
CVE-2024-21371
CVE-2024-21372
CVE-2024-21375
CVE-2024-21377
CVE-2024-21391
CVE-2024-21405
CVE-2024-21406
CVE-2024-21412
CVE-2024-21420

Workaround: No
Exploited: Yes
Public: No

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Edge

Chromium-based

Moderate

CVE-2024-0333
CVE-2024-0517
CVE-2024-0518
CVE-2024-0519
CVE-2024-0804
CVE-2024-0805
CVE-2024-0806
CVE-2024-0807
CVE-2024-0808
CVE-2024-0809
CVE-2024-0810
CVE-2024-0811
CVE-2024-0812
CVE-2024-0813
CVE-2024-0814
CVE-2024-1059
CVE-2024-1060
CVE-2024-1077
CVE-2024-1283
CVE-2024-1284
CVE-2024-20675
CVE-2024-20709
CVE-2024-20721
CVE-2024-21326
CVE-2024-21336
CVE-2024-21337
CVE-2024-21382
CVE-2024-21383
CVE-2024-21385
CVE-2024-21387
CVE-2024-21388
CVE-2024-21399

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Office

365 Apps for Enterprise

Excel, Outlook, PowerPoint, Publisher, Visio, Word 2016

Office 2016, 2019

LTSC 2021

LTSC for Mac 2021

Teams for Android

Skype for Business 2016

Skype for Business Server 2019 CU7

Critical

CVE-2024-20673
CVE-2024-20695
CVE-2024-21374
CVE-2024-21378
CVE-2024-21379
CVE-2024-21384
CVE-2024-21402
CVE-2024-21413

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

Exchange

Server 2019 CU 13, 14, 23

Critical

CVE-2024-21410

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

ASP.NET

6.0, 7.0, 8.0

Important

CVE-2024-21386
CVE-2024-21404

Workaround: No
Exploited: No
Public: No

Denial of Serivce

Visual Studio

2022 17.4-17.8

Important

CVE-2024-21386
CVE-2024-21404

Workaround: No
Exploited: No
Public: No

Denial of Serivce

Dynamics

365 Business Central 2023 Release Wave 1 & 2

On-Prem 9.1

Customer Engagement 9.1

Critical

CVE-2024-21327
CVE-2024-21328
CVE-2024-21380
CVE-2024-21389
CVE-2024-21393
CVE-2024-21394
CVE-2024-21395
CVE-2024-21396

Workaround: No
Exploited: No
Public: No

Information Disclosure

Spoofing

Azure

DevOps Server 2020.1.2, 2019.1.2, 2022.1

File Sync v14-v17

Kubernetes Service Confidential Containers

Site Recovery

Stack Hub

Connected Machine Agent

Active Directory B2C

Entra Jira Single-Sign-On Plugin

Moderate

CVE-2024-20667
CVE-2024-20679
CVE-2024-21329
CVE-2024-21364
CVE-2024-21376
CVE-2024-21381
CVE-2024-21397
CVE-2024-21401
CVE-2024-21403

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Remote Code Execution

Spoofing

System Center

Defender for Endpoint

Important

CVE-2024-21315

Workaround: No
Exploited: No
Public: No

Elevation of Privilege