Tag :
Cyber Security

Statistics

Vulnerability Trend

Roundup of Microsoft Patch Tuesday (July 2024) - 1

Figure 1 Vulnerabilities Patched by Microsoft in the Last 12 Months

  • Microsoft released 141 patches in July 2024, including patches for five critical vulnerabilities.
  • Based on Microsoft's historical vulnerability disclosures and the specific circumstances of this year, Sangfor FarSight Labs estimates that Microsoft will announce fewer vulnerabilities in the coming August in comparison to July. We expect a figure of approximately 80 vulnerabilities.

Comparison of Vulnerability Trends

The following figure shows the number of patches released by Microsoft in the month of July from 2021 to 2024.

Roundup of Microsoft Patch Tuesday (July 2024) - 2

Figure 2 Number of Windows Patches Released by Microsoft in July from 2021 to 2024

The following figure shows the trend and number of vulnerabilities at different severity levels addressed by Microsoft in July from 2021 to 2024.

Roundup of Microsoft Patch Tuesday (July 2024) - 3

Figure 3 Number of Vulnerabilities by Severity Level Addressed by Microsoft in July from 2021 to 2024

The following figure shows the number of vulnerabilities by type addressed by Microsoft in July from 2021 to 2024.

Roundup of Microsoft Patch Tuesday (July 2024) - 4

Figure 4 Number of Vulnerabilities by Type Addressed by Microsoft in July from 2021 to 2024

Data source: Microsoft security updates

  • Compared to last year, the number of vulnerabilities addressed by Microsoft in July 2024 has increased.A total of 141 vulnerabilities, including five critical ones, have been reported this month.
  • Compared to last year, the number of vulnerabilities at the High level addressed by Microsoft has increased, and that of vulnerabilities at the Critical level has decreased.133 vulnerabilities at the High level have been addressed, an increase of about 10%, and 5 vulnerabilities at the Critical level have been addressed, a decrease of about 44%.
  • Compared to last year, the number of RCE vulnerabilities has increased, and that of DoS and EoPvulnerabilities has decreased. However, we should remain highly vigilant because, when combined with social engineering techniques, attackers can exploit RCE vulnerabilities to take over an entire LAN and launch attacks.

Details of Key Vulnerabilities

Analysis

Windows Hyper-V Privilege Escalation Vulnerability (CVE-2024-38080)

Microsoft Hyper-V, codenamed Viridian and formerly known as Windows Server Virtualization, is a local VM management program provided by Microsoft. It allows you to create VMs on x86-64 Windows hosts.

A privilege escalation vulnerability (CVE-2024-38080), with a CVSS score of 7.8 (high severity), has been found in Hyper-V. It allows attackers to obtain system permission on target systems. This vulnerability may cause In-The-Wild (ITW) attacks. Analysis results indicate that the vulnerability poses a high risk, and Sangfor FarSight Labs recommends that users install the latest Microsoft patches at the earliest opportunity.

Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-38112)

A layout engine is a software component that takes marked-up content (such as HTML, XML, and image files) and formatting information (such as CSS and XSL) and displays the formatted content on the screen. MSHTML is a proprietary browser engine for the Microsoft Windows version of Internet Explorer, developed by Microsoft.

A spoofing vulnerability (CVE-2024-38112), with a CVSS score of 7.5 (high severity), has been found in MSHTML. It allows attackers to trick users into running malicious files, damaging the confidentiality, integrity, and availability of users' hosts. This vulnerability may cause ITW attacks. Analysis results indicate that the vulnerability poses a high risk, and Sangfor FarSight Labs recommends that users install the latest Microsoft patches at the earliest opportunity.

Affected Versions

Vulnerability Name Affected Versions
Windows Hyper-V Privilege Escalation Vulnerability (CVE-2024-38080)

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 21H2 for ARM64-based Systems

Windows 11 Version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022
Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-38112)

Windows 10 Version 1809 for 32-bit Systems

Windows Server 2019

Windows 11 Version 22H2 for x64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows Server 2022

Windows 11 Version 21H2 for x64-based Systems

Windows 11 Version 21H2 for ARM64-based Systems

Windows Server 2019 (Server Core installation)

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows 10 Version 1809 for ARM64-based Systems

Windows Server 2016 (Server Core installation)

Windows 10 Version 21H2 for 32-bit Systems

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 for 32-bit Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows Server 2022 (Server Core installation)

Windows 10 Version 21H2 for ARM64-based Systems

Windows Server 2012 R2 (Server Core installation)

Windows 10 Version 22H2 for 32-bit Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows Server 2012 R2

Solutions

Official Solution

Microsoft has released patches for affected OS versions to fix the latest vulnerabilities. Please install the latest Windows security updates to install the patches or download the patch for individual vulnerabilities from Microsoft's security updates page:

  1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080
  2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112

Timeline

On July 10, 2024, Microsoft released a security update with patches for 141 vulnerabilities, including the Windows Hyper-V Privilege Escalation Vulnerability (CVE-2024-38080) and Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-38112).

On July 10, 2024, Sangfor FarSight Labs released a vulnerability alert.

References

https://msrc.microsoft.com/update-guide/releaseNote/2024-Jul

Listen To This Post

Search

Keyword maximum 256 character

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles

See Other Product

Meet the Author

sangfor building image

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
See Author's Detail