Threat intelligence

Microsoft Security Bulletin Coverage for October 2024

by Security News

Overview

Microsoft’s October 2024 Patch Tuesday has 117 vulnerabilities, of which 42 are Remote Code Execution.SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of October 2024 and has produced coverage for 4 of the reported vulnerabilities. 

Vulnerabilities with Detections

CVE CVE Title Signature 
CVE-2024-43502 Windows Kernel Elevation of Privilege Vulnerability ASPY 7012 Exploit-exe exe.MP_415 
CVE-2024-43560 Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability ASPY 7013 Exploit-exe exe.MP_416 
CVE-2024-43572 Microsoft Management Console Remote Code Execution Vulnerability IPS 4516 Microsoft Management Console Remote Code Execution (CVE-2024-43572) 
CVE-2024-43573 Windows MSHTML Platform Spoofing Vulnerability IPS 4515 Windows MSHTML Platform Spoofing (CVE-2024-43573) 

ASPY 608 Malformed-msc msc.MP_2 

 

Release Breakdown

The vulnerabilities can be classified into following categories: 

 

For October there are 3 critical, 110 Important and 3 moderate vulnerabilities. 

Microsoft tracks vulnerabilities that are being actively exploited at the time of discovery and those that have been disclosed publicly before the patch Tuesday release for each month. The above chart displays these metrics as seen each month. 

Release Detailed Breakdown

Denial of Service Vulnerabilities

CVE CVE Title 
CVE-2024-38149 BranchCache Denial of Service Vulnerability 
CVE-2024-43483 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability 
CVE-2024-43484 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability 
CVE-2024-43485 .NET and Visual Studio Denial of Service Vulnerability 
CVE-2024-43506 BranchCache Denial of Service Vulnerability 
CVE-2024-43512 Windows Standards-Based Storage Management Service Denial of Service Vulnerability 
CVE-2024-43515 Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability 
CVE-2024-43520 Windows Kernel Denial of Service Vulnerability 
CVE-2024-43521 Windows Hyper-V Denial of Service Vulnerability 
CVE-2024-43537 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43538 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43540 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43541 Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability 
CVE-2024-43542 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43544 Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability 
CVE-2024-43545 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability 
CVE-2024-43555 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43557 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43558 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43559 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43561 Windows Mobile Broadband Driver Denial of Service Vulnerability 
CVE-2024-43562 Windows Network Address Translation (NAT) Denial of Service Vulnerability 
CVE-2024-43565 Windows Network Address Translation (NAT) Denial of Service Vulnerability 
CVE-2024-43567 Windows Hyper-V Denial of Service Vulnerability 
CVE-2024-43575 Windows Hyper-V Denial of Service Vulnerability 
CVE-2024-43603 Visual Studio Collector Service Denial of Service Vulnerability 

 

Elevation of Privilege Vulnerabilities

CVE CVE Title 
CVE-2024-37979 Windows Kernel Elevation of Privilege Vulnerability 
CVE-2024-38097 Azure Monitor Agent Elevation of Privilege Vulnerability 
CVE-2024-38124 Windows Netlogon Elevation of Privilege Vulnerability 
CVE-2024-38129 Windows Kerberos Elevation of Privilege Vulnerability 
CVE-2024-38179 Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability 
CVE-2024-43501 Windows Common Log File System Driver Elevation of Privilege Vulnerability 
CVE-2024-43502 Windows Kernel Elevation of Privilege Vulnerability 
CVE-2024-43503 Microsoft SharePoint Elevation of Privilege Vulnerability 
CVE-2024-43509 Windows Graphics Component Elevation of Privilege Vulnerability 
CVE-2024-43511 Windows Kernel Elevation of Privilege Vulnerability 
CVE-2024-43514 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability 
CVE-2024-43516 Windows Secure Kernel Mode Elevation of Privilege Vulnerability 
CVE-2024-43522 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability 
CVE-2024-43527 Windows Kernel Elevation of Privilege Vulnerability 
CVE-2024-43528 Windows Secure Kernel Mode Elevation of Privilege Vulnerability 
CVE-2024-43529 Windows Print Spooler Elevation of Privilege Vulnerability 
CVE-2024-43532 Remote Registry Service Elevation of Privilege Vulnerability 
CVE-2024-43535 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability 
CVE-2024-43551 Windows Storage Elevation of Privilege Vulnerability 
CVE-2024-43553 NT OS Kernel Elevation of Privilege Vulnerability 
CVE-2024-43556 Windows Graphics Component Elevation of Privilege Vulnerability 
CVE-2024-43560 Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability 
CVE-2024-43563 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability 
CVE-2024-43570 Windows Kernel Elevation of Privilege Vulnerability 
CVE-2024-43583 Winlogon Elevation of Privilege Vulnerability 
CVE-2024-43590 Visual C++ Redistributable Installer Elevation of Privilege Vulnerability 
CVE-2024-43591 Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability 
CVE-2024-43604 Outlook for Android Elevation of Privilege Vulnerability 

