Patch Tuesday September 2024

***If you are receiving this email, it is because you subscribed to it. If you have not subscribed and want to unsubscribe, click here. Please do not mark as spam instead. We've had some problems lately with email blacklisting. We'd appreciate if you unsubscribe if you don't want mailings from us.***

Welcome to my September Patch Tuesday newsletter. Microsoft released updates for 107 CVE's this month. Of these 107 patches, four are zero days:

CVE-2024-43491 is exploited but has not been publicly disclosed. Of the four zero days it is the only one rated "Critical". It is a remote code execution with a CVSS score of 9.8/8.5. This is very high so I suggest you get this tested and deployed ASAP. This vulnerability allows a user to roll back vulnerabilities that have been previously updated/patched.

CVE-2024-38217 is rated "Important" but it is the only one for the month that is not only exploited but also publicly disclosed. So you will want to get this updated ASAP as well.

Besides CVE-2024-43491 we have 8 other critcal rated updates for the month:

So, you will definitely want to get this month's updates tested and deployed as soon as you can. It looks like the bad guys have been busy so please update soon to remediate these recent vulnerabilities.

Besides these there is not much to talk about this month. It's a fairly light month with the usual being released. I recently had a webinar showing how my Supercharger product can help you collect the events you need from your domain controllers to detect malicious activity. Unfortunately, our webinar service provider had a few audio issues. We still managed to do the live event but if you missed it or were there and want to see a recording of it you can register for it here.

Happy patching!

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 Server 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations	Critical	CVE-2024-21416 CVE-2024-30073 CVE-2024-38014 CVE-2024-38045 CVE-2024-38046 CVE-2024-38119 CVE-2024-38217* CVE-2024-38230 CVE-2024-38231 CVE-2024-38232 CVE-2024-38233 CVE-2024-38234 CVE-2024-38235 CVE-2024-38236 CVE-2024-38237 CVE-2024-38238 CVE-2024-38239 CVE-2024-38240 CVE-2024-38241 CVE-2024-38242 CVE-2024-38243 CVE-2024-38244 CVE-2024-38245 CVE-2024-38246 CVE-2024-38247 CVE-2024-38248 CVE-2024-38249 CVE-2024-38250 CVE-2024-38252 CVE-2024-38253 CVE-2024-38254 CVE-2024-38256 CVE-2024-38257 CVE-2024-38258 CVE-2024-38259 CVE-2024-38260 CVE-2024-38263 CVE-2024-43454 CVE-2024-43455 CVE-2024-43457 CVE-2024-43458 CVE-2024-43461 CVE-2024-43467 CVE-2024-43475 CVE-2024-43487 CVE-2024-43491 CVE-2024-43495	Workaround: No *Exploited: Yes* Public: Yes*	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
Edge	Chromium-based For Android	Moderate	CVE-2024-38207 CVE-2024-38208 CVE-2024-38209 CVE-2024-38210 CVE-2024-41879 CVE-2024-43472 CVE-2024-7964 CVE-2024-7965 CVE-2024-7966 CVE-2024-7967 CVE-2024-7968 CVE-2024-7969 CVE-2024-7971 CVE-2024-7972 CVE-2024-7973 CVE-2024-7974 CVE-2024-7975 CVE-2024-7976 CVE-2024-7977 CVE-2024-7978 CVE-2024-7979 CVE-2024-7980 CVE-2024-7981 CVE-2024-8033 CVE-2024-8034 CVE-2024-8035	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution Spoofing
Office	365 Apps for Enterprise AutoUpdate for Mac Office 2019, LTSC 2021 LTSC for Mac 2021 Excel/Publisher/Visio 2016 Office for Android/Universal Online Server Outlook for iOS	Important	CVE-2024-38226 CVE-2024-38250 CVE-2024-43463 CVE-2024-43465 CVE-2024-43482 CVE-2024-43492	Workaround: No *Exploited: Yes* Public: No	Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass
SharePoint	Enterprise Server 2016 Server 2019 Server Subscription Edition	Critical	CVE-2024-38018 CVE-2024-38227 CVE-2024-38228 CVE-2024-43464 CVE-2024-43466	Workaround: No Exploited: No Public: No	Denial of Service Remote Code Execution
Dynamics 365 Business Central	365 Business Central 2023 Release Wave 1 365 Business Central 2023 Release Wave 2 365 Business Central 2024 Release Wave 1 365 (on-premises) version 9.1 Power Automate for Desktop	Important	CVE-2024-38225 CVE-2024-43476 CVE-2024-43479	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution Spoofing
SQL Server	2016 SP3 GDR 2016 SP3 Azure Connect Feature Pack 2017 CU31/GDR 2019 CU28/GDR 2022 CU14/GDR	Important	CVE-2024-26186 CVE-2024-26191 CVE-2024-37335 CVE-2024-37337 CVE-2024-37338 CVE-2024-37339 CVE-2024-37340 CVE-2024-37341 CVE-2024-37342 CVE-2024-37965 CVE-2024-37966 CVE-2024-37980 CVE-2024-43474	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution
Azure	CycleCloud 8.0.0 - 8.6.3 Managed Instance for Apache Cassandra Network Watcher VM Extension for Windows Stack Hub Web Apps Microsoft Entra ID	Critical	CVE-2024-38175 CVE-2024-38188 CVE-2024-38194 CVE-2024-38216 CVE-2024-38220 CVE-2024-43469 CVE-2024-43470 CVE-2024-43477	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution

Thanks as always for reading and best wishes on security,

Randy Franklin Smith

Click here to unsubscribe

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, All rights reserved. You may forward this email in its entirety but all other rights reserved.

9450 SW Gemini Drive #53822, Beaverton, OR 97008

Note: We do our best to provide quality information and expert commentary but use all information at your own risk.