August Microsoft Patch Tuesday. 130 CVEs, of which 45 were added since July MSPT.
In the TOP suddenly is RCE – OpenSSH “regreSSHion” (CVE-2024-6387), which MS fixed in Azure.
6 vulnerabilities with signs of exploitation in the wild. It’s been a long time since we’ve seen so many. I will write about them in separate posts.
EoP – Windows Kernel (CVE-2024-38106), Windows Ancillary Function Driver for WinSock (CVE-2024-38193), Windows Power Dependency Coordinator (CVE-2024-38107)
Security Feature Bypass – Windows Mark of the Web (CVE-2024-38213)
RCE – Microsoft Project (CVE-2024-38189)
RCE – Scripting Engine (CVE-2024-38178)
Other:
AuthBypass – Windows Update Stack (CVE-2024-38202) – the vulnerability was recently presented at BlackHat
Interesting RCEs – Windows TCP/IP (CVE-2024-38063) and LPD (CVE-2024-38199)
A lot of EoPs in Windows components (~26)
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.