Protect yourself against future threats.
===========================================================================
AUSCERT Security Bulletin
ASB-2024.0065
Microsoft Patch Tuesday update for Microsoft Windows for April 2024
10 April 2024
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows 10
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Operating System: Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2024-20665 CVE-2024-20669 CVE-2024-20678
CVE-2024-2201 CVE-2024-26158 CVE-2024-26168
CVE-2024-26171 CVE-2024-26175 CVE-2024-26179
CVE-2024-26180 CVE-2024-26183 CVE-2024-26189
CVE-2024-26194 CVE-2024-26195 CVE-2024-26200
CVE-2024-26202 CVE-2024-26205 CVE-2024-26207
CVE-2024-26208 CVE-2024-26209 CVE-2024-26210
CVE-2024-26211 CVE-2024-26212 CVE-2024-26214
CVE-2024-26215 CVE-2024-26216 CVE-2024-26217
CVE-2024-26226 CVE-2024-26228 CVE-2024-26229
CVE-2024-26230 CVE-2024-26232 CVE-2024-26234
CVE-2024-26239 CVE-2024-26240 CVE-2024-26241
CVE-2024-26242 CVE-2024-26244 CVE-2024-26248
CVE-2024-26250 CVE-2024-26252 CVE-2024-26253
CVE-2024-28896 CVE-2024-28897 CVE-2024-28898
CVE-2024-28900 CVE-2024-28901 CVE-2024-28902
CVE-2024-28903 CVE-2024-28919 CVE-2024-28921
CVE-2024-28922 CVE-2024-28923 CVE-2024-28924
CVE-2024-28925 CVE-2024-29050 CVE-2024-29056
CVE-2024-29061 CVE-2024-29062 CVE-2024-29066
CVE-2024-20693 CVE-2024-21447 CVE-2024-23593
CVE-2024-23594 CVE-2024-26172 CVE-2024-26213
CVE-2024-26218 CVE-2024-26219 CVE-2024-26220
CVE-2024-26221 CVE-2024-26222 CVE-2024-26223
CVE-2024-26224 CVE-2024-26227 CVE-2024-26231
CVE-2024-26233 CVE-2024-26235 CVE-2024-26236
CVE-2024-26237 CVE-2024-26243 CVE-2024-26245
CVE-2024-26254 CVE-2024-26255 CVE-2024-26256
CVE-2024-28904 CVE-2024-28905 CVE-2024-28907
CVE-2024-28920 CVE-2024-29052 CVE-2024-29064
CVE-2024-29988
Comment: CVSS (Max): 8.8 CVE-2024-20678 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
CVSS Source: Microsoft
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
OVERVIEW
Microsoft has released its monthly security patch update for the
month of April 2024.
This update resolves 91 vulnerabilities across the following
product(s): [1]
Windows 10
Windows 11
Windows 11 version 21H2
Windows Server 2016
Windows Server 2019
Windows Server 2022
Windows Server 2022, 23H2 Edition
IMPACT
Microsoft has given the following details regarding these
vulnerabilities.
