Abstract image of a woman sitting on books and studying on a laptop

Patch Tuesday de Febrero

Ivanti, profile picture
Ivanti

The February 2024 Patch Tuesday report highlights Microsoft's resolution of 73 new CVEs, including two zero-day vulnerabilities, with recommendations for deploying updates for Windows OS and investigating concerns in Windows Appx Installer and Exchange Server. Notable vulnerabilities include CVE-2024-21351, which affects Windows Smartscreen, and CVE-2023-40547, a critical flaw in the Linux shim bootloader with a CVSS score of 9.8. The document also outlines various security updates for other software, including Adobe Acrobat and Microsoft Office, and lists known issues impacting Windows 10 and related environments.

Technology
1 of 42
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
Presentado por Carlos Frances y Patricia Cobo Patch Tuesday Webinar Jueves 15 Febrero 2024
Copyright © 2024 Ivanti. All rights reserved. 2 Agenda § February 2024 Patch Tuesday Overview § In the News § Bulletins and Releases § Between Patch Tuesdays § Q & A
Copyright © 2024 Ivanti. All rights reserved. 3 February 2024 Patch Tuesday is feeling like a return to normalcy. Microsoft has resolved 73 new CVEs, two of which are confirmed Zero-day vulnerabilities. Most of the risk this month can be wiped off your systems by deploying the Windows OS updates, but there are additional concerns to investigate in Windows AppX Installer and Exchange Server. For more details check out this month's Patch Tuesday blog. February Patch Tuesday 2024
Copyright © 2024 Ivanti. All rights reserved. 4 In the News
Copyright © 2024 Ivanti. All rights reserved. 5 In the News § Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs § Fat Patch Tuesday, February 2024 Edition § Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days § Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC § Hong Kong Video Deepfake Scam Nets $25M § Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities § Linux Kernel Becomes Its Own CNA
Copyright © 2024 Ivanti. All rights reserved. 6 § CVE-2024-21351 Windows Smartscreen Security Feature Bypass Vulnerability § CVSS 3.1 Scores: 7.6 / 6.6 § Severity: Moderate § Impact: All Windows 10 operating systems and newer § Per Microsoft – The vulnerability allows a malicious actor to inject code into SmartScreen and potentially gain code execution, which could potentially lead to some data exposure, lack of system availability, or both. An attacker must send the user a malicious file and convince the user to open it. Known Exploited Vulnerabilities
Copyright © 2024 Ivanti. All rights reserved. 7 § CVE-2024-21412 Internet Shortcut Files Security Bypass Vulnerability § CVSS 3.1 Scores: 8.1 / 7.1 § Severity: Important § Impact: All Windows 10 operating systems and newer § Per Microsoft – An unauthenticated attacker could send the targeted user a specially crafted file that is designed to bypass displayed security checks. However, the attacker would have no way to force a user to view the attacker-controlled content. Instead, the attacker would have to convince them to take action by clicking on the file link. Known Exploited Vulnerabilities
Copyright © 2024 Ivanti. All rights reserved. 8 CVE-2023-40547 § CVSS 3: 9.8 (8.3 Red Hat) § Flaw in Shim (a small open-source bootloader maintained by Red Hat) § Enables an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. Exploitation: Only exploitable during early boot phase. An attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. Five other vulnerabilities affecting Shim were discovered this week: CVE-2023-40551 CVE-2023-40550 CVE-2023-40549 CVE-2023-40548 CVE-2023-40546 New and Notable Linux Vulnerabilities: 1 Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 9 CVE-2023-6780 § CVSS 3: 9.8 § glibc vulnerability that affects most distributions out there. § It is possible to abuse a buffer to trigger undefined behavior which can then further be exploited to gain elevated privileges in a local system. Mitigation This function is called by the syslog and vsyslog functions. The problem happens when these functions are called with a very long message, causing an incorrect calculation of the buffer size to store the message, resulting in the undefined behavior. How to Mitigate: Upgrade glibc to version 2.39 or higher New and Notable Linux Vulnerabilities: 2 Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 10 CVE-2024-1086 § CVSS 3: 7.8 § Use-after-free that can lead to crashes or undefined behavior § Found in the Netfilter subsystem in the Linux kernel (concerning the firewall and packet filtering) The nf_tables component can be exploited to achieve local privilege escalation. § This bug happens in the "TO" module (one way to perform packet redirection with netfilter), which was found to contain a code-path with a use-after-free bug. Additional Context: Netfilter enables various networking-related operations to be implemented in the form of customized handlers, providing functions and operations for packet filtering, network address translation, and port translation, which provide the functionality required for directing packets through a network and prohibiting packets from reaching sensitive locations within a network. Mitigation Either prevent the affected Netfilter (“to(nf_tables)”) kernel module from being loaded or disable user namespaces. New and Notable Linux Vulnerabilities: 3 Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 11 Microsoft Patch Tuesday Updates of Interest Advisory 990001 Latest Servicing Stack Updates (SSU) § https://msrc.microsoft.com/update- guide/en-US/vulnerability/ADV990001 § ESU OS and Windows 10 (see graphic) Azure and Development Tool Updates § .NET 6, 7, & 8 § ASP.NET 6, 7, & 8 § Azure Active Directory B2C § Azure File Sync v14.0 - v17.0 § Azure Kubernetes Service Confidential Containers § Azure Site Recovery § Microsoft Entra Jira Single-Sign-On Plugin § Visual Studio 2022 v17.4 – v17.8 Source: Microsoft
Copyright © 2024 Ivanti. All rights reserved. 12 Windows 10 and 11 Lifecycle Awareness Windows 10 Enterprise and Education Version Release Date End of Support Date 22H2 10/18/2022 10/14/2025 21H2 11/16/2021 6/11/2024 Windows 10 Home and Pro Version Release Date End of Support Date 22H2 10/18/2022 10/14/2025 Windows 11 Home and Pro Version Release Date End of Support Date 23H2 10/31/2023 11/11/2025 22H2 9/20/2022 10/8/2024 Windows 11 Enterprise and Education Version Release Date End of Support Date 23H2 10/31/2023 11/10/2026 22H2 9/20/2022 10/14/2025 21H2 10/4/2021 10/8/2024 Source: Microsoft https://docs.microsoft.com/en-us/lifecycle/faq/windows
Copyright © 2024 Ivanti. All rights reserved. 13 Server Long-term Servicing Channel Support Server LTSC Support Version Editions Release Date Mainstream Support Ends Extended Support Ends Windows Server 2022 Datacenter and Standard 08/18/2021 10/13/2026 10/14/2031 Windows Server 2019 (Version 1809) Datacenter, Essentials, and Standard 11/13/2018 01/09/2024 01/09/2029 Windows Server 2016 (Version 1607) Datacenter, Essentials, and Standard 10/15/2016 01/11/2022 01/11/2027 https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info § Focused on server long-term stability § Major version releases every 2-3 years § 5 years mainstream and 5 years extended support § Server core or server with desktop experience available Source: Microsoft
Copyright © 2024 Ivanti. All rights reserved. 14 Patch Content Announcements Announcements Posted on Community Forum Pages § https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2 § Subscribe to receive email for the desired product(s) Content Info: Endpoint Security Content Info: Endpoint Manager Content Info: macOS Updates Content Info: Linux Updates Content Info: Patch for Configuration Manager Content Info: ISEC and Neurons Patch Content Info: Neurons Patch for InTune
Copyright © 2024 Ivanti. All rights reserved. 15 Bulletins and Releases
