Today’s VERT Alert addresses Microsoft’s February 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1093 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
This CVE describes a bypass in the Windows SmartScreen Security Feature. At this point, these bypasses have become relatively common and are frequently featured within the Patch Tuesday updates. SmartScreen prompts you when running certain files downloaded from the Internet to warn you that you should exercise caution before proceeding. SmartScreen does this using the zone identifier Alternate Data Stream (ADS) or Mark of the Web. When the Zone Identifier is set to 3, SmartScreen knows that the file was downloaded from the Internet. An attacker must convince the user to open the file, but this vulnerability could allow for SmartScreen to be bypassed. Microsoft has reported this vulnerability as Exploitation Detected.
This CVE describes a bypass in an Internet Shortcut Files Security Feature. An attacker could send a user a malicious file and convince them to open it, bypassing security checks that might prevent this attack. Microsoft has reported this vulnerability as Exploitation Detected.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per-tag basis. Vulnerabilities are also color-coded to aid in identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
Tag |
CVE Count |
CVEs |
Microsoft Edge (Chromium-based) |
6 |
CVE-2024-1283, CVE-2024-1284, CVE-2024-21399, CVE-2024-1060, CVE-2024-1059, CVE-2024-1077 |
Azure DevOps |
1 |
CVE-2024-20667 |
Role: DNS Server |
2 |
CVE-2023-50387, CVE-2024-21342 |
Microsoft Dynamics |
8 |
CVE-2024-21327, CVE-2024-21389, CVE-2024-21393, CVE-2024-21394, CVE-2024-21396, CVE-2024-21328, CVE-2024-21380, CVE-2024-21395 |
Azure Connected Machine Agent |
1 |
CVE-2024-21329 |
Windows Kernel |
6 |
CVE-2024-21338, CVE-2024-21340, CVE-2024-21371, CVE-2024-21341, CVE-2024-21345, CVE-2024-21362 |
Microsoft ActiveX |
1 |
CVE-2024-21349 |
Microsoft WDAC OLE DB provider for SQL |
15 |
CVE-2024-21350, CVE-2024-21352, CVE-2024-21358, CVE-2024-21360, CVE-2024-21361, CVE-2024-21366, CVE-2024-21369, CVE-2024-21375, CVE-2024-21420, CVE-2024-21359, CVE-2024-21365, CVE-2024-21367, CVE-2024-21368, CVE-2024-21370, CVE-2024-21391 |
Windows SmartScreen |
1 |
CVE-2024-21351 |
Windows Message Queuing |
4 |
CVE-2024-21354, CVE-2024-21355, CVE-2024-21363, CVE-2024-21405 |
Windows Internet Connection Sharing (ICS) |
4 |
CVE-2024-21357, CVE-2024-21343, CVE-2024-21344, CVE-2024-21348 |
Windows OLE |
1 |
CVE-2024-21372 |
Microsoft Office Word |
1 |
CVE-2024-21379 |
Azure Active Directory |
2 |
CVE-2024-21381, CVE-2024-21401 |
.NET |
2 |
CVE-2024-21386, CVE-2024-21404 |
Microsoft Office Outlook |
2 |
CVE-2024-21402, CVE-2024-21378 |
Microsoft Office |
2 |
CVE-2024-21413, CVE-2024-20673 |
Azure Stack |
1 |
CVE-2024-20679 |
Trusted Compute Base |
1 |
CVE-2024-21304 |
Microsoft Defender for Endpoint |
1 |
CVE-2024-21315 |
Skype for Business |
1 |
CVE-2024-20695 |
Windows Hyper-V |
1 |
CVE-2024-20684 |
Windows USB Serial Driver |
1 |
CVE-2024-21339 |
Windows Win32K - ICOMP |
1 |
CVE-2024-21346 |
SQL Server |
1 |
CVE-2024-21347 |
Microsoft WDAC ODBC Driver |
1 |
CVE-2024-21353 |
Windows LDAP - Lightweight Directory Access Protocol |
1 |
CVE-2024-21356 |
Azure Site Recovery |
1 |
CVE-2024-21364 |
Microsoft Teams for Android |
1 |
CVE-2024-21374 |
Microsoft Azure Kubernetes Service |
2 |
CVE-2024-21376, CVE-2024-21403 |
Microsoft Windows DNS |
1 |
CVE-2024-21377 |
Microsoft Office OneNote |
1 |
CVE-2024-21384 |
Azure File Sync |
1 |
CVE-2024-21397 |
Microsoft Windows |
1 |
CVE-2024-21406 |
Microsoft Exchange Server |
1 |
CVE-2024-21410 |
Internet Shortcut Files |
1 |
CVE-2024-21412 |
Mariner |
1 |
CVE-2024-21626 |
Other Information
At the time of publication, there were no new advisories included with the February Security Guidance.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.