Microsoft releases 48 fixes for June 2024 Patch Tuesday, including a Threat with a CVSS Score of 9.8.
In Microsoft’s June 2024 Patch Tuesday update, they have deployed an arsenal of 48 fixes this month. Within this comprehensive bug list, 47 fixes of Important severity spanning Windows, Windows Components, Office, Azure, .NET Framework, Visual Studio, and PowerBI. This return to regular update cadence comes as a welcomed respite following the unprecedented bout of 147 a couple months ago.
Robert Brown, the Head of Customer Success at Syxsense, underscores the imperative of strategic prioritization in vulnerability management. He warns of the presence of threats carrying the Jump Point, urging a vigilant approach. With a combined CVSS score of 349.2 for June, and an average score of 7.3 which was higher than last month, the severity of the vulnerabilities demands thorough attention.
Drawing upon the metrics of Vendor Severity and CVSS Scores, we offer the following recommendations. Integrate the provided CVE numbers into your Patch Management solution, and upon completion of thorough testing, deployment should proceed as quickly as possible. Let us fortify our cyber defense with unwavering diligence and precision, together.
CVE-2024-30080 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel.
You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine.
Note: The vulnerability has a CVSS Score of 9.8 & Exploitation More Likely
Syxscore
- Vendor Severity: Critical
- CVSS: 9.8
- Weaponised: No
- Public Aware: No
- Countermeasure: Yes
Risk
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope / Jump Point: Unchanged / No
CVE-2024-30064 – Windows Kernel Elevation of Privilege Vulnerability
An attacker who successfully exploited this vulnerability could gain unauthorized access to system resources, potentially allowing them to perform actions with the same privileges as the compromised process.
This could lead to further system compromise and unauthorized actions within the network.
Note: The vulnerability has a Jump Point
Syxscore
- Vendor Severity: Important
- CVSS: 8.8
- Weaponised: No
- Public Aware: No
- Countermeasure: No
Risk
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope / Jump Point: Changed / Yes
CVE-2024-30078 – Windows Wi-Fi Driver Remote Code Execution Vulnerability
An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.
Note: The vulnerability impacts every Operating System
Syxscore
- Vendor Severity: Important
- CVSS: 8.8
- Weaponised: No
- Public Aware: No
- Countermeasure: No
Risk
- Attack Vector: Adjacent
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope / Jump Point: Unchanged / No
CVE-2024-30103 – Microsoft Outlook Remote Code Execution Vulnerability
An attacker who successfully exploited this vulnerability could bypass Outlook registry block lists and enable the creation of malicious DLL files.
Note: The Preview Pane is an Attack Vector
Syxscore
- Vendor Severity: Important
- CVSS: 8.8
- Weaponised: No
- Public Aware: No
- Countermeasure: No
Risk
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope / Jump Point: Unchanged / No
| Reference | Description | Additional Information | Vendor Severity | CVSS Severity | Weaponised | Publicly Disclosed | Countermeasure | Impact | Exploitability Assessment |
| CVE-2024-30080 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine. |
Remote Code Execution | Exploitation More Likely | |
| CVE-2024-30064 | Windows Kernel Elevation of Privilege Vulnerability | Scope = Changed, Jump Point = True An attacker who successfully exploited this vulnerability could gain unauthorized access to system resources, potentially allowing them to perform actions with the same privileges as the compromised process. This could lead to further system compromise and unauthorized actions within the network. |
Important | 8.8 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30068 | Windows Kernel Elevation of Privilege Vulnerability | Scope = Changed, Jump Point = True To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. |
Important | 8.8 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30078 | Windows Wi-Fi Driver Remote Code Execution Vulnerability | An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution. | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-30097 | Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30103 | Microsoft Outlook Remote Code Execution Vulnerability | The Preview Pane is an attack vector. | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-35249 | Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30074 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | Important | 8.0 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30075 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | Important | 8.0 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30077 | Windows OLE Remote Code Execution Vulnerability | Important | 8.0 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30062 | Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30072 | Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30082 | Win32k Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30085 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30086 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30087 | Win32k Elevation of Privilege Vulnerability | The attacker would gain the rights of the user that is running the affected application. | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30089 | Microsoft Streaming Service Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30091 | Win32k Elevation of Privilege Vulnerability | The attacker would gain the rights of the user that is running the affected application. | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30094 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30095 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30100 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30104 | Microsoft Office Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-35250 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30070 | DHCP Server Service Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | ||
| CVE-2024-30083 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | ||
| CVE-2024-30101 | Microsoft Office Remote Code Execution Vulnerability | The Preview Pane is an attack vector, but additional user interaction is required. | Important | 7.5 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-35252 | Azure Storage Movement Client Library Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | ||
| CVE-2024-30093 | Windows Storage Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.3 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30102 | Microsoft Office Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-35248 | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | The attacker would gain the rights of the user that is running the affected application. | Important | 7.3 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-35254 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.1 | No | No | Elevation of Privilege | Exploitation Less Likely | ||
| CVE-2024-30084 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.0 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30088 | Windows Kernel Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.0 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-30090 | Microsoft Streaming Service Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.0 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30099 | Windows Kernel Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 7.0 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-35265 | Windows Perception Service Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could create or delete files in the security context of the “NT AUTHORITY\ LOCAL SERVICE” account. | Important | 7.0 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30076 | Windows Container Manager Service Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Important | 6.8 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-29060 | Visual Studio Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain administrator privileges. | Important | 6.7 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30063 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | Important | 6.7 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-35263 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | Important | 5.7 | No | No | Information Disclosure | Exploitation Less Likely | ||
| CVE-2024-30065 | Windows Themes Denial of Service Vulnerability | Important | 5.5 | No | No | Denial of Service | Exploitation Less Likely | ||
| CVE-2024-30066 | Winlogon Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. | Important | 5.5 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30067 | WinLogon Elevation of Privilege Vulnerability | An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. | Important | 5.5 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-30096 | Windows Cryptographic Services Information Disclosure Vulnerability | Important | 5.5 | No | No | Information Disclosure | Exploitation Less Likely | ||
| CVE-2024-35255 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability | An attacker who successfully exploited the vulnerability could elevate privileges and read any file on the file system with SYSTEM access permissions. | Important | 5.5 | No | No | Elevation of Privilege | N/A | |
| CVE-2024-30052 | Visual Studio Remote Code Execution Vulnerability | Important | 4.7 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2024-30069 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. | Important | 4.7 | No | No | Information Disclosure | Exploitation Less Likely | |
| CVE-2024-35253 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Important | 4.4 | No | No | Elevation of Privilege | Exploitation Less Likely |
Do you need help keeping up patches? Syxsense’s automated patch management capabilities helps enterprises patch faster and more accurately. Schedule a consultation with us to learn how we can help you.