Copyright © 2024 Ivanti. All rights reserved. APSB24-07: Security Update for Adobe Acrobat and Reader § Maximum Severity: Critical § Affected Products: Adobe Acrobat and Reader (DC Continuous and Classic 2020) § Description: Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses 13 vulnerabilities; 5 are critical. See https://helpx.adobe.com/security/products/acrobat/apsb24-07.html for more details. § Impact: Remote Code Execution, Denial of Service, Information Disclosure § Fixes 13 Vulnerabilities: See bulleting link for details. § Restart Required: Requires application restart 1
Copyright © 2024 Ivanti. All rights reserved. 17 MS24-02-W11: Windows 11 Update § Maximum Severity: Critical § Affected Products: Microsoft Windows 11 Version 21H2, 22H2, 23H2 and Edge Chromium § Description: This bulletin references KB 5034766 (21H2) and KB 5034765 (22H2/23H2). § Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege, and Information Disclosure § Fixes 41 Vulnerabilities: CVE-2024-21351 and CVE-2024-21412 are known exploited. See the Security Update Guide for the complete list of CVEs. § Restart Required: Requires restart § Known Issues: None reported 1
Copyright © 2024 Ivanti. All rights reserved. 18 MS24-02-W10: Windows 10 Update § Maximum Severity: Critical § Affected Products: Microsoft Windows 10 Versions 1607, 1809, 21H2, 22H2, Server 2016, Server 2019, Server 2022, Server 2022 Datacenter: Azure Edition and Edge Chromium § Description: This bulletin references 6 KB articles. See KBs for the list of changes. § Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege, and Information Disclosure § Fixes 44 Vulnerabilities: CVE-2024-21351 and CVE-2024-21412 are known exploited. See the Security Update Guide for the complete list of CVEs. § Restart Required: Requires restart § Known Issues: See next slide 1
Copyright © 2024 Ivanti. All rights reserved. 19 February Known Issues for Windows 10 § KB 5034763 – Windows 10 Enterprise and Education, version 21H2 Windows 10 IoT Enterprise, version 21H2 Windows 10 Enterprise Multi-Session, version 21H2 Windows 10, version 22H2, all editions § [Copilot Not Supported] Copilot in Windows (in preview) is not currently supported when your taskbar is located vertically on the right or left of your screen. Workaround: To access Copilot in Windows, make sure your taskbar is positioned horizontally on the top or bottom of your screen. § [Icon Display] Windows devices using more than one (1) monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview). § Microsoft is working on a resolution for both issues.
Copyright © 2024 Ivanti. All rights reserved. 20 February Known Issues for Windows 10 (cont) § KB 5034770 – Windows Server 2022 § [Image File Execution] After you install KB5034129 (Jan), chromium-based internet browsers, such as Microsoft Edge, might not open correctly. Browsers affected by this issue might display a white screen and become unresponsive when you open them. Devices that have browser specific Image File Execution Options (IFEO) might be affected by this issue. When an entry for Microsoft Edge (msedge.exe) or other chromium-based browsers is found in the Windows registry, the issue might occur. A registry entry can be created by developer tools or when certain debugging and diagnostic settings are in place for browsers.Microsoft is working on a resolution for both issues. § Workaround: See KB for registry editing options. Microsoft is working on a resolution and will provide an update shortly.
Copyright © 2024 Ivanti. All rights reserved. 21 MS24-02-EXCH: Security Updates for Exchange Server § Maximum Severity: Critical § Affected Products: Microsoft Exchange Server 2016 CU23 and Exchange Server 2019 CU13 & CU14 § Description: This bulletin references KB 5035606. This cumulative update addresses 18 reported issues listed in the KB and now enables Extended Protection by default. See the KB article and the Exchange Server blog for details. § Impact: Elevation of Privilege § Fixes 1 Vulnerability: CVE-2024-21410 is not publicly disclosed or known exploited. § Restart Required: Requires restart § Known Issues: When Setup.exe is used to run /PrepareAD, /PrepareSchema or /PrepareDomain, the installer reports that Extended Protection was configured by the installer, and it displays the following error message: Exchange Setup has enabled Extended Protection on all the virtual directories on this machine. 1
Copyright © 2024 Ivanti. All rights reserved. 22 § Maximum Severity: Critical § Affected Products: Microsoft 365 Apps, Office 2019 and Office LTSC 2021 § Description: This month’s update resolved various bugs and performance issues in Office applications. Information on the security updates is available at https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates. § Impact: Remote Code Execution, Elevation of Privilege § Fixes 6 Vulnerabilities: CVE-2024-20673, CVE-2024-21378, CVE-2024-21379, CVE-2024- 21384, CVE-2024-21402, and CVE-2024-21413 are not known to be exploited or publicly disclosed § Restart Required: Requires application restart § Known Issues: None reported MS24-02-O365: Security Updates Microsoft 365 Apps, Office 2019 and Office LTSC 2021 1
Copyright © 2024 Ivanti. All rights reserved. 23 § Maximum Severity: Critical § Affected Products: Excel 2016, Office 2016, Outlook 2016, Powerpoint 2016, Publisher 2016, Teams for Android, Visio 2016, Word 2016, and Skype for Business 2016 § Description: This security update resolves multiple security issues in Microsoft Office suite. This bulletin references 12 KB articles and Release Notes for Android. § Impact: Remote Code Execution, Information Disclosure § Fixes 6 Vulnerabilities: CVE-2024-20673, CVE-2024-20695, CVE-2024-21374, CVE-2024- 21378, CVE-2024-21379, and CVE-2024-21413 are not known to be exploited or publicly disclosed. § Restart Required: Requires application restart § Known Issues: None reported MS24-02-OFF: Security Updates for Microsoft Office 1
Copyright © 2024 Ivanti. All rights reserved. 24 Between Patch Tuesdays
Copyright © 2024 Ivanti. All rights reserved. 25 Windows Release Summary § Security Updates (with CVEs): Azul Zulu (4), Corretto (4), Google Chrome (4), Firefox (1), Firefox ESR (1), Foxit PDF Editor (1), Foxit PDF Reader Consumer (1), Java 8 (1), Java Development Kit 11 (1), Java Development Kit 17 (1), Java Development Kit 21 (1), Pulse Secure VPN (1), Thunderbird (1) § Security Updates (w/o CVEs): Adobe Acrobat DC and Acrobat Reader DC (1), CCleaner (1), Cisco Webex Meetings Desktop App (1), ClickShare App Machine-Wide Installer (1), Falcon Sensor for Windows (1), Citrix Workspace App (1), Docker For Windows (1), Dropbox (2), Eclipse Adoptium (4), Evernote (6), Firefox (1), FileZilla (1), GoodSync (2), Google Earth Pro (1), Grammarly for Windows (4), Jabra Direct (1), Node.JS (Current) (1), Notepad++ (1), Opera (4), VirtualBox (2), Python (2), RedHat OpenJDK (4), Skype (4), Slack Machine-Wide Installer (2), Splunk Universal Forwarder (3), Tableau Desktop (5), Tableau Prep Builder (1), Tableau Reader (1), TeamViewer (1), VMware Horizon Client (1), Zoom Client (1), Zoom Client (3), Zoom VDI (3) § Non-Security Updates: 8x8 Work Desktop (1), Amazon WorkSpaces (1), Box Drive (1), Bitwarden (1), Camtasia (2), Cisco WebEx Teams (1), Google Drive File Stream (1), GeoGebra Classic (1), GoTo Connect (1), KeePass Pro (1), KeePass Classic (1), NextCloud Desktop Client (1), PDF-Xchange PRO (1), Password Safe (1), RingCentral App (Machine-Wide Installer) (1), Rocket.Chat Desktop Client (1), WeCom (1), WinMerge (1)
Copyright © 2024 Ivanti. All rights reserved. 26 Windows Third Party CVE Information § Azul Zulu 21.32.17 (21.0.2) Note: FX version of JDK also supported § ZULU21-240122, QZULUJDK213217 § Fixes 8 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE- 2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952 § Azul Zulu 17.48.15 (17.0.10) Note: FX version of JDK also supported § ZULU17-240122, QZULUJDK174815 and QZULUJRE174815 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE- 2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20932, CVE-2024- 20945, CVE-2024-20952 § Azul Zulu 11.70.15 (11.0.22) Note: FX version of JDK also supported § ZULU11-240122, QZULUJDK117015 and QZULUJRE117015 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE- 2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024- 20945, CVE-2024-20952
