Patch Tuesday de Junio
GoIvanti
82 views
35 slides
Jun 13, 2024
Slide 1 of 35
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
About This Presentation
El análisis del Patch Tuesday de Ivanti va más allá de la aplicación de parches a sus aplicaciones y le ofrece la inteligencia y orientación necesarias para priorizar dónde debes enfocarte. Consulta los últimos análisis en nuestro blog Ivanti y únete a los expertos del sector en el webinar ...
Slide Content
Presentado por Jose Miguel Marcos Lorenzo y Carlos Frances
Patch Tuesday Webinar
Jueves 13 Junio 2024
Patch Tuesday Webinar
Jueves 13 Junio 2024
Copyright © 2024 Ivanti. All rights reserved. 2
Agenda
§June 2024 Patch Tuesday Overview
§In the News
§Bulletins and Releases
§Between Patch Tuesdays
§Q & A
Agenda
§June 2024 Patch Tuesday Overview
§In the News
§Bulletins and Releases
§Between Patch Tuesdays
§Q & A
Copyright © 2024 Ivanti. All rights reserved. 3
Microsoft is taking it easy on us this month. There are
51 CVEs resolved in the June Patch Tuesday update.
We have new releases of Chrome, Edge and Firefox
this Patch Tuesday so update all browsers. While
Adobe did update 167 CVEs across 10 products, they
were all listed as Priority 3 and Adobe Reader was not
in the lineup. Priorities this month are going to be the
browsers and the Windows OS.
For more details check out thismonth's Patch Tuesday
blog.
June Patch Tuesday 2024
Microsoft is taking it easy on us this month. There are
51 CVEs resolved in the June Patch Tuesday update.
We have new releases of Chrome, Edge and Firefox
this Patch Tuesday so update all browsers. While
Adobe did update 167 CVEs across 10 products, they
were all listed as Priority 3 and Adobe Reader was not
in the lineup. Priorities this month are going to be the
browsers and the Windows OS.
For more details check out thismonth's Patch Tuesday
blog.
June Patch Tuesday 2024
Copyright © 2024 Ivanti. All rights reserved. 4
In the News
In the News
Copyright © 2024 Ivanti. All rights reserved. 5
In the News
§Windows 11 24H2 is in early preview
§https://blogs.windows.com/windows-insider/2024/05/22/releasing-windows-11-version-24h2-to-the-release-
preview-channel/
§They must have had a major problem because they pulled the preview
§Recall -https://learn.microsoft.com/en-us/windows/client-management/manage-recall
§Windows 10 21H2 Education and Enterprise editions reached end-of-life this Patch Tuesday
§https://learn.microsoft.com/en-us/lifecycle/announcements/windows-10-21h2-end-of-updates-
enterprise-education
§NVIDIA and Arm Urge Customers to Patch Bugs
§Researchers at the University of Illinois have developed AI Agents that can Autonomously Hack Websites
and Find Zero-Day Vulnerabilities
§TikTok confirms CNN, other high-profile accounts hijacked via zero-day vulnerability
In the News
§Windows 11 24H2 is in early preview
§https://blogs.windows.com/windows-insider/2024/05/22/releasing-windows-11-version-24h2-to-the-release-
preview-channel/
§They must have had a major problem because they pulled the preview
§Recall -https://learn.microsoft.com/en-us/windows/client-management/manage-recall
§Windows 10 21H2 Education and Enterprise editions reached end-of-life this Patch Tuesday
§https://learn.microsoft.com/en-us/lifecycle/announcements/windows-10-21h2-end-of-updates-
enterprise-education
§NVIDIA and Arm Urge Customers to Patch Bugs
§Researchers at the University of Illinois have developed AI Agents that can Autonomously Hack Websites
and Find Zero-Day Vulnerabilities
§TikTok confirms CNN, other high-profile accounts hijacked via zero-day vulnerability
Copyright © 2024 Ivanti. All rights reserved. 6
§CVE-2023-50868 NSEC3 Closest Encloser Proof can Exhaust CPU
§CVSS 3.1 Scores: 7.5 / 6.5
§Severity: Important
§Impact: Denial of Service
§Affected Systems: Server 2012/2012 R2, Server 2016, Server 2019, and Server 2022
§Per Mitre – The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276
guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-
1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The
RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash
function in certain situations.
Publicly Disclosed Vulnerability
§CVE-2023-50868 NSEC3 Closest Encloser Proof can Exhaust CPU
§CVSS 3.1 Scores: 7.5 / 6.5
§Severity: Important
§Impact: Denial of Service
§Affected Systems: Server 2012/2012 R2, Server 2016, Server 2019, and Server 2022
§Per Mitre – The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276
guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-
1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The
RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash
function in certain situations.
Publicly Disclosed Vulnerability
Copyright © 2024 Ivanti. All rights reserved. 7
CVE-2024-32002
§CVSS 3: 9.0
§Flaw in specific git (a revision control system)
versions allows a maliciously configured repository
to trigger code execution during a clone operation.
§Repositories w/ submodules can be crafted to
exploit a bug in Git whereby it can be fooled into
writing files not into the submodule's worktree but
into a `.git/` directory.