 

Information Disclosure Vulnerabilities

CVE CVE Title 
CVE-2024-43500 Windows Resilient File System (ReFS) Information Disclosure Vulnerability 
CVE-2024-43508 Windows Graphics Component Information Disclosure Vulnerability 
CVE-2024-43534 Windows Graphics Component Information Disclosure Vulnerability 
CVE-2024-43546 Windows Cryptographic Information Disclosure Vulnerability 
CVE-2024-43547 Windows Kerberos Information Disclosure Vulnerability 
CVE-2024-43554 Windows Kernel-Mode Driver Information Disclosure Vulnerability 

 

Remote Code Execution Vulnerabilities

CVE CVE Title 
CVE-2024-30092 Windows Hyper-V Remote Code Execution Vulnerability 
CVE-2024-38029 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability 
CVE-2024-38212 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-38229 .NET and Visual Studio Remote Code Execution Vulnerability 
CVE-2024-38261 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-38262 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability 
CVE-2024-38265 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43453 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43468 Microsoft Configuration Manager Remote Code Execution Vulnerability 
CVE-2024-43480 Azure Service Fabric for Linux Remote Code Execution Vulnerability 
CVE-2024-43488 Visual Studio Code extension for Arduino Remote Code Execution Vulnerability 
CVE-2024-43497 DeepSpeed Remote Code Execution Vulnerability 
CVE-2024-43504 Microsoft Excel Remote Code Execution Vulnerability 
CVE-2024-43505 Microsoft Office Visio Remote Code Execution Vulnerability 
CVE-2024-43517 Microsoft ActiveX Data Objects Remote Code Execution Vulnerability 
CVE-2024-43518 Windows Telephony Server Remote Code Execution Vulnerability 
CVE-2024-43519 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability 
CVE-2024-43523 Windows Mobile Broadband Driver Remote Code Execution Vulnerability 
CVE-2024-43524 Windows Mobile Broadband Driver Remote Code Execution Vulnerability 
CVE-2024-43525 Windows Mobile Broadband Driver Remote Code Execution Vulnerability 
CVE-2024-43526 Windows Mobile Broadband Driver Remote Code Execution Vulnerability 
CVE-2024-43533 Remote Desktop Client Remote Code Execution Vulnerability 
CVE-2024-43536 Windows Mobile Broadband Driver Remote Code Execution Vulnerability 
CVE-2024-43543 Windows Mobile Broadband Driver Remote Code Execution Vulnerability 
CVE-2024-43549 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43552 Windows Shell Remote Code Execution Vulnerability 
CVE-2024-43564 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43572 Microsoft Management Console Remote Code Execution Vulnerability 
CVE-2024-43574 Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability 
CVE-2024-43576 Microsoft Office Remote Code Execution Vulnerability 
CVE-2024-43581 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability 
CVE-2024-43582 Remote Desktop Protocol Server Remote Code Execution Vulnerability 
CVE-2024-43589 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43592 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43593 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43599 Remote Desktop Client Remote Code Execution Vulnerability 
CVE-2024-43601 Visual Studio Code for Linux Remote Code Execution Vulnerability 
CVE-2024-43607 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43608 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43611 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability 
CVE-2024-43615 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability 
CVE-2024-43616 Microsoft Office Remote Code Execution Vulnerability 

 

Security Feature Bypass Vulnerabilities

CVE CVE Title 
CVE-2024-20659 Windows Hyper-V Security Feature Bypass Vulnerability 
CVE-2024-37976 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability 
CVE-2024-37982 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability 
CVE-2024-37983 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability 
CVE-2024-43513 BitLocker Security Feature Bypass Vulnerability 
CVE-2024-43584 Windows Scripting Engine Security Feature Bypass Vulnerability 
CVE-2024-43585 Code Integrity Guard Security Feature Bypass Vulnerability 

 

Spoofing Vulnerabilities

CVE CVE Title 
CVE-2024-43481 Power BI Report Server Spoofing Vulnerability 
CVE-2024-43550 Windows Secure Channel Spoofing Vulnerability 
CVE-2024-43571 Sudo for Windows Spoofing Vulnerability 
CVE-2024-43573 Windows MSHTML Platform Spoofing Vulnerability 
CVE-2024-43609 Microsoft Office Spoofing Vulnerability 
CVE-2024-43612 Power BI Report Server Spoofing Vulnerability 
CVE-2024-43614 Microsoft Defender for Endpoint for Linux Spoofing Vulnerability 

Tampering Vulnerability

CVE CVE Title 
CVE-2024-43456 Windows Remote Desktop Services Tampering Vulnerability 

 

Share This Article

An Article By

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.