Copyright © 2024 Ivanti. All rights reserved. 27 Windows Third Party CVE Information (cont) § Azul Zulu 8.76.0.17 (8u402) Note: FX version of JDK also supported § ZULU8-240124, QZULUJDK876017 and QZULUJRE876017 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Java Development Kit 21 Update 21.0.2 § JDK17-240116, QJDK2102 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952 § Java Development Kit 17 Update 17.0.10 § JDK17-240116, QJDK17010 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
Copyright © 2024 Ivanti. All rights reserved. 28 Windows Third Party CVE Information (cont) § Java Development Kit 11 Update 11.0.22 § JDK11-240116, QJDK11022 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Java 8 Update 401 – JRE and JDK § JAVA8-240116, QJDK8U401 and QJRE8U401 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Corretto 21.0.2.13.1 § CRTO21-240116, QCRTOJDK2102 § Fixes 5 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-20952
Copyright © 2024 Ivanti. All rights reserved. 29 Windows Third Party CVE Information (cont) § Corretto 17.0.10.7.1 § CRTO17-240116, QCRTOJDK17010 § Fixes 5 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-20952 § Corretto 11.0.22.7.1 § CRTO11-240116, QCRTOJDK11022 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Corretto 8.402.06.1 – JRE and JDK § CRTO8-240116, QCRTOJRE8402 § CRTO8-240116, QCRTOJDK8402 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
Copyright © 2024 Ivanti. All rights reserved. 30 Windows Third Party CVE Information § Google Chrome 120.0.6099.225 § CHROME-240116, QGC12006099225 § Fixes 3 Vulnerabilities: CVE-2024-0517, CVE-2024-0518, CVE-2024-0519 § Google Chrome 121.0.6167.86 § CHROME-240123, QGC1210616786 § Fixes 11 Vulnerabilities: CVE-2024-0804, CVE-2024-0805, CVE-2024-0806, CVE-2024-0807, CVE-2024-0808, CVE-2024-0809, CVE-2024-0810, CVE-2024-0811, CVE-2024-0812, CVE-2024- 0813, CVE-2024-0814 § Google Chrome 121.0.6167.140 § CHROME-240130, QGC12106167140 § Fixes 3 Vulnerabilities: CVE-2024-1059, CVE-2024-1060, CVE-2024-1077 § Google Chrome 121.0.6167.161 § CHROME-240206, QGC12106167161 § Fixes 2 Vulnerabilities: CVE-2024-1283, CVE-2024-1284
Copyright © 2024 Ivanti. All rights reserved. 31 Windows Third Party CVE Information (cont) § Firefox 122.0 § FF-240123, QFF1220 § Fixes 15 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0746, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024- 0750, CVE-2024-0751, CVE-2024-0752, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755 § Firefox ESR 115.7.0 § FFE-240123, QFFE11570 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755 § Thunderbird 115.7.0 § TB-240123, QTB11570 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755
Copyright © 2024 Ivanti. All rights reserved. 32 Windows Third Party CVE Information (cont) § Foxit PDF Editor 12.1.4 § FPDFE-240130, QFPDFE1214MSP § Fixes 29 Vulnerabilities: CVE-2023-32616, CVE-2023-35985, CVE-2023-38573, CVE-2023-39542, CVE-2023-40194, CVE-2023-41257, CVE-2023-42089, CVE-2023-42090, CVE-2023-42091, CVE-2023-42092, CVE-2023-42093, CVE-2023-42094, CVE-2023-42095, CVE-2023-42096, CVE-2023-42097, CVE-2023-42098, CVE-2023-51549, CVE-2023-51550, CVE-2023-51551, CVE-2023-51552, CVE-2023-51553, CVE-2023-51554, CVE-2023-51555, CVE-2023-51556, CVE-2023-51557, CVE-2023-51558, CVE-2023-51559, CVE-2023-51560, CVE-2023-51562 § Foxit PDF Reader Consumer 12.1.4.15400 § FPDFRC-240122, QFPDFRC12141540 § Fixes 29 Vulnerabilities: See Previous § Pulse Secure VPN Desktop Client 22.7.1.28369 § PSVPN-240202, QPSVPN22711 § Fixes 2 Vulnerabilities: CVE-2023-46805, CVE-2024-21887
Copyright © 2024 Ivanti. All rights reserved. 33 Apple Release Summary § Security Updates (with CVEs): Apple macOS Monterey (1), Apple macOS Ventura (1), Apple macOS Sonoma (1), Google Chrome (3), Docker Desktop (1), Evernote (1), Microsoft Office 2019 Excel (1), Firefox (1), Firefox ESR (1), Microsoft Edge (3), Microsoft Office 2019 OneNote (1), Microsoft Office 2019 Outlook (1), Microsoft Office 2019 PowerPoint (1), Safari for Monterey (1), Thunderbird (1), Microsoft Office 2019 Word (1) § Security Updates (w/o CVEs): Brave (1), SeaMonkey (1) § Non-Security Updates: Adobe Acrobat DC and Acrobat Reader DC (1), Apple macOS Sonoma (1), Brave (3), Docker Desktop for Mac (1), draw.io (2), Dropbox (2), Evernote (4), Firefox (1), Google Drive (1), Grammarly (7), Hazel (1), IntelliJ IDEA (1), LibreOffice (1), Microsoft AutoUpdate (1), Microsoft Edge (2), OneDrive for Mac (2), Microsoft Office 2019 Outlook (2), PyCharm Professional for Mac (2), PowerShell (1), Python (2), Slack (1), Spotify (2), Microsoft Teams (Mac) (2), Visual Studio Code (3), Zoom Client for Mac (1)
Copyright © 2024 Ivanti. All rights reserved. 34 Apple Updates with CVE Information § macOS Monterey 12.7.3 § HT214057 § Fixes 9 Vulnerabilities: CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE- 2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23207, CVE-2024- 23212, CVE-2024-23222 § macOS Ventura 13.6.4 § HT214058 § Fixes 13 Vulnerabilities: CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE- 2023-40528, CVE-2023-42887, CVE-2023-42888, CVE-2023-42915, CVE-2023- 42935, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222, CVE-2024-23224 § Safari 17.3 for Ventura and Monterey § HT214056 § Fixes 4 Vulnerabilities: CVE-2024-23206, CVE-2024-23211, CVE-2024-23213, CVE- 2024-23222
Copyright © 2024 Ivanti. All rights reserved. 35 Apple Updates with CVE Information (cont) § macOS Sonoma 14.3 § HT214061 § Fixes 17 Vulnerabilities: CVE-2024-23203, CVE-2024-23204, CVE-2024-23206, CVE- 2024-23207, CVE-2024-23208, CVE-2024-23209, CVE-2024-23210, CVE-2024- 23211, CVE-2024-23212, CVE-2024-23213, CVE-2024-23214, CVE-2024-23215, CVE-2024-23217, CVE-2024-23218, CVE-2024-23222, CVE-2024-23223, CVE-2024- 23224
Copyright © 2024 Ivanti. All rights reserved. 36 Apple Third Party CVE Information § Google Chrome 120.0.6099.234 § CHROMEMAC-240116 § Fixes 3 Vulnerabilities: CVE-2024-0517, CVE-2024-0518, CVE-2024-0519 § Google Chrome 121.0.6167.139 § CHROMEMAC-240130 § Fixes 3 Vulnerabilities: CVE-2024-1059, CVE-2024-1060, CVE-2024-1077 § Google Chrome 121.0.6167.160 § CHROMEMAC-240206 § Fixes 2 Vulnerabilities: CVE-2024-1283, CVE-2024-1284
Copyright © 2024 Ivanti. All rights reserved. 37 Apple Third Party CVE Information (cont) § Docker Desktop 4.27.2 § DOCKERMAC-240208 § Fixes 4 Vulnerabilities: CVE-2020-8911, CVE-2020-8912, CVE-2024-21626, CVE-2024- 24557 § Evernote 10.74.1 § ENOT-240131 § Fixes 1 Vulnerability: CVE-2023-50643 § Microsoft Office 2019 Excel 16.81 § EXCEL19-240116 § Fixes 1 Vulnerability: CVE-2024-20677 § Microsoft Office 2019 OneNote 16.81 § ONENOTE19-240116 § Fixes 1 Vulnerability: CVE-2024-20677
Copyright © 2024 Ivanti. All rights reserved. 38 Apple Third Party CVE Information (cont) § Microsoft Office 2019 Outlook 16.81 § OUTLOOK19-240116 § Fixes 1 Vulnerability: CVE-2024-20677 § Microsoft Office 2019 Powerpoint 16.81 § POWERPOINT19-240116 § Fixes 1 Vulnerability: CVE-2024-20677 § Microsoft Office 2019 Word 16.81 § WORD19-240116 § Fixes 1 Vulnerability: CVE-2024-20677
Copyright © 2024 Ivanti. All rights reserved. 39 Apple Third Party CVE Information (cont) § Microsoft Edge 120.0.2210.144 § MEDGEMAC-240117 § Fixes 1 Vulnerability: CVE-2024-0519 § Microsoft Edge 121.0.2277.83 § MEDGEMAC-240126 § Fixes 7 Vulnerabilities: CVE-2024-21326, CVE-2024-21336, CVE-2024-21382, CVE-2024- 21383, CVE-2024-21385, CVE-2024-21387, CVE-2024-21388 § Microsoft Edge 121.0.2277.98 § MEDGEMAC-240201 § Fixes 1 Vulnerability: CVE-2024-21399
Copyright © 2024 Ivanti. All rights reserved. 40 Apple Third Party CVE Information (cont) § Firefox 122.0 § FF-240123 § Fixes 15 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0746, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024- 0750, CVE-2024-0751, CVE-2024-0752, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755 § Firefox ESR 115.7.0 § FFE-240123 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755 § Thunderbird 115.7.0 § TB-240123 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755
Copyright © 2024 Ivanti. All rights reserved. 41 Q & A
Copyright © 2024 Ivanti. All rights reserved. Copyright © 2024 Ivanti. All rights reserved. 42 Thank You!

