Aggiornamenti Mensili Microsoft (AL07/240409/CSIRT-ITA) – Aggiornamento

Data:
5 Agosto 2024 10:38

Data di creazione: 09/04/2024 – 19:20

Sintesi

Microsoft ha rilasciato gli aggiornamenti di sicurezza mensili che risolvono un totale di 150 nuove vulnerabilità.

Note (aggiornamento del 05/08/2024): dei Proof of Concept (PoC) per lo sfruttamento delle vulnerabilità CVE-2024-26218 e CVE-2024-26229 risultano disponibile in rete.

Note (aggiornamento del 10/04/2024): le CVE-2024-29988 e CVE-2024-26234 risulterebbero essere sfruttate attivamente in rete.

Rischio (aggiornamento del 30/04/2024)

Stima d’impatto della vulnerabilità sulla comunità di riferimento: GRAVE/ROSSO (77,17/100)¹.

Tipologia

Elevation of Privilege
Information Disclosure
Spoofing
Security Feature Bypass
Denial of Service
Remote Code Execution

Prodotti e versioni affette

.NET and Visual Studio
Azure
Azure AI Search
Azure Arc
Azure Compute Gallery
Azure Migrate
Azure Monitor
Azure Private 5G Core
Azure SDK
Internet Shortcut Files
Microsoft Azure Kubernetes Service
Microsoft Brokering File System
Microsoft Defender for IoT
Microsoft Edge (Chromium-based)
Microsoft Install Service
Microsoft Office Excel
Microsoft Office Outlook
Microsoft Office SharePoint
Microsoft WDAC ODBC Driver
Microsoft WDAC OLE DB provider for SQL
Role: DNS Server
Role: Windows Hyper-V
SQL Server
Windows Authentication Methods
Windows BitLocker
Windows Compressed Folder
Windows Cryptographic Services
Windows Defender Credential Guard
Windows DHCP Server
Windows Distributed File System (DFS)
Windows DWM Core Library
Windows File Server Resource Management Service
Windows HTTP.sys
Windows Internet Connection Sharing (ICS)
Windows Kerberos
Windows Kernel
Windows Local Security Authority Subsystem Service (LSASS)
Windows Message Queuing
Windows Mobile Hotspot
Windows Proxy Driver
Windows Remote Access Connection Manager
Windows Remote Procedure Call
Windows Routing and Remote Access Service (RRAS)
Windows Secure Boot
Windows Storage
Windows Telephony Server
Windows Update Stack
Windows USB Print Driver
Windows Virtual Machine Bus
Windows Win32K – ICOMP

Azioni di mitigazione

In linea con le dichiarazioni del vendor, si raccomanda di procedere all’aggiornamento dei prodotti impattati attraverso l’apposita funzione di Windows Update.

Identificatori univoci vulnerabilità

CVE-ID
CVE-2024-28898	CVE-2024-29983	CVE-2024-28940	CVE-2024-28936
CVE-2024-26224	CVE-2024-26241	CVE-2024-28897	CVE-2024-26240
CVE-2024-29056	CVE-2024-29989	CVE-2024-26229	CVE-2024-28934
CVE-2024-28896	CVE-2024-26234	CVE-2024-20688	CVE-2024-26230
CVE-2024-20669	CVE-2024-26223	CVE-2024-26235	CVE-2024-26250
CVE-2024-26253	CVE-2024-26200	CVE-2024-26231	CVE-2024-28915
CVE-2024-20678	CVE-2024-26233	CVE-2024-29993	CVE-2024-28919
CVE-2024-28939	CVE-2024-28926	CVE-2024-29055	CVE-2024-23593
CVE-2024-28924	CVE-2024-28904	CVE-2024-26217	CVE-2024-26257
CVE-2024-28913	CVE-2024-26212	CVE-2024-26244	CVE-2024-26251
CVE-2024-26195	CVE-2024-28909	CVE-2024-29992	CVE-2024-26232
CVE-2024-28911	CVE-2024-29985	CVE-2024-26254	CVE-2024-28903
CVE-2024-28920	CVE-2024-28906	CVE-2024-26210	CVE-2024-28922
CVE-2024-23594	CVE-2024-26239	CVE-2024-26236	CVE-2024-26227
CVE-2024-29064	CVE-2024-21324	CVE-2024-28942	CVE-2024-28912
CVE-2024-28907	CVE-2024-26243	CVE-2024-29046	CVE-2024-28932
CVE-2024-26194	CVE-2024-28929	CVE-2024-26158	CVE-2024-26205
CVE-2024-26222	CVE-2024-28943	CVE-2024-26171	CVE-2024-26218
CVE-2024-29047	CVE-2024-26256	CVE-2024-21323	CVE-2024-28900
CVE-2024-29044	CVE-2024-29053	CVE-2024-28945	CVE-2024-29050
CVE-2024-26168	CVE-2024-29982	CVE-2024-28930	CVE-2024-26237
CVE-2024-28931	CVE-2024-28921	CVE-2024-21424	CVE-2024-26183
CVE-2024-28905	CVE-2024-26255	CVE-2024-26228	CVE-2024-29066
CVE-2024-28935	CVE-2024-29054	CVE-2024-26189	CVE-2024-26209
CVE-2024-26180	CVE-2024-26208	CVE-2024-28941	CVE-2024-20670
CVE-2024-21409	CVE-2024-26226	CVE-2024-20689	CVE-2024-28923
CVE-2024-29988	CVE-2024-26211	CVE-2024-28925	CVE-2024-26219
CVE-2024-28908	CVE-2024-29045	CVE-2024-2201	CVE-2024-26193
CVE-2024-29052	CVE-2024-26248	CVE-2024-28938	CVE-2024-29043
CVE-2024-21447	CVE-2024-28937	CVE-2024-28933	CVE-2024-26221
CVE-2024-29984	CVE-2024-29062	CVE-2024-26172	CVE-2024-26179
CVE-2024-26215	CVE-2024-20693	CVE-2024-29063	CVE-2024-26207
CVE-2024-28944	CVE-2024-26242	CVE-2024-26216	CVE-2024-26245
CVE-2024-29048	CVE-2024-26175	CVE-2024-26214	CVE-2024-21322
CVE-2024-28914	CVE-2024-26252	CVE-2024-26220	CVE-2024-28927
CVE-2024-28902	CVE-2024-26213	CVE-2024-26202	CVE-2024-28910
CVE-2024-29061	CVE-2024-28917	CVE-2024-20665	CVE-2024-29990
CVE-2024-20685	CVE-2024-28901

Riferimenti

https://msrc.microsoft.com/update-guide/releaseNote/2024-Apr

https://msrc.microsoft.com/update-guide (NB: filtro: patch tuesday – April 2024)

¹La presente stima è effettuata tenendo conto di diversi parametri, tra i quali: CVSS, disponibilità di patch/workaround e PoC, diffusione dei software/dispositivi interessati nella comunità di riferimento.

Il presente articolo è un prodotto originale di csirt.gov.it, riproposto qui a solo scopo di aumentarne la visibilità.

CSIRT Toscana

CSIRT Toscana