Microsoft Security Bulletin Coverage for June 2024

By

Overview

Microsoft’s June 2024 Patch Tuesday has 49 vulnerabilities, 24 of which are Elevation of Privilege. The SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of June 2024 and has produced coverage for seven of the reported vulnerabilities.

Vulnerabilities with Detections

CVECVE TitleSignature
CVE-2024-30080Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityIPS 4452 Microsoft Message Queuing RCE (CVE-2024-30080)
CVE-2024-30084Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityASPY 6802 Exploit-exe exe.MP_391
CVE-2024-30087Win32k Elevation of Privilege VulnerabilityASPY 6805 Exploit-exe exe.MP_392
CVE-2024-30088Windows Kernel Elevation of Privilege VulnerabilityASPY 6806  Exploit-exe exe.MP_393
CVE-2024-30089Microsoft Streaming Service Elevation of Privilege VulnerabilityASPY 581 Exploit-exe exe.MP_390
CVE-2024-30091Win32k Elevation of Privilege VulnerabilityASPY 580 Exploit-exe exe.MP_389
CVE-2024-35250Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityASPY 579 Exploit-exe exe.MP_388

 

Release Breakdown

The vulnerabilities can be classified into the following categories:

For June there is one Critical, 48 Important and zero Moderate vulnerabilities.

2024 Patch Tuesday Monthly Comparison

Microsoft tracks vulnerabilities that are being actively exploited at the time of discovery and those that have been disclosed publicly before the Patch Tuesday release for each month. The above chart displays these metrics as seen each month.

Release Detailed Breakdown

Denial of Service Vulnerabilities

CVE-2024-30065Windows Themes Denial of Service Vulnerability
CVE-2024-30070DHCP Server Service Denial of Service Vulnerability
CVE-2024-30083Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-35252Azure Storage Movement Client Library Denial of Service Vulnerability

 

Elevation of Privilege Vulnerabilities

CVE-2024-29060Visual Studio Elevation of Privilege Vulnerability
CVE-2024-30064Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-30066Winlogon Elevation of Privilege Vulnerability
CVE-2024-30067WinLogon Elevation of Privilege Vulnerability
CVE-2024-30068Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-30076Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2024-30082Win32k Elevation of Privilege Vulnerability
CVE-2024-30084Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-30085Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2024-30086Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-30087Win32k Elevation of Privilege Vulnerability
CVE-2024-30088Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-30089Microsoft Streaming Service Elevation of Privilege Vulnerability
CVE-2024-30090Microsoft Streaming Service Elevation of Privilege Vulnerability
CVE-2024-30091Win32k Elevation of Privilege Vulnerability
CVE-2024-30093Windows Storage Elevation of Privilege Vulnerability
CVE-2024-30099Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-35248Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-35250Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-35253Microsoft Azure File Sync Elevation of Privilege Vulnerability
CVE-2024-35254Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-35255Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
CVE-2024-35265Windows Perception Service Elevation of Privilege Vulnerability
CVE-2024-37325Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability

 

Information Disclosure Vulnerabilities

CVE-2024-30069Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-30096Windows Cryptographic Services Information Disclosure Vulnerability
CVE-2024-35263Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

 

Remote Code Execution Vulnerabilities

CVE-2024-30052Visual Studio Remote Code Execution Vulnerability
CVE-2024-30062Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
CVE-2024-30063Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2024-30072Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
CVE-2024-30074Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
CVE-2024-30075Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
CVE-2024-30077Windows OLE Remote Code Execution Vulnerability
CVE-2024-30078Windows Wi-Fi Driver Remote Code Execution Vulnerability
CVE-2024-30080Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-30094Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30095Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30097Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-30100Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-30101Microsoft Office Remote Code Execution Vulnerability
CVE-2024-30102Microsoft Office Remote Code Execution Vulnerability
CVE-2024-30103Microsoft Outlook Remote Code Execution Vulnerability
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.