More Related Content

PDF
2024 Français Patch Tuesday - Février
Ivanti
 
PDF
Patch Tuesday Italia Febbraio
Ivanti
 
PDF
2024 May Patch Tuesday
Ivanti
 
PDF
Patch Tuesday de Mayo
Ivanti
 
PDF
Patch Tuesday de Abril
Ivanti
 
PDF
Patch Tuesday Italia Aprile
Ivanti
 
PDF
Français Patch Tuesday - Avril
Ivanti
 
PDF
Français Patch Tuesday - Mai
Ivanti
 
2024 Français Patch Tuesday - Février
Ivanti
 
Patch Tuesday Italia Febbraio
Ivanti
 
2024 May Patch Tuesday
Ivanti
 
Patch Tuesday de Mayo
Ivanti
 
Patch Tuesday de Abril
Ivanti
 
Patch Tuesday Italia Aprile
Ivanti
 
Français Patch Tuesday - Avril
Ivanti
 
Français Patch Tuesday - Mai
Ivanti
 

Similar to Patch Tuesday de Febrero (20)

PDF
Patch Tuesday Italia Maggio
Ivanti
 
PDF
2024 April Patch Tuesday
Ivanti
 
PDF
Patch Tuesday de julio
Ivanti
 
PDF
July Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - juillet
Ivanti
 
PDF
2023 Ivanti December Patch Tuesday
Ivanti
 
PDF
Patch Tuesday Italia Luglio
Ivanti
 
PDF
Patch Tuesday de Diciembre
Ivanti
 
PDF
Patch Tuesday de Septiembre
Ivanti
 
PDF
2023 Patch Tuesday Italia Dicembre
Ivanti
 
PDF
September Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday – Janvier
Ivanti
 
PDF
Français Patch Tuesday – Décembre
Ivanti
 
PDF
2024 January Patch Tuesday
Ivanti
 
PDF
Patch Tuesday Italia Settembre
Ivanti
 
PDF
Français Patch Tuesday - Septembre
Ivanti
 
PDF
Patch Tuesday de Enero
Ivanti
 
PDF
December Patch Tuesday
Ivanti
 
PPTX
2024 Janvier Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - Décembre
Ivanti
 
Patch Tuesday Italia Maggio
Ivanti
 
2024 April Patch Tuesday
Ivanti
 
Patch Tuesday de julio
Ivanti
 
July Patch Tuesday
Ivanti
 
Français Patch Tuesday - juillet
Ivanti
 
2023 Ivanti December Patch Tuesday
Ivanti
 
Patch Tuesday Italia Luglio
Ivanti
 
Patch Tuesday de Diciembre
Ivanti
 
Patch Tuesday de Septiembre
Ivanti
 
2023 Patch Tuesday Italia Dicembre
Ivanti
 
September Patch Tuesday
Ivanti
 
Français Patch Tuesday – Janvier
Ivanti
 
Français Patch Tuesday – Décembre
Ivanti
 
2024 January Patch Tuesday
Ivanti
 
Patch Tuesday Italia Settembre
Ivanti
 
Français Patch Tuesday - Septembre
Ivanti
 
Patch Tuesday de Enero
Ivanti
 
December Patch Tuesday
Ivanti
 
2024 Janvier Patch Tuesday
Ivanti
 
Français Patch Tuesday - Décembre
Ivanti
 
Ad

More from Ivanti (20)