§A user cloning the code from such a repository
would trigger a hook without any ability to inspect
the code that would execute.
Mitigation
To avoid the problem: disable symlink support for git
with "git config --global core.symlinks false" but
doing so may affect normal git operations.
Updating past affected versions is recommended.
Also, never clone untrusted repositories.
New and Notable Linux Vulnerabilities: 1
Highlighted by TuxCare
CVE-2024-32002
§CVSS 3: 9.0
§Flaw in specific git (a revision control system)
versions allows a maliciously configured repository
to trigger code execution during a clone operation.
§Repositories w/ submodules can be crafted to
exploit a bug in Git whereby it can be fooled into
writing files not into the submodule's worktree but
into a `.git/` directory.
§A user cloning the code from such a repository
would trigger a hook without any ability to inspect
the code that would execute.
Mitigation
To avoid the problem: disable symlink support for git
with "git config --global core.symlinks false" but
doing so may affect normal git operations.
Updating past affected versions is recommended.
Also, never clone untrusted repositories.
New and Notable Linux Vulnerabilities: 1
Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 8
CVE-2024-0646
§CVSS 3: 7.8
§It was discovered that the TLS subsystem
(Transport Layer Security) in the Linux kernel did
not properly handle spliced messages.
§This can lead to an out-of-bounds write
vulnerability. A local attacker could use this to
cause a denial of service (system crash) or
possibly execute arbitrary code.
Background
First published in 1999, TLS is a widely adopted
security protocol designed to facilitate privacy and
data security for communications over the Internet.
A primary use case of TLS is encrypting the
communication between web applications and
servers, such as web browsers loading a website.
Mitigation
Updating the kernel is highly recommended.
New and Notable Linux Vulnerabilities: 2
Highlighted by TuxCare
CVE-2024-0646
§CVSS 3: 7.8
§It was discovered that the TLS subsystem
(Transport Layer Security) in the Linux kernel did
not properly handle spliced messages.
§This can lead to an out-of-bounds write
vulnerability. A local attacker could use this to
cause a denial of service (system crash) or
possibly execute arbitrary code.
Background
First published in 1999, TLS is a widely adopted
security protocol designed to facilitate privacy and
data security for communications over the Internet.
A primary use case of TLS is encrypting the
communication between web applications and
servers, such as web browsers loading a website.
Mitigation
Updating the kernel is highly recommended.
New and Notable Linux Vulnerabilities: 2
Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 9
CVE-2024-1086
§CVSS 3: 7.8
§Flaw in Netfilter subsystem of the Linux kernel
that enables local privilege escalation. Can lead
to a double-free vulnerability in the code,
triggering a user-controlled crash.
§Double free is a memory management flaw that
occurs when a program releases the same
memory block twice using the free() or delete
function.
Impact
Affects Kernel versions 3.15 to 6.8-rc1, and distros
like RHEL, Debian, Ubuntu, and derivatives.
Mitigation
Upgrade your Linux kernel as soon as possible.
We covered this flaw in April, but it’s freshly
significant again because it has been added to
CISA’s known exploited vulnerabilities (malicious
actors are looking for it in your systems).
New and Notable Linux Vulnerabilities: 3
Highlighted by TuxCare
CVE-2024-1086
§CVSS 3: 7.8
§Flaw in Netfilter subsystem of the Linux kernel
that enables local privilege escalation. Can lead
to a double-free vulnerability in the code,
triggering a user-controlled crash.
§Double free is a memory management flaw that
occurs when a program releases the same
memory block twice using the free() or delete
function.
Impact
Affects Kernel versions 3.15 to 6.8-rc1, and distros
like RHEL, Debian, Ubuntu, and derivatives.
Mitigation
Upgrade your Linux kernel as soon as possible.
We covered this flaw in April, but it’s freshly
significant again because it has been added to
CISA’s known exploited vulnerabilities (malicious
actors are looking for it in your systems).
