Security News

Microsoft Security Bulletin Coverage For September 2024

By

Overview

Microsoft’s September 2024 Patch Tuesday has 79 vulnerabilities, of which 30 are Elevation of Privilege. SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of September 2024 and has produced coverage for 9 of the reported vulnerabilities.

Vulnerabilities with Detections

CVECVE TitleSignature
CVE-2024-38217Windows Mark of the Web Security Feature Bypass VulnerabilityASPY 7007 Malformed-lnk lnk.MP_5
CVE-2024-38237Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityASPY 7004 Exploit-exe exe.MP_408
CVE-2024-38238Kernel Streaming Service Driver Elevation of Privilege VulnerabilityASPY 7005 Exploit-exe exe.MP_409
CVE-2024-38241Kernel Streaming Service Driver Elevation of Privilege VulnerabilityASPY 7006 Exploit-exe exe.MP_410
CVE-2024-38242Kernel Streaming Service Driver Elevation of Privilege VulnerabilityASPY 602 Exploit-exe exe.MP_411
CVE-2024-38243Kernel Streaming Service Driver Elevation of Privilege VulnerabilityASPY 603 Exploit-exe exe.MP_412
CVE-2024-38244Kernel Streaming Service Driver Elevation of Privilege VulnerabilityASPY 604 Exploit-exe exe.MP_413
CVE-2024-38245Kernel Streaming Service Driver Elevation of Privilege VulnerabilityASPY 605 Exploit-exe exe.MP_414
CVE-2024-43461Windows MSHTML Platform Spoofing VulnerabilityIPS 4501 Windows MSHTML Platform Spoofing (CVE-2024-43461)

Release Breakdown

The vulnerabilities can be classified into following categories:

For September there are 7 critical, 71 Important and one moderate vulnerabilities.

Microsoft tracks vulnerabilities that are being actively exploited at the time of discovery and those that have been disclosed publicly before the patch Tuesday release for each month. The above chart displays these metrics as seen each month.

Release Detailed Breakdown

Denial of Service Vulnerabilities

CVECVE Title
CVE-2024-38230Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-38232Windows Networking Denial of Service Vulnerability
CVE-2024-38233Windows Networking Denial of Service Vulnerability
CVE-2024-38234Windows Networking Denial of Service Vulnerability
CVE-2024-38235Windows Hyper-V Denial of Service Vulnerability
CVE-2024-38236DHCP Server Service Denial of Service Vulnerability
CVE-2024-43466Microsoft SharePoint Server Denial of Service Vulnerability

Elevation of Privilege Vulnerabilities

CVECVE Title
CVE-2024-37341Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-37965Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-37980Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-38014Windows Installer Elevation of Privilege Vulnerability
CVE-2024-38046PowerShell Elevation of Privilege Vulnerability
CVE-2024-38188Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-38194Azure Web Apps Elevation of Privilege Vulnerability
CVE-2024-38216Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38220Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38225Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-38237Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38238Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38239Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38240Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-38241Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38242Kernel Streaming Service Driver Elevation of Privilege Vulnerability
8243Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38244Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38245Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38246Win32k Elevation of Privilege Vulnerability
CVE-2024-38247Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38248Windows Storage Elevation of Privilege Vulnerability
CVE-2024-38249Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38250Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38252Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38253Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-43457Windows Setup and Deployment Elevation of Privilege Vulnerability
CVE-2024-43465Microsoft Excel Elevation of Privilege Vulnerability
CVE-2024-43470Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-43492Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Information Disclosure Vulnerabilities

CVECVE Title
CVE-2024-37337Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37342Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37966Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-38254Windows Authentication Information Disclosure Vulnerability
CVE-2024-38256Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-38257Microsoft AllJoyn API Information Disclosure Vulnerability
CVE-2024-38258Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
CVE-2024-43458Windows Networking Information Disclosure Vulnerability
CVE-2024-43474Microsoft SQL Server Information Disclosure Vulnerability
CVE-2024-43475Microsoft Windows Admin Center Information Disclosure Vulnerability
CVE-2024-43482Microsoft Outlook for iOS Information Disclosure Vulnerability

Remote Code Execution Vulnerabilities

CVECVE Title
CVE-2024-21416Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-26186Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-26191Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37335Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37338Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37339Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37340Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-38018Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38045Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38119Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
CVE-2024-38227Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38228Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38231Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38259Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-38260Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38263Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43454Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43463Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43464Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-43467Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43469Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-43479Microsoft Power Automate Desktop Remote Code Execution Vulnerability
CVE-2024-43491Microsoft Windows Update Remote Code Execution Vulnerability
CVE-2024-43495Windows libarchive Remote Code Execution Vulnerability

Security Feature Bypass Vulnerabilities

CVECVE Title
CVE-2024-30073Windows Security Zone Mapping Security Feature Bypass Vulnerability
CVE-2024-38217Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38226Microsoft Publisher Security Features Bypass Vulnerability
CVE-2024-43487Windows Mark of the Web Security Feature Bypass Vulnerability

Spoofing Vulnerabilities

CVECVE Title
CVE-2024-43455Windows Remote Desktop Licensing Service Spoofing Vulnerability
CVE-2024-43461Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43476Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
Android Ransomware spreading as codec pack installer
Microsoft Security Bulletin Coverage (October 14, 2014)
Malicious trojan poses as JP Morgan Secure message (March 6, 2015)
A look at PartyTicket Ransomware targeting Ukrainian systems
HP Data Protector Media Operations DoS (Oct 22, 2010)
Yet another Toll Fraud malware for Android (January 11, 2013)
CrypRAT Infostealer actively spreading in the wild.
New Tor-based Information stealing Trojan (Dec 27, 2013)