PDF
August Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - Juillet
Ivanti
 
PDF
July Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - Juin
Ivanti
 
PDF
June Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - Mai
Ivanti
 
PDF
May Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - Avril
Ivanti
 
PDF
April Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - Mars
Ivanti
 
PDF
March Patch Tuesday
Ivanti
 
PDF
Français Patch Tuesday - Février
Ivanti
 
PDF
February Patch Tuesday
Ivanti
 
PDF
Patch Tuesday de Diciembre
Ivanti
 
PDF
Patch Tuesday Italia Dicembre
Ivanti
 
PDF
Patch Tuesday de Noviembre
Ivanti
 
PDF
Français Patch Tuesday - Novembre
Ivanti
 
PDF
Patch Tuesday Italia Novembre
Ivanti
 
PDF
November Patch Tuesday
Ivanti
 
PPTX
2024 Ivanti October Patch Tuesday Webinar
Ivanti
 
August Patch Tuesday
Ivanti
 
Français Patch Tuesday - Juillet
Ivanti
 
July Patch Tuesday
Ivanti
 
Français Patch Tuesday - Juin
Ivanti
 
June Patch Tuesday
Ivanti
 
Français Patch Tuesday - Mai
Ivanti
 
May Patch Tuesday
Ivanti
 
Français Patch Tuesday - Avril
Ivanti
 
April Patch Tuesday
Ivanti
 
Français Patch Tuesday - Mars
Ivanti
 
March Patch Tuesday
Ivanti
 
Français Patch Tuesday - Février
Ivanti
 
February Patch Tuesday
Ivanti
 
Patch Tuesday de Diciembre
Ivanti
 
Patch Tuesday Italia Dicembre
Ivanti
 
Patch Tuesday de Noviembre
Ivanti
 
Français Patch Tuesday - Novembre
Ivanti
 
Patch Tuesday Italia Novembre
Ivanti
 
November Patch Tuesday
Ivanti
 
2024 Ivanti October Patch Tuesday Webinar
Ivanti
 
Ad

Recently uploaded (20)

PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
PDF
Two-dimensional Klein-Gordon and Sine-Gordon numerical solutions based on dee...
IAESIJAI
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
PPT
Galois Field Theory of Risk: A Perspective, Protocol, and Mathematical Backgr...
Melanie Swan
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PDF
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PPTX
Configure Apache Mutual Authentication
Antonino Piraino
 
PDF
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PPT
Geologic Time for studying geology for geologist
ssuser738f5a
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
PDF
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
Two-dimensional Klein-Gordon and Sine-Gordon numerical solutions based on dee...
IAESIJAI
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
Galois Field Theory of Risk: A Perspective, Protocol, and Mathematical Backgr...
Melanie Swan
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
Configure Apache Mutual Authentication
Antonino Piraino
 
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
What is a Computer? Input Devices /output devices
GulJan8
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Geologic Time for studying geology for geologist
ssuser738f5a
 