New and Notable Linux Vulnerabilities: 3
Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 10
Microsoft Patch Tuesday Updates of Interest
Azure and Development Tool Updates
§Azure Data Science Virtual Machines for Linux
§Azure File Sync v16, v17, and v18
§Azure Identity Libraries (for .NET, C++, Go, Java, Javascript, Python)
§Azure Storage Movement Client Library for .NET
§Azure Monitor Agent
§Microsoft Authentication Library (MSAL) (for .NET, Java, Node.js, Python)
§Microsoft Visual Studio 2017 version 15.9 (includes 15.0 -15.8)
§Microsoft Visual Studio 2019 version 16.11 (includes 16.0 -16.10)
§Microsoft Visual Studio 2022 17.4 – 17.10
Microsoft Patch Tuesday Updates of Interest
Azure and Development Tool Updates
§Azure Data Science Virtual Machines for Linux
§Azure File Sync v16, v17, and v18
§Azure Identity Libraries (for .NET, C++, Go, Java, Javascript, Python)
§Azure Storage Movement Client Library for .NET
§Azure Monitor Agent
§Microsoft Authentication Library (MSAL) (for .NET, Java, Node.js, Python)
§Microsoft Visual Studio 2017 version 15.9 (includes 15.0 -15.8)
§Microsoft Visual Studio 2019 version 16.11 (includes 16.0 -16.10)
§Microsoft Visual Studio 2022 17.4 – 17.10
Copyright © 2024 Ivanti. All rights reserved. 11
Windows 10
and 11 Lifecycle
Awareness
Windows 10 Enterprise and Education
VersionRelease DateEnd of Support Date
22H210/18/202210/14/2025
21H211/16/20216/11/2024
Windows 10 Home and Pro
VersionRelease DateEnd of Support Date
22H210/18/202210/14/2025
Windows 11 Home and Pro
VersionRelease DateEnd of Support Date
23H210/31/202311/11/2025
22H29/20/202210/8/2024
Windows 11 Enterprise and Education
VersionRelease DateEnd of Support Date
23H210/31/202311/10/2026
22H29/20/202210/14/2025
21H210/4/202110/8/2024
Source: Microsoft
https://docs.microsoft.com/en-us/lifecycle/faq/windows
Windows 10
and 11 Lifecycle
Awareness
Windows 10 Enterprise and Education
VersionRelease DateEnd of Support Date
22H210/18/202210/14/2025
21H211/16/20216/11/2024
Windows 10 Home and Pro
VersionRelease DateEnd of Support Date
22H210/18/202210/14/2025
Windows 11 Home and Pro
VersionRelease DateEnd of Support Date
23H210/31/202311/11/2025
22H29/20/202210/8/2024
Windows 11 Enterprise and Education
VersionRelease DateEnd of Support Date
23H210/31/202311/10/2026
22H29/20/202210/14/2025
21H210/4/202110/8/2024
Source: Microsoft
https://docs.microsoft.com/en-us/lifecycle/faq/windows
Copyright © 2024 Ivanti. All rights reserved. 12
Server Long-term Servicing Channel Support
Server LTSC Support
VersionEditionsRelease DateMainstream Support EndsExtended Support Ends
Windows Server 2022Datacenter and Standard08/18/202110/13/202610/14/2031
Windows Server 2019
(Version 1809)Datacenter, Essentials, and Standard11/13/201801/09/202401/09/2029
Windows Server 2016
(Version 1607)Datacenter, Essentials, and Standard10/15/201601/11/202201/11/2027
https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info
§Focused on server long-term stability
§Major version releases every 2-3 years
§5 years mainstream and 5 years extended support
§Server core or server with desktop experience available
Source: Microsoft
Server Long-term Servicing Channel Support
Server LTSC Support
VersionEditionsRelease DateMainstream Support EndsExtended Support Ends
Windows Server 2022Datacenter and Standard08/18/202110/13/202610/14/2031
Windows Server 2019
(Version 1809)Datacenter, Essentials, and Standard11/13/201801/09/202401/09/2029
Windows Server 2016
(Version 1607)Datacenter, Essentials, and Standard10/15/201601/11/202201/11/2027
https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info
§Focused on server long-term stability
§Major version releases every 2-3 years
§5 years mainstream and 5 years extended support
§Server core or server with desktop experience available
Source: Microsoft
Copyright © 2024 Ivanti. All rights reserved. 13
Patch Content Announcements
Announcements Posted on Community Forum Pages
§https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2
§Subscribe to receive email for the desired product(s)
Content Info: Endpoint Security
Content Info: Endpoint Manager
Content Info: macOS Updates
Content Info: Linux Updates
Content Info: Patch for Configuration Manager
Content Info: ISEC and Neurons Patch
Content Info: Neurons Patch for InTune
Patch Content Announcements
Announcements Posted on Community Forum Pages
§https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2
§Subscribe to receive email for the desired product(s)
Content Info: Endpoint Security
Content Info: Endpoint Manager
Content Info: macOS Updates
Content Info: Linux Updates
Content Info: Patch for Configuration Manager
Content Info: ISEC and Neurons Patch
Content Info: Neurons Patch for InTune
Copyright © 2024 Ivanti. All rights reserved. 14
Bulletins and Releases
Bulletins and Releases
Copyright © 2024 Ivanti. All rights reserved.
CHROME-240611: Security Update for Chrome Desktop
§Maximum Severity: Critical
§Affected Products: Google Chrome
§Description: The Stable channel has been updated to Chrome 126.0.6478.54 (Linux)
126.0.6478.56/57 (Windows, Mac) which contains 21 security fixes and improvements The
Extended Stable channel has been updated to Chrome 126.0.6478.56/57 (Windows, Mac) . This
update addresses 18 reported vulnerabilities; 9 are rated High.
§Impact: Remote Code Execution, Security Feature Bypass, Information Disclosure
§Fixes 18 Vulnerabilities: See https://chromereleases.googleblog.com/2024/06/stable-channel-
update-for-desktop.html for more details.
§Restart Required: Requires application restart
1
CHROME-240611: Security Update for Chrome Desktop
§Maximum Severity: Critical
§Affected Products: Google Chrome
§Description: The Stable channel has been updated to Chrome 126.0.6478.54 (Linux)
126.0.6478.56/57 (Windows, Mac) which contains 21 security fixes and improvements The
Extended Stable channel has been updated to Chrome 126.0.6478.56/57 (Windows, Mac) . This
update addresses 18 reported vulnerabilities; 9 are rated High.