Details Impact Severity
CVE-2024-20665 Security Feature Bypass Important
CVE-2024-20669 Security Feature Bypass Important
CVE-2024-20678 Remote Code Execution Important
CVE-2024-20693 Elevation of Privilege Important
CVE-2024-21447 Elevation of Privilege Important
CVE-2024-2201 Information Disclosure Important
CVE-2024-23593 Security Feature Bypass Important
CVE-2024-23594 Security Feature Bypass Important
CVE-2024-26158 Elevation of Privilege Important
CVE-2024-26168 Security Feature Bypass Important
CVE-2024-26171 Security Feature Bypass Important
CVE-2024-26172 Information Disclosure Important
CVE-2024-26175 Security Feature Bypass Important
CVE-2024-26179 Remote Code Execution Important
CVE-2024-26180 Security Feature Bypass Important
CVE-2024-26183 Denial of Service Important
CVE-2024-26189 Security Feature Bypass Important
CVE-2024-26194 Security Feature Bypass Important
CVE-2024-26195 Remote Code Execution Important
CVE-2024-26200 Remote Code Execution Important
CVE-2024-26202 Remote Code Execution Important
CVE-2024-26205 Remote Code Execution Important
CVE-2024-26207 Information Disclosure Important
CVE-2024-26208 Remote Code Execution Important
CVE-2024-26209 Information Disclosure Important
CVE-2024-26210 Remote Code Execution Important
CVE-2024-26211 Elevation of Privilege Important
CVE-2024-26212 Denial of Service Important
CVE-2024-26213 Elevation of Privilege Important
CVE-2024-26214 Remote Code Execution Important
CVE-2024-26215 Denial of Service Important
CVE-2024-26216 Elevation of Privilege Important
CVE-2024-26217 Information Disclosure Important
CVE-2024-26218 Elevation of Privilege Important
CVE-2024-26219 Denial of Service Important
CVE-2024-26220 Information Disclosure Important
CVE-2024-26221 Remote Code Execution Important
CVE-2024-26222 Remote Code Execution Important
CVE-2024-26223 Remote Code Execution Important
CVE-2024-26224 Remote Code Execution Important
CVE-2024-26226 Information Disclosure Important
CVE-2024-26227 Remote Code Execution Important
CVE-2024-26228 Security Feature Bypass Important
CVE-2024-26229 Elevation of Privilege Important
CVE-2024-26230 Elevation of Privilege Important
CVE-2024-26231 Remote Code Execution Important
CVE-2024-26232 Remote Code Execution Important
CVE-2024-26233 Remote Code Execution Important
CVE-2024-26234 Spoofing Important
CVE-2024-26235 Elevation of Privilege Important
CVE-2024-26236 Elevation of Privilege Important
CVE-2024-26237 Elevation of Privilege Important
CVE-2024-26239 Elevation of Privilege Important
CVE-2024-26240 Security Feature Bypass Important
CVE-2024-26241 Elevation of Privilege Important
CVE-2024-26242 Elevation of Privilege Important
CVE-2024-26243 Elevation of Privilege Important
CVE-2024-26244 Remote Code Execution Important
CVE-2024-26245 Elevation of Privilege Important
CVE-2024-26248 Elevation of Privilege Important
CVE-2024-26250 Security Feature Bypass Important
CVE-2024-26252 Remote Code Execution Important
CVE-2024-26253 Remote Code Execution Important
CVE-2024-26254 Denial of Service Important
CVE-2024-26255 Information Disclosure Important
CVE-2024-26256 Remote Code Execution Important
CVE-2024-28896 Security Feature Bypass Important
CVE-2024-28897 Security Feature Bypass Important
CVE-2024-28898 Security Feature Bypass Important
CVE-2024-28900 Information Disclosure Important
CVE-2024-28901 Information Disclosure Important
CVE-2024-28902 Information Disclosure Important
CVE-2024-28903 Security Feature Bypass Important
CVE-2024-28904 Elevation of Privilege Important
CVE-2024-28905 Elevation of Privilege Important
CVE-2024-28907 Elevation of Privilege Important
CVE-2024-28919 Security Feature Bypass Important
CVE-2024-28920 Security Feature Bypass Important
CVE-2024-28921 Security Feature Bypass Important
CVE-2024-28922 Security Feature Bypass Important
CVE-2024-28923 Security Feature Bypass Important
CVE-2024-28924 Security Feature Bypass Important
CVE-2024-28925 Security Feature Bypass Important
CVE-2024-29050 Remote Code Execution Important
CVE-2024-29052 Elevation of Privilege Important
CVE-2024-29056 Elevation of Privilege Important
CVE-2024-29061 Security Feature Bypass Important
CVE-2024-29062 Security Feature Bypass Important
CVE-2024-29064 Denial of Service Important
CVE-2024-29066 Remote Code Execution Important
CVE-2024-29988 Security Feature Bypass Important
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Catalogue for the following
Knowledge Base articles. [1].
KB5036892, KB5036893, KB5036894, KB5036896, KB5036899
KB5036909, KB5036910, KB5036925
REFERENCES
[1] Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================