Security Update Analysis for Microsoft and Adobe, June 2024 Patch Tuesday
In the tech world, the month of June 2024 was marked by Microsoft's Patch Tuesday updates, addressing a multitude of vulnerabilities across various products and services. Meanwhile, the Qualys Research team has been busy, hosting a monthly webinar series to help customers leverage Qualys Vulnerability Management Detection Response (VMDR) and Qualys Patch Management.
During this month's webcast, the Qualys team will discuss the high-impact vulnerabilities, including those that are a part of this month's Patch Tuesday alert. One critical severity vulnerability, CVE-2024-30080, allows for remote code execution in Microsoft Message Queuing (MSMQ). This vulnerability, if exploited, could potentially lead to a significant security risk.
Microsoft patched a total of 58 vulnerabilities, including one critical and 50 of important severity, in their June 2024 Patch Tuesday updates. Among the patched vulnerabilities, several elevation of privilege vulnerabilities were addressed, such as CVE-2024-30082, CVE-2024-35250, and CVE-2024-30084, to name a few.
Interestingly, one zero-day vulnerability known to be exploited in the wild was also patched in the June 2024 edition. Microsoft also addressed seven vulnerabilities in Microsoft Edge (Chromium-based).
The release notes for June 2024 Patch Tuesday cover multiple Microsoft product families and products/versions affected. These include Microsoft Office and Components, Visual Studio, Windows Server Service, Windows Kernel, Windows DHCP Server, Azure Storage Library, Azure File Sync, and more.
In response to these updates, the Qualys Policy Compliance team has released mitigation controls based on vendor-suggested Mitigation/Workaround. They have also updated several Qualys Policy Compliance Control IDs to support Microsoft's recommended mitigation(s) for the Patch Tuesday.
For those seeking assistance in addressing these key vulnerabilities, the Qualys team will walk customers through the necessary steps using Qualys VMDR and Qualys Patch Management. VMDR, in particular, rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches.
The Qualys team has also provided a QQL that will return a posture assessment for the CIDs for this Patch Tuesday, making it easier for customers to stay informed and secure.
The next Patch Tuesday falls on July 9, marking another important date in the tech calendar for security updates and vulnerability patches. Stay tuned for more updates from Qualys and Microsoft as we continue to navigate the ever-evolving cybersecurity landscape.
Read also:
- Exploring Harry Potter's Lineage: Decoding the Enigma of His Half-Blood Ancestry
- Elon Musk Acquires 26,400 Megawatt Gas Turbines for Powering His AI Project, Overlooks Necessary Permits for Operation!
- U Power's strategic collaborator UNEX EV has inked a Letter of Intent with Didi Mobility to deploy UOTTA(TM) battery-swapping electric vehicles in Mexico.
- Global Gaming Company, LINEUP Games, Moves Into Extensive Global Web3 Multi-Platform Gaming Network
