05/14/2024 | News release | Distributed by Public on 05/14/2024 12:47
Microsoft has released its May edition of Patch Tuesday. Let's take a deep dive into the crucial insights from Microsoft's Patch Tuesday updates for May 2024.
Microsoft Patch Tuesday for May 2024
Microsoft Patch Tuesday's May 2024 edition addressed 67 vulnerabilities, including one critical and 59 important severity vulnerabilities. In this month's security updates, Microsoft has addressed two zero-day vulnerabilities known to be exploited in the wild. Microsoft also addressed five vulnerabilities in Microsoft Edge (Chromium-based). The vulnerabilities have been patched earlier this month.
Microsoft Patch Tuesday, May edition includes updates for vulnerabilities in Microsoft Office and Components, Power BI, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Cryptographic Services, and more.
Microsoft has fixed several flaws in multiple software, including Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Remote Code Execution (RCE), Security Feature Bypass, and Spoofing.
The May 2024 Microsoft vulnerabilities are classified as follows:
Zero-day Vulnerabilities Patched in May Patch Tuesday Edition
Windows MSHTML is a browser engine that renders web pages frequently connected to Internet Explorer. Even though the Internet Explorer (IE) 11 desktop application has reached the end of support, MSHTML vulnerabilities are still relevant today and are being patched by Microsoft.
The vulnerability can bypass OLE mitigations in Microsoft 365 and Microsoft Office, which protect users from vulnerable COM/OLE controls. An unauthenticated attacker may exploit this vulnerability to execute code by convincing a user to open a malicious document.
The Microsoft Windows Desktop Window Manager (DWM) Core Library is a system manager that generates every visible element on a PC or laptop, including visual effects in menus, wallpapers, themes, and more. It has been a part of Microsoft Windows since Windows Vista and is also known as the Desktop Compositing Engine (DCE).
On successful exploitation, an attacker could gain SYSTEM privileges.
Critical Severity Vulnerability Patched in May Patch Tuesday Edition
Microsoft SharePoint is a web-based platform that allows organizations to create websites for storing, organizing, sharing, and accessing information. SharePoint is available in Microsoft 365 and can be used on PCs, Macs, and mobile devices.
An authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger the deserialization of the file's parameters. Successful exploitation of the vulnerability may allow an attacker to perform remote code execution in the context of the SharePoint Server.
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
This month's release notes cover multiple Microsoft product families and products/versions affected, including, but not limited to, Windows Task Scheduler, Microsoft Windows SCSI Class System File, Windows Mobile Broadband, Microsoft WDAC OLE DB provider for SQL, Microsoft Brokering File System, Windows DWM Core Library, Windows Routing and Remote Access Service (RRAS), Windows Hyper-V, Windows Kernel, Windows DHCP Server, Windows NTFS, Windows Win32K - ICOMP, Windows Win32K - GRFX, Windows CNG Key Isolation Service, Microsoft Windows Search Component, Windows Deployment Services, Windows Remote Access Connection Manager, Windows MSHTML Platform, Microsoft Bing, Microsoft Office Excel, Microsoft Office SharePoint, .NET and Visual Studio, Microsoft Dynamics 365 Customer Insights, Windows Mark of the Web (MOTW), Azure Migrate, Power BI, Microsoft Edge (Chromium-based), and Microsoft Intune.
The next Patch Tuesday falls on June 11, and we'll be back with details and patch analysis. Until next Patch Tuesday, stay safe and secure. Be sure to subscribe to the 'This Month in Vulnerabilities and Patch's webinar.'
Qualys Monthly Webinar Series
The Qualys Research team hosts a monthly webinar series to help our existing customers leverage the seamless integration between Qualys Vulnerability Management Detection Response (VMDR) and Qualys Patch Management. Combining these two solutions can reduce the median time to remediate critical vulnerabilities.
During the webcast, we will discuss this month's high-impact vulnerabilities, including those included in this month's Patch Tuesday alert. We will then walk you through the necessary steps to address the key vulnerabilities using Qualys VMDR and Qualys Patch Management.
Join the webinar
This Month in Vulnerabilities & Patches
Related