The various Industrial Revolutions .pptx
bandileshozi3
 
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 

Patch Tuesday de Febrero

  • 1. Presentado por Carlos Frances y Patricia Cobo Patch Tuesday Webinar Jueves 15 Febrero 2024
  • 2. Copyright © 2024 Ivanti. All rights reserved. 2 Agenda § February 2024 Patch Tuesday Overview § In the News § Bulletins and Releases § Between Patch Tuesdays § Q & A
  • 3. Copyright © 2024 Ivanti. All rights reserved. 3 February 2024 Patch Tuesday is feeling like a return to normalcy. Microsoft has resolved 73 new CVEs, two of which are confirmed Zero-day vulnerabilities. Most of the risk this month can be wiped off your systems by deploying the Windows OS updates, but there are additional concerns to investigate in Windows AppX Installer and Exchange Server. For more details check out this month's Patch Tuesday blog. February Patch Tuesday 2024
  • 4. Copyright © 2024 Ivanti. All rights reserved. 4 In the News
  • 5. Copyright © 2024 Ivanti. All rights reserved. 5 In the News § Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs § Fat Patch Tuesday, February 2024 Edition § Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days § Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC § Hong Kong Video Deepfake Scam Nets $25M § Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities § Linux Kernel Becomes Its Own CNA
  • 6. Copyright © 2024 Ivanti. All rights reserved. 6 § CVE-2024-21351 Windows Smartscreen Security Feature Bypass Vulnerability § CVSS 3.1 Scores: 7.6 / 6.6 § Severity: Moderate § Impact: All Windows 10 operating systems and newer § Per Microsoft – The vulnerability allows a malicious actor to inject code into SmartScreen and potentially gain code execution, which could potentially lead to some data exposure, lack of system availability, or both. An attacker must send the user a malicious file and convince the user to open it. Known Exploited Vulnerabilities
  • 7. Copyright © 2024 Ivanti. All rights reserved. 7 § CVE-2024-21412 Internet Shortcut Files Security Bypass Vulnerability § CVSS 3.1 Scores: 8.1 / 7.1 § Severity: Important § Impact: All Windows 10 operating systems and newer § Per Microsoft – An unauthenticated attacker could send the targeted user a specially crafted file that is designed to bypass displayed security checks. However, the attacker would have no way to force a user to view the attacker-controlled content. Instead, the attacker would have to convince them to take action by clicking on the file link. Known Exploited Vulnerabilities
  • 8. Copyright © 2024 Ivanti. All rights reserved. 8 CVE-2023-40547 § CVSS 3: 9.8 (8.3 Red Hat) § Flaw in Shim (a small open-source bootloader maintained by Red Hat) § Enables an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. Exploitation: Only exploitable during early boot phase. An attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. Five other vulnerabilities affecting Shim were discovered this week: CVE-2023-40551 CVE-2023-40550 CVE-2023-40549 CVE-2023-40548 CVE-2023-40546 New and Notable Linux Vulnerabilities: 1 Highlighted by TuxCare
  • 9. Copyright © 2024 Ivanti. All rights reserved. 9 CVE-2023-6780 § CVSS 3: 9.8 § glibc vulnerability that affects most distributions out there. § It is possible to abuse a buffer to trigger undefined behavior which can then further be exploited to gain elevated privileges in a local system. Mitigation This function is called by the syslog and vsyslog functions. The problem happens when these functions are called with a very long message, causing an incorrect calculation of the buffer size to store the message, resulting in the undefined behavior. How to Mitigate: Upgrade glibc to version 2.39 or higher New and Notable Linux Vulnerabilities: 2 Highlighted by TuxCare
  • 10. Copyright © 2024 Ivanti. All rights reserved. 10 CVE-2024-1086 § CVSS 3: 7.8 § Use-after-free that can lead to crashes or undefined behavior § Found in the Netfilter subsystem in the Linux kernel (concerning the firewall and packet filtering) The nf_tables component can be exploited to achieve local privilege escalation. § This bug happens in the "TO" module (one way to perform packet redirection with netfilter), which was found to contain a code-path with a use-after-free bug. Additional Context: Netfilter enables various networking-related operations to be implemented in the form of customized handlers, providing functions and operations for packet filtering, network address translation, and port translation, which provide the functionality required for directing packets through a network and prohibiting packets from reaching sensitive locations within a network. Mitigation Either prevent the affected Netfilter (“to(nf_tables)”) kernel module from being loaded or disable user namespaces. New and Notable Linux Vulnerabilities: 3 Highlighted by TuxCare
  • 11. Copyright © 2024 Ivanti. All rights reserved. 11 Microsoft Patch Tuesday Updates of Interest Advisory 990001 Latest Servicing Stack Updates (SSU) § https://msrc.microsoft.com/update- guide/en-US/vulnerability/ADV990001 § ESU OS and Windows 10 (see graphic) Azure and Development Tool Updates § .NET 6, 7, & 8 § ASP.NET 6, 7, & 8 § Azure Active Directory B2C § Azure File Sync v14.0 - v17.0 § Azure Kubernetes Service Confidential Containers § Azure Site Recovery § Microsoft Entra Jira Single-Sign-On Plugin § Visual Studio 2022 v17.4 – v17.8 Source: Microsoft
  • 12. Copyright © 2024 Ivanti. All rights reserved. 12 Windows 10 and 11 Lifecycle Awareness Windows 10 Enterprise and Education Version Release Date End of Support Date 22H2 10/18/2022 10/14/2025 21H2 11/16/2021 6/11/2024 Windows 10 Home and Pro Version Release Date End of Support Date 22H2 10/18/2022 10/14/2025 Windows 11 Home and Pro Version Release Date End of Support Date 23H2 10/31/2023 11/11/2025 22H2 9/20/2022 10/8/2024 Windows 11 Enterprise and Education Version Release Date End of Support Date 23H2 10/31/2023 11/10/2026 22H2 9/20/2022 10/14/2025 21H2 10/4/2021 10/8/2024 Source: Microsoft https://docs.microsoft.com/en-us/lifecycle/faq/windows
  • 13. Copyright © 2024 Ivanti. All rights reserved. 13 Server Long-term Servicing Channel Support Server LTSC Support Version Editions Release Date Mainstream Support Ends Extended Support Ends Windows Server 2022 Datacenter and Standard 08/18/2021 10/13/2026 10/14/2031 Windows Server 2019 (Version 1809) Datacenter, Essentials, and Standard 11/13/2018 01/09/2024 01/09/2029 Windows Server 2016 (Version 1607) Datacenter, Essentials, and Standard 10/15/2016 01/11/2022 01/11/2027 https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info § Focused on server long-term stability § Major version releases every 2-3 years § 5 years mainstream and 5 years extended support § Server core or server with desktop experience available Source: Microsoft
  • 14. Copyright © 2024 Ivanti. All rights reserved. 14 Patch Content Announcements Announcements Posted on Community Forum Pages § https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2 § Subscribe to receive email for the desired product(s) Content Info: Endpoint Security Content Info: Endpoint Manager Content Info: macOS Updates Content Info: Linux Updates Content Info: Patch for Configuration Manager Content Info: ISEC and Neurons Patch Content Info: Neurons Patch for InTune
  • 15. Copyright © 2024 Ivanti. All rights reserved. 15 Bulletins and Releases
  • 16. Copyright © 2024 Ivanti. All rights reserved. APSB24-07: Security Update for Adobe Acrobat and Reader § Maximum Severity: Critical § Affected Products: Adobe Acrobat and Reader (DC Continuous and Classic 2020) § Description: Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses 13 vulnerabilities; 5 are critical. See https://helpx.adobe.com/security/products/acrobat/apsb24-07.html for more details. § Impact: Remote Code Execution, Denial of Service, Information Disclosure § Fixes 13 Vulnerabilities: See bulleting link for details. § Restart Required: Requires application restart 1