§Impact: Remote Code Execution, Security Feature Bypass, Information Disclosure
§Fixes 18 Vulnerabilities: See https://chromereleases.googleblog.com/2024/06/stable-channel-
update-for-desktop.html for more details.
§Restart Required: Requires application restart
1
Copyright © 2024 Ivanti. All rights reserved.
MFSA-2024-25: Security Update Firefox 127
§Maximum Severity: Critical
§Affected Products: Security Update Firefox
§Description: This update from Mozilla addresses security vulnerabilities in the Firefox browser on
multiple platforms. Fixes 15 vulnerabilities; 4 are rated High.
§Impact: Remote Code Execution, Denial of Service, Spoofing, Elevation of Privilege, Information
Disclosure
§Fixes 15 Vulnerabilities: See the Mozilla Security Advisory https://www.mozilla.org/en-
US/security/advisories/mfsa2024-25/ for complete details.
§Restart Required: Requires application restart
§Known Issues: None
1
MFSA-2024-25: Security Update Firefox 127
§Maximum Severity: Critical
§Affected Products: Security Update Firefox
§Description: This update from Mozilla addresses security vulnerabilities in the Firefox browser on
multiple platforms. Fixes 15 vulnerabilities; 4 are rated High.
§Impact: Remote Code Execution, Denial of Service, Spoofing, Elevation of Privilege, Information
Disclosure
§Fixes 15 Vulnerabilities: See the Mozilla Security Advisory https://www.mozilla.org/en-
US/security/advisories/mfsa2024-25/ for complete details.
§Restart Required: Requires application restart
§Known Issues: None
1
Copyright © 2024 Ivanti. All rights reserved.
MFSA-2024-26: Security Update Firefox ESR 115.12
§Maximum Severity: Critical
§Affected Products: Security Update Firefox ESR
§Description: This update from Mozilla addresses security vulnerabilities in the Firefox ESR
browser on multiple platforms. Fixes 8 vulnerabilities; 3 are rated High.
§Impact: Remote Code Execution, Denial of Service, Elevation of Privilege, Information
Disclosure
§Fixes 8 Vulnerabilities: See the Mozilla Security Advisory https://www.mozilla.org/en-
US/security/advisories/mfsa2024-26/ for complete details.
§Restart Required: Requires application restart
§Known Issues: None
1
MFSA-2024-26: Security Update Firefox ESR 115.12
§Maximum Severity: Critical
§Affected Products: Security Update Firefox ESR
§Description: This update from Mozilla addresses security vulnerabilities in the Firefox ESR
browser on multiple platforms. Fixes 8 vulnerabilities; 3 are rated High.
§Impact: Remote Code Execution, Denial of Service, Elevation of Privilege, Information
Disclosure
§Fixes 8 Vulnerabilities: See the Mozilla Security Advisory https://www.mozilla.org/en-
US/security/advisories/mfsa2024-26/ for complete details.
§Restart Required: Requires application restart
§Known Issues: None
1
Copyright © 2024 Ivanti. All rights reserved. 18
MS24-06-W11: Windows 11 Update
§Maximum Severity: Critical
§Affected Products: Microsoft Windows 11 Version 21H2, 22H2, 23H2 and Edge Chromium
§Description: This bulletin references KB 5039213 (21H2) and KB 5039212 (22H2/23H2). See
KBs for complete details but note that the version of curl.exe that is in Windows is now 8.7.1
§Impact: Remote Code Execution, Denial of Service, Elevation of Privilege, and Information
Disclosure
§Fixes 28 Vulnerabilities: No CVEs are reported publicly disclosed or known exploited. See the
Security Update Guide for the complete list of CVEs.
§Restart Required: Requires restart
§Known Issues: See next slide
1
MS24-06-W11: Windows 11 Update
§Maximum Severity: Critical
§Affected Products: Microsoft Windows 11 Version 21H2, 22H2, 23H2 and Edge Chromium
§Description: This bulletin references KB 5039213 (21H2) and KB 5039212 (22H2/23H2). See
KBs for complete details but note that the version of curl.exe that is in Windows is now 8.7.1
§Impact: Remote Code Execution, Denial of Service, Elevation of Privilege, and Information
Disclosure
§Fixes 28 Vulnerabilities: No CVEs are reported publicly disclosed or known exploited. See the
Security Update Guide for the complete list of CVEs.
§Restart Required: Requires restart
§Known Issues: See next slide
1
Copyright © 2024 Ivanti. All rights reserved. 19
June Known Issues for Windows 11
§KB 5039213 – Windows 11 version 21H2, all editions
§[Prof_Pic] After installing this update, you might be unable to change your user account
profile picture. When attempting to change a profile picture by selecting the button Start>
Settings> Accounts > Your info, and then selecting Choose a file, you might receive an error
message with error code 0x80070520. Workaround: Microsoft is working on a resolution.
