Today’s VERT Alert addresses Microsoft’s July 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1114 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
A vulnerability in the Windows MSHTML Platform could allow spoofing to occur. Successful exploitation of this vulnerability requires that the attacker convince the victim to execute a malicious file. Microsoft has reported this vulnerability as Exploitation Detected.
A vulnerability in Microsoft’s Hyper-V virtualization platform could allow an attacker to elevate their privileges to SYSTEM access. Microsoft has reported this vulnerability as Exploitation Detected.
This vulnerability was assigned by Intel instead of Microsoft, but Microsoft has issued an update that mitigates the issue. This vulnerability only affects certain ARM-based operating systems, so updates are only available for the ARM version of Windows 11. Those interested in learning more about this vulnerability should read the paper in the ACM library titled, “FetchBench: Systematic identification and Characterization of Proprietary Prefetchers”. Microsoft has reported this vulnerability as Exploitation Less Likely.
The final vulnerability in this list this month is an HTTP/3 vulnerability in .NET and Visual Studio that could result in code execution. The reason this is less likely to be exploited is that the attacker must win a race condition in order successfully exploit the vulnerability. Microsoft has reported this vulnerability as Exploitation Less Likely.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also color coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted
| Tag | CVE Count | CVEs |
| Microsoft Dynamics | 1 | CVE-2024-30061 |
| Windows CoreMessaging | 1 | CVE-2024-21417 |
| Windows Secure Boot | 20 | CVE-2024-28899, CVE-2024-37969, CVE-2024-37970, CVE-2024-37974, CVE-2024-37981, CVE-2024-37986, CVE-2024-37987, CVE-2024-26184, CVE-2024-37971, CVE-2024-37972, CVE-2024-37973, CVE-2024-37975, CVE-2024-37977, CVE-2024-37978, CVE-2024-37984, CVE-2024-37988, CVE-2024-37989, CVE-2024-38010, CVE-2024-38011, CVE-2024-38065 |
| Windows NTLM | 1 | CVE-2024-30081 |
| Windows Cryptographic Services | 1 | CVE-2024-30098 |
| .NET and Visual Studio | 4 | CVE-2024-35264, CVE-2024-30105, CVE-2024-38081, CVE-2024-38095 |
| Windows iSCSI | 1 | CVE-2024-35270 |
| SQL Server | 38 | CVE-2024-38088, CVE-2024-38087, CVE-2024-21332, CVE-2024-21333, CVE-2024-21335, CVE-2024-21373, CVE-2024-21398, CVE-2024-21414, CVE-2024-21415, CVE-2024-21428, CVE-2024-37318, CVE-2024-37332, CVE-2024-37331, CVE-2024-35271, CVE-2024-35272, CVE-2024-20701, CVE-2024-21303, CVE-2024-21308, CVE-2024-21317, CVE-2024-21331, CVE-2024-21425, CVE-2024-37319, CVE-2024-37320, CVE-2024-37321, CVE-2024-37322, CVE-2024-37323, CVE-2024-37324, CVE-2024-21449, CVE-2024-37326, CVE-2024-37327, CVE-2024-37328, CVE-2024-37329, CVE-2024-37330, CVE-2024-37334, CVE-2024-37333, CVE-2024-37336, CVE-2024-28928, CVE-2024-35256 |
| Intel | 1 | CVE-2024-37985 |
| Windows Server Backup | 1 | CVE-2024-38013 |
| Windows Remote Desktop | 2 | CVE-2024-38015, CVE-2024-38076 |
| Windows Image Acquisition | 1 | CVE-2024-38022 |
| Microsoft Office SharePoint | 4 | CVE-2024-38023, CVE-2024-38024, CVE-2024-32987, CVE-2024-38094 |
| Windows Performance Monitor | 3 | CVE-2024-38025, CVE-2024-38019, CVE-2024-38028 |
| Windows Filtering | 1 | CVE-2024-38034 |
| Windows Kernel | 1 | CVE-2024-38041 |
| Windows PowerShell | 3 | CVE-2024-38043, CVE-2024-38033, CVE-2024-38047 |
| Active Directory Rights Management Services | 2 | CVE-2024-38517, CVE-2024-39684 |
| Microsoft Graphics Component | 2 | CVE-2024-38051, CVE-2024-38079 |
| Microsoft Streaming Service | 3 | CVE-2024-38054, CVE-2024-38052, CVE-2024-38057 |
| Microsoft Windows Codecs Library | 2 | CVE-2024-38055, CVE-2024-38056 |
| Windows Win32K - ICOMP | 1 | CVE-2024-38059 |
| Windows Imaging Component | 1 | CVE-2024-38060 |
| Role: Active Directory Certificate Services; Active Directory Domain Services | 1 | CVE-2024-38061 |
| Windows Kernel-Mode Drivers | 1 | CVE-2024-38062 |
| Windows TCP/IP | 1 | CVE-2024-38064 |
| Windows Remote Desktop Licensing Service | 6 | CVE-2024-38071, CVE-2024-38072, CVE-2024-38077, CVE-2024-38073, CVE-2024-38074, CVE-2024-38099 |
| Role: Windows Hyper-V | 1 | CVE-2024-38080 |
| Windows Win32 Kernel Subsystem | 1 | CVE-2024-38085 |
| Azure Kinect SDK | 1 | CVE-2024-38086 |
| Microsoft WS-Discovery | 1 | CVE-2024-38091 |
| Windows COM Session | 1 | CVE-2024-38100 |
| Windows Internet Connection Sharing (ICS) | 4 | CVE-2024-38102, CVE-2024-38053, CVE-2024-38101, CVE-2024-38105 |
| Windows Fax and Scan Service | 1 | CVE-2024-38104 |
| Windows MSHTML Platform | 1 | CVE-2024-38112 |
| Windows MultiPoint Services | 1 | CVE-2024-30013 |
| Windows Remote Access Connection Manager | 2 | CVE-2024-30071, CVE-2024-30079 |
| NPS RADIUS Server | 1 | CVE-2024-3596 |
| Azure Network Watcher | 1 | CVE-2024-35261 |
| Azure DevOps | 2 | CVE-2024-35266, CVE-2024-35267 |
| Windows Message Queuing | 1 | CVE-2024-38017 |
| Microsoft Office Outlook | 1 | CVE-2024-38020 |
| Microsoft Office | 1 | CVE-2024-38021 |
| Line Printer Daemon Service (LPD) | 1 | CVE-2024-38027 |
| Windows Themes | 1 | CVE-2024-38030 |
| Windows Online Certificate Status Protocol (OCSP) | 3 | CVE-2024-38031, CVE-2024-38067, CVE-2024-38068 |
| XBox Crypto Graphic Services | 2 | CVE-2024-38032, CVE-2024-38078 |
| Windows DHCP Server | 1 | CVE-2024-38044 |
| NDIS | 1 | CVE-2024-38048 |
| Windows Distributed Transaction Coordinator | 1 | CVE-2024-38049 |
| Windows Workstation Service | 1 | CVE-2024-38050 |
| Windows BitLocker | 1 | CVE-2024-38058 |
| Windows Win32K - GRFX | 1 | CVE-2024-38066 |
| Windows Enroll Engine | 1 | CVE-2024-38069 |
| Windows LockDown Policy (WLDP) | 1 | CVE-2024-38070 |
| Microsoft Defender for IoT | 1 | CVE-2024-38089 |
| Azure CycleCloud | 1 | CVE-2024-38092 |
Other Information
At the time of publication, there were no new advisories included with the July Security Guidance.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.
