Microsoft Addresses 51 Vulnerabilities in June Patch Tuesday Update
In its latest Patch Tuesday update for June 2024, Microsoft has rolled out security updates to address 51 vulnerabilities across its products. Among these, one vulnerability has been classified as Critical, while the remaining 50 are deemed Important. This release also includes the resolution of 17 vulnerabilities that were identified in the Chromium-based Edge browser over the past month.
Notably, none of the vulnerabilities fixed in this update have been reported to have been actively exploited in the wild. However, one of these issues was recognized as publicly known at the time of the release. This particular vulnerability is identified as CVE-2023-50868, a denial-of-service flaw linked to the DNSSEC validation process. This could potentially lead to CPU exhaustion on a DNSSEC-validating resolver, posing a significant risk to affected systems.
The CVE-2023-50868 vulnerability was first disclosed by researchers at the National Research Center for Applied Cybersecurity (ATHENE) in February 2024, alongside another critical flaw labeled CVE-2023-50387. According to cybersecurity expert Tyler Reguly, the issue underscores the importance of NSEC3, an enhanced version of the NSEC protocol designed to authenticate the non-existence of DNS records. Reguly noted that addressing this vulnerability is critical for defending against DNS cache poisoning attacks.
The most severe vulnerability addressed in this month’s update is a critical remote code execution (RCE) flaw affecting the Microsoft Message Queuing (MSMQ) service, tracked as CVE-2024-30080, which has a CVSS score of 9.8. Microsoft outlined that an attacker would need to send a specially crafted malicious MSMQ packet to an MSMQ server in order to exploit this vulnerability, potentially resulting in remote code execution on the server.
Additionally, Microsoft has resolved several other RCE vulnerabilities impacting Outlook, the Windows Wi-Fi Driver, and various privilege escalation flaws within the Windows Win32 Kernel Subsystem, as well as others identified in Windows Cloud Files Mini Filter Driver and Win32k. The exploitation of CVE-2024-30103, an RCE vulnerability in Outlook, raised concerns due to its potential for triggering code execution without requiring user interaction, consequently increasing the chances of malicious exploitation.
In light of these vulnerabilities, cybersecurity firm Morphisec, which discovered CVE-2024-30103, emphasized the ease of access that this flaw provides to attackers, who could execute arbitrary code under the same privileges as the user, leading to possible system compromise.
In addition to Microsoft’s updates, numerous other vendors have also released security patches in recent weeks, addressing vulnerabilities in a wide range of products, evidencing a widespread effort to enhance cybersecurity measures across the board. This includes updates from Adobe, Amazon Web Services, AMD, and Apple, among many others.
As the threat landscape continues to evolve, understanding and mitigating these vulnerabilities should remain a priority for business owners. By applying relevant patches and updates promptly and utilizing frameworks like the MITRE ATT&CK Matrix to comprehend the tactics and techniques employed by adversaries, organizations can significantly strengthen their defenses against potential cyber threats.