June Known Issues for Windows 11
§KB 5039213 – Windows 11 version 21H2, all editions
§[Prof_Pic] After installing this update, you might be unable to change your user account
profile picture. When attempting to change a profile picture by selecting the button Start>
Settings> Accounts > Your info, and then selecting Choose a file, you might receive an error
message with error code 0x80070520. Workaround: Microsoft is working on a resolution.
Copyright © 2024 Ivanti. All rights reserved. 20
MS24-06-W10: Windows 10 Update
§Maximum Severity: Critical
§Affected Products: Microsoft Windows 10 Versions 1607, 1809, 21H2, 22H2, Server 2016,
Server 2019, Server 2022, Server 2022 Datacenter: Azure Edition and Edge Chromium
§Description: This bulletin references 7 KB articles. See KBs for the list of changes but note that
the version of curl.exe that is in Windows is now 8.7.1.
§Impact: Remote Code Execution, Denial of Service, Elevation of Privilege, and Information
Disclosure
§Fixes 33 Vulnerabilities: CVE-2023-50868 is reported publicly disclosed. See the Security
Update Guide for the complete list of CVEs.
§Restart Required: Requires restart
§Known Issues: See next slide
1
MS24-06-W10: Windows 10 Update
§Maximum Severity: Critical
§Affected Products: Microsoft Windows 10 Versions 1607, 1809, 21H2, 22H2, Server 2016,
Server 2019, Server 2022, Server 2022 Datacenter: Azure Edition and Edge Chromium
§Description: This bulletin references 7 KB articles. See KBs for the list of changes but note that
the version of curl.exe that is in Windows is now 8.7.1.
§Impact: Remote Code Execution, Denial of Service, Elevation of Privilege, and Information
Disclosure
§Fixes 33 Vulnerabilities: CVE-2023-50868 is reported publicly disclosed. See the Security
Update Guide for the complete list of CVEs.
§Restart Required: Requires restart
§Known Issues: See next slide
1
Copyright © 2024 Ivanti. All rights reserved. 21
June Known Issues for Windows 10
§KB 5039211 – Windows 10 Enterprise and Education, version 21H2 Windows 10 IoT Enterprise,
version 21H2 Windows 10 Enterprise Multi-Session, version 21H2 Windows 10, version 22H2,
all editions
§[Copilot Not Supported] Copilot in Windows (in preview) is not currently supported when
your taskbar is located vertically on the right or left of your screen. Workaround: To
access Copilot in Windows, make sure your taskbar is positioned horizontally on the top or
bottom of your screen.
§[Icon Display] Windows devices using more than one (1) monitor might experience issues
with desktop icons moving unexpectedly between monitors or other icon alignment issues
when attempting to use Copilot in Windows (in preview).
§[Cache] After you install KB5034203 (dated 01/23/2024) or later updates, some Windows
devices that use the DHCP Option 235 to discover Microsoft Connected Cache (MCC)
nodes in their network might be unable to use those nodes. Instead, these Windows
devices will download updates and apps from the public internet. Workaround: See KB for
configuration options.
§[Prof_Pic]
§Microsoft is working on a resolution for all issues.
June Known Issues for Windows 10
§KB 5039211 – Windows 10 Enterprise and Education, version 21H2 Windows 10 IoT Enterprise,
version 21H2 Windows 10 Enterprise Multi-Session, version 21H2 Windows 10, version 22H2,
all editions
§[Copilot Not Supported] Copilot in Windows (in preview) is not currently supported when
your taskbar is located vertically on the right or left of your screen. Workaround: To
access Copilot in Windows, make sure your taskbar is positioned horizontally on the top or
bottom of your screen.
§[Icon Display] Windows devices using more than one (1) monitor might experience issues
with desktop icons moving unexpectedly between monitors or other icon alignment issues
when attempting to use Copilot in Windows (in preview).
§[Cache] After you install KB5034203 (dated 01/23/2024) or later updates, some Windows
devices that use the DHCP Option 235 to discover Microsoft Connected Cache (MCC)
nodes in their network might be unable to use those nodes. Instead, these Windows
devices will download updates and apps from the public internet. Workaround: See KB for
configuration options.
§[Prof_Pic]
§Microsoft is working on a resolution for all issues.
Copyright © 2024 Ivanti. All rights reserved. 22
June Known Issues for Windows 10 (cont)
§KB 5039227 – Windows Server 2022
§[Prof_Pic]
June Known Issues for Windows 10 (cont)
§KB 5039227 – Windows Server 2022
§[Prof_Pic]
Copyright © 2024 Ivanti. All rights reserved. 23
§Maximum Severity: Important
§Affected Products: Microsoft SharePoint Server Subscription Edition, SharePoint Enterprise
Server 2016, and SharePoint Server 2019
§Description: This security update resolves a Microsoft SharePoint Server remote code execution
vulnerability. This bulletin is based on KB 5002602 (2019), KB 5002603 (sub), and KB 5003604
(2016) articles.
§Impact: Remote Code Execution
§Fixes 1 Vulnerability: CVE-2024-30100 is not known to be exploited or publicly disclosed.
