Skip to main content

Patch Tuesday (2024-10)

·815 words·4 mins
Posts patchtuesday
Table of Contents

Key Takeways
#

  • 177 newly disclosed vulnerabilities and 4 non-Microsoft CVEs released in Oct 2024.
  • Highest CVSS Based Score is 9.8 (CVE-2024-43468).
  • Other 2 critical vulnerabilities include CVE-2024-43488 and CVE-2024-43582.
  • 4 zero-day flaws with 2 are actively exploited.
  • Total of 2 CVEs found in CISA_KEV and exploited in wild.
  • Total of 120 CVEs that require customer action. (New metric starting in Aug 2024)
  • 43 remote code execution vulnerabilities (RCE).

Video is added later since it only been released on Oct 10.

Patch_Tuesday
#


$ patch_tuesday -k 2024-oct -vc


 _____     _       _      _____               _
|  _  |___| |_ ___| |_   |_   _|_ _ ___ ___ _| |___ _ _
|   __| .'|  _|  _|   |    | | | | | -_|_ -| . | .'| | |
|__|  |__,|_| |___|_|_|    |_| |___|___|___|___|__,|_  |
                                                   |___|


 [*] Finish fetching [2,146,701 bytes] from https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2024-oct


 [*] CISA Catalog of Known Exploited Vulnerabilities [ 2024.10.08/1190 ]


 Microsoft Patch Tuesday - By MSRC
===============================================
 << October 2024 Security Updates [ 2024-10-08 ] >>


 [+] Vulnerabilities           : [ 122 ]
        [-] High_Severity      : [  23 ]
        [-] High_likelihood    : [   9 ]
        [-] Exploited in_wild  : [   2 ]
        [-] Action_required    : [ 120 ]
        [-] Found in CISA_KEV  : [   2 ]

                                                     High_Severity/23
┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ CVE            ┃ CVSS_Base/Temp ┃ Title_Value                                                                          ┃
┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ CVE-2024-38179 │  B:8.8/T:7.7   │ Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability │
│ CVE-2024-43518 │  B:8.8/T:7.7   │ Windows Telephony Server Remote Code Execution Vulnerability                         │
│ CVE-2024-43519 │  B:8.8/T:7.7   │ Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability    │
│ CVE-2024-43532 │  B:8.8/T:7.7   │ Remote Registry Service Elevation of Privilege Vulnerability                         │
│ CVE-2024-43533 │  B:8.8/T:7.7   │ Remote Desktop Client Remote Code Execution Vulnerability                            │
│ CVE-2024-6197  │  B:8.8/T:7.7   │ Open Source Curl Remote Code Execution Vulnerability                                 │
│ CVE-2024-43608 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43607 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-38124 │  B:9.0/T:7.8   │ Windows Netlogon Elevation of Privilege Vulnerability                                │
│ CVE-2024-38265 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43453 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-38212 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43468 │  B:9.8/T:8.5   │ Microsoft Configuration Manager Remote Code Execution Vulnerability                  │
│ CVE-2024-43517 │  B:8.8/T:7.7   │ Microsoft ActiveX Data Objects Remote Code Execution Vulnerability                   │
│ CVE-2024-43549 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43564 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43589 │  B:8.8/T:8.1   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43591 │  B:8.7/T:7.6   │ Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability            │
│ CVE-2024-43592 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43593 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43599 │  B:8.8/T:7.7   │ Remote Desktop Client Remote Code Execution Vulnerability                            │
│ CVE-2024-43611 │  B:8.8/T:7.7   │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │
│ CVE-2024-43488 │  B:8.8/T:7.7   │ Visual Studio Code extension for Arduino Remote Code Execution Vulnerability         │
└────────────────┴────────────────┴──────────────────────────────────────────────────────────────────────────────────────┘

                                               High_Likelihood/9
┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ CVE            ┃ CVSS_Base/Temp ┃ Title_Value                                                                ┃
┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ CVE-2024-43502 │  B:7.1/T:6.2   │ Windows Kernel Elevation of Privilege Vulnerability                        │
│ CVE-2024-43581 │  B:7.1/T:6.2   │ Microsoft OpenSSH for Windows Remote Code Execution Vulnerability          │
│ CVE-2024-43609 │  B:6.5/T:5.7   │ Microsoft Office Spoofing Vulnerability                                    │
│ CVE-2024-43615 │  B:7.1/T:6.2   │ Microsoft OpenSSH for Windows Remote Code Execution Vulnerability          │
│ CVE-2024-43509 │  B:7.8/T:6.8   │ Windows Graphics Component Elevation of Privilege Vulnerability            │
│ CVE-2024-43556 │  B:7.8/T:6.8   │ Windows Graphics Component Elevation of Privilege Vulnerability            │
│ CVE-2024-43560 │  B:7.8/T:6.8   │ Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability │
│ CVE-2024-43583 │  B:7.8/T:6.8   │ Winlogon Elevation of Privilege Vulnerability                              │
│ CVE-2024-43610 │  B:0.0/T:0.0   │ Copilot Studio Information Disclosure Vulnerability                        │
└────────────────┴────────────────┴────────────────────────────────────────────────────────────────────────────┘

                                          Exploited_in_Wild/2
┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ CVE            ┃ CVSS_Base/Temp  ┃ Title_Value                                                      ┃
┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ CVE-2024-43573 │ B:6.5/T:6.0 [K] │ Windows MSHTML Platform Spoofing Vulnerability                   │
│ CVE-2024-43572 │ B:7.8/T:7.2 [K] │ Microsoft Management Console Remote Code Execution Vulnerability │
└────────────────┴─────────────────┴──────────────────────────────────────────────────────────────────┘


 [+] Product Families (10)
               Developer Tools ▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ 89
                       Windows ▇▇▇▇▇▇▇▇▇ 28
              Microsoft Office ▇▇▇▇▇ 15
                           ESU ▇▇▇ 10
                         Azure ▇▇ 8
                       Mariner ▇▇ 6
                 System Center ▇ 4
                    SQL Server ▏ 1
                          Apps ▏ 1
                       Browser ▏ 1

 [*] "October 2024 Security Updates" (Rev 118)
        [-] Initial Release date: 2024-10-08T07:00:00
        [-] Current Release date: 2024-10-08T07:00:00

 [*] [2024-10-09] main(): Completed within [7.2541 sec].

Outro
#

Related

Patch Tuesday (2024-09)
·1024 words·5 mins
Posts patchtuesday
$ ./patch_tuesday.py -k 2024-sep -vc
Patch Tuesday (2024-08)
·954 words·5 mins
Posts patchtuesday
$ ./patch_tuesday.py -k 2024-aug -vc
Patch Tuesday (2024-07)
·1495 words·8 mins
Posts patchtuesday
Security Update Release Summary July 2024.