  • 17. Copyright © 2024 Ivanti. All rights reserved. 17 MS24-02-W11: Windows 11 Update § Maximum Severity: Critical § Affected Products: Microsoft Windows 11 Version 21H2, 22H2, 23H2 and Edge Chromium § Description: This bulletin references KB 5034766 (21H2) and KB 5034765 (22H2/23H2). § Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege, and Information Disclosure § Fixes 41 Vulnerabilities: CVE-2024-21351 and CVE-2024-21412 are known exploited. See the Security Update Guide for the complete list of CVEs. § Restart Required: Requires restart § Known Issues: None reported 1
  • 18. Copyright © 2024 Ivanti. All rights reserved. 18 MS24-02-W10: Windows 10 Update § Maximum Severity: Critical § Affected Products: Microsoft Windows 10 Versions 1607, 1809, 21H2, 22H2, Server 2016, Server 2019, Server 2022, Server 2022 Datacenter: Azure Edition and Edge Chromium § Description: This bulletin references 6 KB articles. See KBs for the list of changes. § Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege, and Information Disclosure § Fixes 44 Vulnerabilities: CVE-2024-21351 and CVE-2024-21412 are known exploited. See the Security Update Guide for the complete list of CVEs. § Restart Required: Requires restart § Known Issues: See next slide 1
  • 19. Copyright © 2024 Ivanti. All rights reserved. 19 February Known Issues for Windows 10 § KB 5034763 – Windows 10 Enterprise and Education, version 21H2 Windows 10 IoT Enterprise, version 21H2 Windows 10 Enterprise Multi-Session, version 21H2 Windows 10, version 22H2, all editions § [Copilot Not Supported] Copilot in Windows (in preview) is not currently supported when your taskbar is located vertically on the right or left of your screen. Workaround: To access Copilot in Windows, make sure your taskbar is positioned horizontally on the top or bottom of your screen. § [Icon Display] Windows devices using more than one (1) monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview). § Microsoft is working on a resolution for both issues.
  • 20. Copyright © 2024 Ivanti. All rights reserved. 20 February Known Issues for Windows 10 (cont) § KB 5034770 – Windows Server 2022 § [Image File Execution] After you install KB5034129 (Jan), chromium-based internet browsers, such as Microsoft Edge, might not open correctly. Browsers affected by this issue might display a white screen and become unresponsive when you open them. Devices that have browser specific Image File Execution Options (IFEO) might be affected by this issue. When an entry for Microsoft Edge (msedge.exe) or other chromium-based browsers is found in the Windows registry, the issue might occur. A registry entry can be created by developer tools or when certain debugging and diagnostic settings are in place for browsers.Microsoft is working on a resolution for both issues. § Workaround: See KB for registry editing options. Microsoft is working on a resolution and will provide an update shortly.
  • 21. Copyright © 2024 Ivanti. All rights reserved. 21 MS24-02-EXCH: Security Updates for Exchange Server § Maximum Severity: Critical § Affected Products: Microsoft Exchange Server 2016 CU23 and Exchange Server 2019 CU13 & CU14 § Description: This bulletin references KB 5035606. This cumulative update addresses 18 reported issues listed in the KB and now enables Extended Protection by default. See the KB article and the Exchange Server blog for details. § Impact: Elevation of Privilege § Fixes 1 Vulnerability: CVE-2024-21410 is not publicly disclosed or known exploited. § Restart Required: Requires restart § Known Issues: When Setup.exe is used to run /PrepareAD, /PrepareSchema or /PrepareDomain, the installer reports that Extended Protection was configured by the installer, and it displays the following error message: Exchange Setup has enabled Extended Protection on all the virtual directories on this machine. 1
  • 22. Copyright © 2024 Ivanti. All rights reserved. 22 § Maximum Severity: Critical § Affected Products: Microsoft 365 Apps, Office 2019 and Office LTSC 2021 § Description: This month’s update resolved various bugs and performance issues in Office applications. Information on the security updates is available at https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates. § Impact: Remote Code Execution, Elevation of Privilege § Fixes 6 Vulnerabilities: CVE-2024-20673, CVE-2024-21378, CVE-2024-21379, CVE-2024- 21384, CVE-2024-21402, and CVE-2024-21413 are not known to be exploited or publicly disclosed § Restart Required: Requires application restart § Known Issues: None reported MS24-02-O365: Security Updates Microsoft 365 Apps, Office 2019 and Office LTSC 2021 1
  • 23. Copyright © 2024 Ivanti. All rights reserved. 23 § Maximum Severity: Critical § Affected Products: Excel 2016, Office 2016, Outlook 2016, Powerpoint 2016, Publisher 2016, Teams for Android, Visio 2016, Word 2016, and Skype for Business 2016 § Description: This security update resolves multiple security issues in Microsoft Office suite. This bulletin references 12 KB articles and Release Notes for Android. § Impact: Remote Code Execution, Information Disclosure § Fixes 6 Vulnerabilities: CVE-2024-20673, CVE-2024-20695, CVE-2024-21374, CVE-2024- 21378, CVE-2024-21379, and CVE-2024-21413 are not known to be exploited or publicly disclosed. § Restart Required: Requires application restart § Known Issues: None reported MS24-02-OFF: Security Updates for Microsoft Office 1
  • 24. Copyright © 2024 Ivanti. All rights reserved. 24 Between Patch Tuesdays
  • 25. Copyright © 2024 Ivanti. All rights reserved. 25 Windows Release Summary § Security Updates (with CVEs): Azul Zulu (4), Corretto (4), Google Chrome (4), Firefox (1), Firefox ESR (1), Foxit PDF Editor (1), Foxit PDF Reader Consumer (1), Java 8 (1), Java Development Kit 11 (1), Java Development Kit 17 (1), Java Development Kit 21 (1), Pulse Secure VPN (1), Thunderbird (1) § Security Updates (w/o CVEs): Adobe Acrobat DC and Acrobat Reader DC (1), CCleaner (1), Cisco Webex Meetings Desktop App (1), ClickShare App Machine-Wide Installer (1), Falcon Sensor for Windows (1), Citrix Workspace App (1), Docker For Windows (1), Dropbox (2), Eclipse Adoptium (4), Evernote (6), Firefox (1), FileZilla (1), GoodSync (2), Google Earth Pro (1), Grammarly for Windows (4), Jabra Direct (1), Node.JS (Current) (1), Notepad++ (1), Opera (4), VirtualBox (2), Python (2), RedHat OpenJDK (4), Skype (4), Slack Machine-Wide Installer (2), Splunk Universal Forwarder (3), Tableau Desktop (5), Tableau Prep Builder (1), Tableau Reader (1), TeamViewer (1), VMware Horizon Client (1), Zoom Client (1), Zoom Client (3), Zoom VDI (3) § Non-Security Updates: 8x8 Work Desktop (1), Amazon WorkSpaces (1), Box Drive (1), Bitwarden (1), Camtasia (2), Cisco WebEx Teams (1), Google Drive File Stream (1), GeoGebra Classic (1), GoTo Connect (1), KeePass Pro (1), KeePass Classic (1), NextCloud Desktop Client (1), PDF-Xchange PRO (1), Password Safe (1), RingCentral App (Machine-Wide Installer) (1), Rocket.Chat Desktop Client (1), WeCom (1), WinMerge (1)
  • 26. Copyright © 2024 Ivanti. All rights reserved. 26 Windows Third Party CVE Information § Azul Zulu 21.32.17 (21.0.2) Note: FX version of JDK also supported § ZULU21-240122, QZULUJDK213217 § Fixes 8 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE- 2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952 § Azul Zulu 17.48.15 (17.0.10) Note: FX version of JDK also supported § ZULU17-240122, QZULUJDK174815 and QZULUJRE174815 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE- 2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20932, CVE-2024- 20945, CVE-2024-20952 § Azul Zulu 11.70.15 (11.0.22) Note: FX version of JDK also supported § ZULU11-240122, QZULUJDK117015 and QZULUJRE117015 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE- 2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024- 20945, CVE-2024-20952
  • 27. Copyright © 2024 Ivanti. All rights reserved. 27 Windows Third Party CVE Information (cont) § Azul Zulu 8.76.0.17 (8u402) Note: FX version of JDK also supported § ZULU8-240124, QZULUJDK876017 and QZULUJRE876017 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Java Development Kit 21 Update 21.0.2 § JDK17-240116, QJDK2102 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952 § Java Development Kit 17 Update 17.0.10 § JDK17-240116, QJDK17010 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