§Restart Required: Requires application restart
§Known Issues: None reported
MS24-06-SPT: Security Updates for Sharepoint Server12
§Maximum Severity: Important
§Affected Products: Microsoft SharePoint Server Subscription Edition, SharePoint Enterprise
Server 2016, and SharePoint Server 2019
§Description: This security update resolves a Microsoft SharePoint Server remote code execution
vulnerability. This bulletin is based on KB 5002602 (2019), KB 5002603 (sub), and KB 5003604
(2016) articles.
§Impact: Remote Code Execution
§Fixes 1 Vulnerability: CVE-2024-30100 is not known to be exploited or publicly disclosed.
§Restart Required: Requires application restart
§Known Issues: None reported
MS24-06-SPT: Security Updates for Sharepoint Server12
Copyright © 2024 Ivanti. All rights reserved. 24
§Maximum Severity: Important
§Affected Products: Office Professional Plus 2016, Office Professional 2016, Office Standard
2016, Office Home and Business 2016, and Office Home and Student 2016
§Description: This security update resolves several Microsoft Outlook remote code execution
vulnerabilities which can be exploited via the Preview Pane. This bulletin references KBs
5002575, 5002591, and 5002600.
§Impact: Remote Code Execution
§Fixes 3 Vulnerabilities: CVE-2024-300101, CVE-2024-300103, and CVE-2024-300104 are not
known to be exploited or publicly disclosed.
§Restart Required: Requires application restart
§Known Issues: None reported
MS24-06-OFF: Security Updates for Microsoft Office12
§Maximum Severity: Important
§Affected Products: Office Professional Plus 2016, Office Professional 2016, Office Standard
2016, Office Home and Business 2016, and Office Home and Student 2016
§Description: This security update resolves several Microsoft Outlook remote code execution
vulnerabilities which can be exploited via the Preview Pane. This bulletin references KBs
5002575, 5002591, and 5002600.
§Impact: Remote Code Execution
§Fixes 3 Vulnerabilities: CVE-2024-300101, CVE-2024-300103, and CVE-2024-300104 are not
known to be exploited or publicly disclosed.
§Restart Required: Requires application restart
§Known Issues: None reported
MS24-06-OFF: Security Updates for Microsoft Office12
Copyright © 2024 Ivanti. All rights reserved. 25
§Maximum Severity: Important
§Affected Products: Microsoft 365 Apps, Office 2019, Office LTSC 2021, and Office LTSC for Mac
2021
§Description: This month’s update resolves a vulnerability which could allow a remote user to
perform code execution. Information on the security updates is available at
https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates. This
security update resolves several Microsoft Outlook remote code execution vulnerabilities which
can be exploited via the Preview Pane.
§Impact: Remote Code Execution
§Fixes 4 Vulnerabilities: CVE-2024-300101, CVE-2024-300102, CVE-2024-300103, and CVE-
2024-300104 are not known to be exploited or publicly disclosed.
§Restart Required: Requires application restart
§Known Issues: None reported
MS24-06-O365: Security Updates for Microsoft 365 Apps12
§Maximum Severity: Important
§Affected Products: Microsoft 365 Apps, Office 2019, Office LTSC 2021, and Office LTSC for Mac
2021
§Description: This month’s update resolves a vulnerability which could allow a remote user to
perform code execution. Information on the security updates is available at
https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates. This
security update resolves several Microsoft Outlook remote code execution vulnerabilities which
can be exploited via the Preview Pane.
§Impact: Remote Code Execution
§Fixes 4 Vulnerabilities: CVE-2024-300101, CVE-2024-300102, CVE-2024-300103, and CVE-
2024-300104 are not known to be exploited or publicly disclosed.
§Restart Required: Requires application restart
§Known Issues: None reported
MS24-06-O365: Security Updates for Microsoft 365 Apps12
Copyright © 2024 Ivanti. All rights reserved. 26
Between
Patch Tuesdays
Between
Patch Tuesdays
Copyright © 2024 Ivanti. All rights reserved. 27
Windows Release Summary
§Security Updates (with CVEs): Google Chrome (3), Docker For Windows (1), Foxit PDF Editor (1),
Foxit PDF Editor (Subscription) (1), Foxit PDF Reader Enterprise (1), Opera (1), Python (1), VMware
Workstation Player (1)
§Security Updates (w/o CVEs): 7-Zip (1), CCleaner (1), ClickShare App Machine-Wide Installer (1),
Cisco Webex Meetings Desktop App (1), Citrix Workspace App (1), Dropbox (1), Evernote (4), Falcon
Sensor for Windows (1), Firefox (1), Foxit PDF Editor (1), Foxit PDF Editor (Subscription) (1), Foxit
PDF Reader Consumer (1), Foxit PDF Reader Enterprise (1), GoodSync (3), Git for Windows (1),
Grammarly for Windows (3), Cisco Jabber (1), LibreOffice (1), Malwarebytes (1), Nitro Pro (1), Nitro
Pro Enterprise (1), Node.JS (LTS Lower) (1), Node.JS (LTS Upper) (1), Notepad++ (1), Opera (3),
PDF24 Creator (1), Screenpresso (1), Skype (1), Slack Machine-Wide Installer (1), Snagit (2), Tableau
Desktop (7), Tableau Prep Builder (1), Tableau Reader (1), Thunderbird (1), TeamViewer (2), Zoom
Client (2), Zoom Rooms Client (2)
§Non-Security Updates: Bandicut (1), Bitwarden (1), Camtasia (1), Google Drive File Stream (1),
GoodSync (1), GeoGebra Classic (1), Citrix HDX RealTime Media Engine (1), KeePass Pro (1),
Password Safe (2), RingCentral App (Machine-Wide Installer) (2), Rocket.Chat Desktop Client (2),
TightVNC (1), WeCom (2), WinZip (1)
Windows Release Summary
§Security Updates (with CVEs): Google Chrome (3), Docker For Windows (1), Foxit PDF Editor (1),
Foxit PDF Editor (Subscription) (1), Foxit PDF Reader Enterprise (1), Opera (1), Python (1), VMware
Workstation Player (1)
§Security Updates (w/o CVEs): 7-Zip (1), CCleaner (1), ClickShare App Machine-Wide Installer (1),
Cisco Webex Meetings Desktop App (1), Citrix Workspace App (1), Dropbox (1), Evernote (4), Falcon
Sensor for Windows (1), Firefox (1), Foxit PDF Editor (1), Foxit PDF Editor (Subscription) (1), Foxit
PDF Reader Consumer (1), Foxit PDF Reader Enterprise (1), GoodSync (3), Git for Windows (1),
Grammarly for Windows (3), Cisco Jabber (1), LibreOffice (1), Malwarebytes (1), Nitro Pro (1), Nitro
Pro Enterprise (1), Node.JS (LTS Lower) (1), Node.JS (LTS Upper) (1), Notepad++ (1), Opera (3),
PDF24 Creator (1), Screenpresso (1), Skype (1), Slack Machine-Wide Installer (1), Snagit (2), Tableau
Desktop (7), Tableau Prep Builder (1), Tableau Reader (1), Thunderbird (1), TeamViewer (2), Zoom
Client (2), Zoom Rooms Client (2)
§Non-Security Updates: Bandicut (1), Bitwarden (1), Camtasia (1), Google Drive File Stream (1),
GoodSync (1), GeoGebra Classic (1), Citrix HDX RealTime Media Engine (1), KeePass Pro (1),
Password Safe (2), RingCentral App (Machine-Wide Installer) (2), Rocket.Chat Desktop Client (2),
TightVNC (1), WeCom (2), WinZip (1)
Copyright © 2024 Ivanti. All rights reserved. 28
Windows Third Party CVE Information
§Google Chrome 125.0.6422.77
§CHROME-240522, QGC1250642277
§Fixes 4 Vulnerabilities: CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160
§Google Chrome 125.0.6422.113
§CHROME-240523, QGC12506422113
§Fixes 1 Vulnerability: CVE-2024-5274
§Google Chrome 125.0.6422.142
§CHROME-240530, QGC12506422142
§Fixes 7 Vulnerabilities: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-
2024-5497, CVE-2024-5498, CVE-2024-5499
Windows Third Party CVE Information
§Google Chrome 125.0.6422.77
§CHROME-240522, QGC1250642277
§Fixes 4 Vulnerabilities: CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160
§Google Chrome 125.0.6422.113
§CHROME-240523, QGC12506422113
§Fixes 1 Vulnerability: CVE-2024-5274
§Google Chrome 125.0.6422.142
§CHROME-240530, QGC12506422142
§Fixes 7 Vulnerabilities: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-
2024-5497, CVE-2024-5498, CVE-2024-5499
Copyright © 2024 Ivanti. All rights reserved. 29
Windows Third Party CVE Information (cont)
§Docker For Windows 4.31.0
§DOCKER-240606, QDOCKER43100
§Fixes 1 Vulnerability: CVE-2024-5652
§Foxit PDF Editor 13.1.2.22442
§FPDFE-240529, QFPDFE131222442
§Fixes 1 Vulnerability: CVE-2024-29072
§Foxit PDF Editor (Subscription) 2024.2.2.25170
§FPDFES-240527, QFPDFE202422
§Fixes 1 Vulnerability: CVE-2024-29072
§Foxit PDF Reader Enterprise 2024.2.2.25170
§FPDFRE-240527, QFPDFRES202422
§Fixes 1 Vulnerability: CVE-2024-29072
Windows Third Party CVE Information (cont)
§Docker For Windows 4.31.0
§DOCKER-240606, QDOCKER43100
§Fixes 1 Vulnerability: CVE-2024-5652
§Foxit PDF Editor 13.1.2.22442
§FPDFE-240529, QFPDFE131222442
§Fixes 1 Vulnerability: CVE-2024-29072
§Foxit PDF Editor (Subscription) 2024.2.2.25170
§FPDFES-240527, QFPDFE202422
§Fixes 1 Vulnerability: CVE-2024-29072
§Foxit PDF Reader Enterprise 2024.2.2.25170
§FPDFRE-240527, QFPDFRES202422
§Fixes 1 Vulnerability: CVE-2024-29072