  • 28. Copyright © 2024 Ivanti. All rights reserved. 28 Windows Third Party CVE Information (cont) § Java Development Kit 11 Update 11.0.22 § JDK11-240116, QJDK11022 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Java 8 Update 401 – JRE and JDK § JAVA8-240116, QJDK8U401 and QJRE8U401 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Corretto 21.0.2.13.1 § CRTO21-240116, QCRTOJDK2102 § Fixes 5 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-20952
  • 29. Copyright © 2024 Ivanti. All rights reserved. 29 Windows Third Party CVE Information (cont) § Corretto 17.0.10.7.1 § CRTO17-240116, QCRTOJDK17010 § Fixes 5 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-20952 § Corretto 11.0.22.7.1 § CRTO11-240116, QCRTOJDK11022 § Fixes 6 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 § Corretto 8.402.06.1 – JRE and JDK § CRTO8-240116, QCRTOJRE8402 § CRTO8-240116, QCRTOJDK8402 § Fixes 9 Vulnerabilities: CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
  • 30. Copyright © 2024 Ivanti. All rights reserved. 30 Windows Third Party CVE Information § Google Chrome 120.0.6099.225 § CHROME-240116, QGC12006099225 § Fixes 3 Vulnerabilities: CVE-2024-0517, CVE-2024-0518, CVE-2024-0519 § Google Chrome 121.0.6167.86 § CHROME-240123, QGC1210616786 § Fixes 11 Vulnerabilities: CVE-2024-0804, CVE-2024-0805, CVE-2024-0806, CVE-2024-0807, CVE-2024-0808, CVE-2024-0809, CVE-2024-0810, CVE-2024-0811, CVE-2024-0812, CVE-2024- 0813, CVE-2024-0814 § Google Chrome 121.0.6167.140 § CHROME-240130, QGC12106167140 § Fixes 3 Vulnerabilities: CVE-2024-1059, CVE-2024-1060, CVE-2024-1077 § Google Chrome 121.0.6167.161 § CHROME-240206, QGC12106167161 § Fixes 2 Vulnerabilities: CVE-2024-1283, CVE-2024-1284
  • 31. Copyright © 2024 Ivanti. All rights reserved. 31 Windows Third Party CVE Information (cont) § Firefox 122.0 § FF-240123, QFF1220 § Fixes 15 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0746, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024- 0750, CVE-2024-0751, CVE-2024-0752, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755 § Firefox ESR 115.7.0 § FFE-240123, QFFE11570 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755 § Thunderbird 115.7.0 § TB-240123, QTB11570 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755
  • 32. Copyright © 2024 Ivanti. All rights reserved. 32 Windows Third Party CVE Information (cont) § Foxit PDF Editor 12.1.4 § FPDFE-240130, QFPDFE1214MSP § Fixes 29 Vulnerabilities: CVE-2023-32616, CVE-2023-35985, CVE-2023-38573, CVE-2023-39542, CVE-2023-40194, CVE-2023-41257, CVE-2023-42089, CVE-2023-42090, CVE-2023-42091, CVE-2023-42092, CVE-2023-42093, CVE-2023-42094, CVE-2023-42095, CVE-2023-42096, CVE-2023-42097, CVE-2023-42098, CVE-2023-51549, CVE-2023-51550, CVE-2023-51551, CVE-2023-51552, CVE-2023-51553, CVE-2023-51554, CVE-2023-51555, CVE-2023-51556, CVE-2023-51557, CVE-2023-51558, CVE-2023-51559, CVE-2023-51560, CVE-2023-51562 § Foxit PDF Reader Consumer 12.1.4.15400 § FPDFRC-240122, QFPDFRC12141540 § Fixes 29 Vulnerabilities: See Previous § Pulse Secure VPN Desktop Client 22.7.1.28369 § PSVPN-240202, QPSVPN22711 § Fixes 2 Vulnerabilities: CVE-2023-46805, CVE-2024-21887
  • 33. Copyright © 2024 Ivanti. All rights reserved. 33 Apple Release Summary § Security Updates (with CVEs): Apple macOS Monterey (1), Apple macOS Ventura (1), Apple macOS Sonoma (1), Google Chrome (3), Docker Desktop (1), Evernote (1), Microsoft Office 2019 Excel (1), Firefox (1), Firefox ESR (1), Microsoft Edge (3), Microsoft Office 2019 OneNote (1), Microsoft Office 2019 Outlook (1), Microsoft Office 2019 PowerPoint (1), Safari for Monterey (1), Thunderbird (1), Microsoft Office 2019 Word (1) § Security Updates (w/o CVEs): Brave (1), SeaMonkey (1) § Non-Security Updates: Adobe Acrobat DC and Acrobat Reader DC (1), Apple macOS Sonoma (1), Brave (3), Docker Desktop for Mac (1), draw.io (2), Dropbox (2), Evernote (4), Firefox (1), Google Drive (1), Grammarly (7), Hazel (1), IntelliJ IDEA (1), LibreOffice (1), Microsoft AutoUpdate (1), Microsoft Edge (2), OneDrive for Mac (2), Microsoft Office 2019 Outlook (2), PyCharm Professional for Mac (2), PowerShell (1), Python (2), Slack (1), Spotify (2), Microsoft Teams (Mac) (2), Visual Studio Code (3), Zoom Client for Mac (1)
  • 34. Copyright © 2024 Ivanti. All rights reserved. 34 Apple Updates with CVE Information § macOS Monterey 12.7.3 § HT214057 § Fixes 9 Vulnerabilities: CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE- 2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23207, CVE-2024- 23212, CVE-2024-23222 § macOS Ventura 13.6.4 § HT214058 § Fixes 13 Vulnerabilities: CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE- 2023-40528, CVE-2023-42887, CVE-2023-42888, CVE-2023-42915, CVE-2023- 42935, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222, CVE-2024-23224 § Safari 17.3 for Ventura and Monterey § HT214056 § Fixes 4 Vulnerabilities: CVE-2024-23206, CVE-2024-23211, CVE-2024-23213, CVE- 2024-23222
  • 35. Copyright © 2024 Ivanti. All rights reserved. 35 Apple Updates with CVE Information (cont) § macOS Sonoma 14.3 § HT214061 § Fixes 17 Vulnerabilities: CVE-2024-23203, CVE-2024-23204, CVE-2024-23206, CVE- 2024-23207, CVE-2024-23208, CVE-2024-23209, CVE-2024-23210, CVE-2024- 23211, CVE-2024-23212, CVE-2024-23213, CVE-2024-23214, CVE-2024-23215, CVE-2024-23217, CVE-2024-23218, CVE-2024-23222, CVE-2024-23223, CVE-2024- 23224
  • 36. Copyright © 2024 Ivanti. All rights reserved. 36 Apple Third Party CVE Information § Google Chrome 120.0.6099.234 § CHROMEMAC-240116 § Fixes 3 Vulnerabilities: CVE-2024-0517, CVE-2024-0518, CVE-2024-0519 § Google Chrome 121.0.6167.139 § CHROMEMAC-240130 § Fixes 3 Vulnerabilities: CVE-2024-1059, CVE-2024-1060, CVE-2024-1077 § Google Chrome 121.0.6167.160 § CHROMEMAC-240206 § Fixes 2 Vulnerabilities: CVE-2024-1283, CVE-2024-1284
  • 37. Copyright © 2024 Ivanti. All rights reserved. 37 Apple Third Party CVE Information (cont) § Docker Desktop 4.27.2 § DOCKERMAC-240208 § Fixes 4 Vulnerabilities: CVE-2020-8911, CVE-2020-8912, CVE-2024-21626, CVE-2024- 24557 § Evernote 10.74.1 § ENOT-240131 § Fixes 1 Vulnerability: CVE-2023-50643 § Microsoft Office 2019 Excel 16.81 § EXCEL19-240116 § Fixes 1 Vulnerability: CVE-2024-20677 § Microsoft Office 2019 OneNote 16.81 § ONENOTE19-240116 § Fixes 1 Vulnerability: CVE-2024-20677
  • 38. Copyright © 2024 Ivanti. All rights reserved. 38 Apple Third Party CVE Information (cont) § Microsoft Office 2019 Outlook 16.81 § OUTLOOK19-240116 § Fixes 1 Vulnerability: CVE-2024-20677 § Microsoft Office 2019 Powerpoint 16.81 § POWERPOINT19-240116 § Fixes 1 Vulnerability: CVE-2024-20677 § Microsoft Office 2019 Word 16.81 § WORD19-240116 § Fixes 1 Vulnerability: CVE-2024-20677
  • 39. Copyright © 2024 Ivanti. All rights reserved. 39 Apple Third Party CVE Information (cont) § Microsoft Edge 120.0.2210.144 § MEDGEMAC-240117 § Fixes 1 Vulnerability: CVE-2024-0519 § Microsoft Edge 121.0.2277.83 § MEDGEMAC-240126 § Fixes 7 Vulnerabilities: CVE-2024-21326, CVE-2024-21336, CVE-2024-21382, CVE-2024- 21383, CVE-2024-21385, CVE-2024-21387, CVE-2024-21388 § Microsoft Edge 121.0.2277.98 § MEDGEMAC-240201 § Fixes 1 Vulnerability: CVE-2024-21399
  • 40. Copyright © 2024 Ivanti. All rights reserved. 40 Apple Third Party CVE Information (cont) § Firefox 122.0 § FF-240123 § Fixes 15 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0746, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024- 0750, CVE-2024-0751, CVE-2024-0752, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755 § Firefox ESR 115.7.0 § FFE-240123 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755 § Thunderbird 115.7.0 § TB-240123 § Fixes 9 Vulnerabilities: CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE- 2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755
  • 41. Copyright © 2024 Ivanti. All rights reserved. 41 Q & A
  • 42. Copyright © 2024 Ivanti. All rights reserved. Copyright © 2024 Ivanti. All rights reserved. 42 Thank You!