Copyright © 2024 Ivanti. All rights reserved. 30
Windows Third Party CVE Information (cont)
§Opera 110.0.5130.39
§OPERA-240524, QOP1100513039
§Fixes 1 Vulnerability: CVE-2024-5274
§Python 3.12.4
§PYTHN312-240606, QPYTH31241500
§Fixes 1 Vulnerability: CVE-2024-4030
§VMware Workstation Player 17.5.2
§VMWP17-240521, QVMWP1752
§Fixes 4 Vulnerabilities: CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, CVE-2024-22270
Windows Third Party CVE Information (cont)
§Opera 110.0.5130.39
§OPERA-240524, QOP1100513039
§Fixes 1 Vulnerability: CVE-2024-5274
§Python 3.12.4
§PYTHN312-240606, QPYTH31241500
§Fixes 1 Vulnerability: CVE-2024-4030
§VMware Workstation Player 17.5.2
§VMWP17-240521, QVMWP1752
§Fixes 4 Vulnerabilities: CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, CVE-2024-22270
Copyright © 2024 Ivanti. All rights reserved. 31
Apple Release Summary
§Security Updates (with CVEs): Google Chrome (3), Microsoft Edge (3)
§Security Updates (w/o CVEs): Firefox (1), Microsoft Edge (1), Parallels Desktop (1),
Thunderbird (1), Zoom Client (1)
§Non-Security Updates: AutoCAD (1), Brave (2), draw.io (3), Dropbox (1), Evernote (4), Figma
(1), Grammarly (7), HandBrake (1), LibreOffice (1), Microsoft Edge (2), OneDrive for Mac (1),
Microsoft Office 2019 Outlook (2), PyCharm Professional (1), Spotify (2), Microsoft Teams (2),
Visual Studio Code (1), Microsoft Office 2019 Word (1)
Apple Release Summary
§Security Updates (with CVEs): Google Chrome (3), Microsoft Edge (3)
§Security Updates (w/o CVEs): Firefox (1), Microsoft Edge (1), Parallels Desktop (1),
Thunderbird (1), Zoom Client (1)
§Non-Security Updates: AutoCAD (1), Brave (2), draw.io (3), Dropbox (1), Evernote (4), Figma
(1), Grammarly (7), HandBrake (1), LibreOffice (1), Microsoft Edge (2), OneDrive for Mac (1),
Microsoft Office 2019 Outlook (2), PyCharm Professional (1), Spotify (2), Microsoft Teams (2),
Visual Studio Code (1), Microsoft Office 2019 Word (1)
Copyright © 2024 Ivanti. All rights reserved. 32
Apple Third Party CVE Information
§Google Chrome 125.0.6422.76
§CHROMEMAC-240521
§Fixes 4 Vulnerabilities: CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160
§Google Chrome 125.0.6422.113
§CHROMEMAC-240524
§Fixes 1 Vulnerability: CVE-2024-5274
§Google Chrome 125.0.6422.142
§CHROMEMAC-240530
§Fixes 7 Vulnerabilities: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-
2024-5497, CVE-2024-5498, CVE-2024-5499
Apple Third Party CVE Information
§Google Chrome 125.0.6422.76
§CHROMEMAC-240521
§Fixes 4 Vulnerabilities: CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160
§Google Chrome 125.0.6422.113
§CHROMEMAC-240524
§Fixes 1 Vulnerability: CVE-2024-5274
§Google Chrome 125.0.6422.142
§CHROMEMAC-240530
§Fixes 7 Vulnerabilities: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-
2024-5497, CVE-2024-5498, CVE-2024-5499
Copyright © 2024 Ivanti. All rights reserved. 33
Apple Third Party CVE Information (cont)
§Microsoft Edge 124.0.2478.109
§MEDGEMAC-240517
§Fixes 5 Vulnerabilities: CVE-2024-30056, CVE-2024-4947, CVE-2024-4948, CVE-2024-4949,
CVE-2024-4950
§Microsoft Edge 125.0.2535.67
§MEDGEMAC-240527
§Fixes 5 Vulnerabilities: CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160,
CVE-2024-5274
§Microsoft Edge 125.0.2535.85
§MEDGEMAC-240603
§Fixes 7 Vulnerabilities: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496,
CVE-2024-5497, CVE-2024-5498, CVE-2024-5499
Apple Third Party CVE Information (cont)
§Microsoft Edge 124.0.2478.109
§MEDGEMAC-240517
§Fixes 5 Vulnerabilities: CVE-2024-30056, CVE-2024-4947, CVE-2024-4948, CVE-2024-4949,
CVE-2024-4950
§Microsoft Edge 125.0.2535.67
§MEDGEMAC-240527
§Fixes 5 Vulnerabilities: CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160,
CVE-2024-5274
§Microsoft Edge 125.0.2535.85
§MEDGEMAC-240603
§Fixes 7 Vulnerabilities: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496,
CVE-2024-5497, CVE-2024-5498, CVE-2024-5499
Copyright © 2024 Ivanti. All rights reserved. 34
Q & A
Q & A
Copyright © 2024 Ivanti. All rights reserved.Copyright © 2024 Ivanti. All rights reserved. 35
Thank You!
Thank You!
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 82
- Slides 35
- Age 537 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
33 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
31 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
27 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
29 views