پشتیبانی 24/7 :

031-36691964 | 021-88203003

جستجو

انتشار آپدیت امنیتی ماه May 2024 مایکروسافت و رفع سه آسیب پذیری Zero-day

تیتر مطالب

مایکروسافت آپدیت امنیتی سه شنبه هر ماه خود را برای ماه May منتشر کرده و 61 آسیب پذیری شامل سه آسیب پذیری Zero-day را رفع نموده است. این به روز رسانی شامل رفع یک آسیب پذیری حیاتی اجرای کد از راه دور در Microsoft SharePoint Server نیز می باشد.
تعداد آسیب پذیری ها در هر دسته به صورت زیر است:

• 17 Elevation of Privilege Vulnerabilities
• 2 Security Feature Bypass Vulnerabilities
• 27 Remote Code Execution Vulnerabilities
• 7 Information Disclosure Vulnerabilities
• 3 Denial of Service Vulnerabilities
• 4 Spoofing Vulnerabilities

آسیب پذیری های Zero-day

این ماه دو آسیب پذیری Zero-day که مورد بهره برداری قرار گرفته و یک آسیب پذیری Zero-day که به صورت عمومی افشا شده، توسط مایکروسافت رفع شده اند.

CVE-2024-30040 – Windows MSHTML Platform Security Feature Bypass Vulnerability

این آسیب پذیری که به صورت فعال مورد بهره برداری قرار گرفته است OLEها را دور می زند، رفع شده و به مایکروسافت 365 وآفیس برای حفاظت از کاربران در برابر کنترل های COM/OLE اضافه شده است.
برای بهره برداری از این آسیب پذیری لازم است کاربر فایل مخرب مورد نظر مهاجم را روی سیستم آسیب پذیر بارگذاری کند. در صورت موفقیت آمیز بودن این اقدام مهاجم می تواند کد دلخواه خود را اجرا نماید.

CVE-2024-30051 – Windows DWM Core Library Elevation of Privilege Vulnerability

این آسیب پذیری نیز مورد بهره برداری قرار گرفته و یک حفره امنیتی در Windows DWM Core Library است که در صورت بهره برداری موفق از آن، امکان رسیدن به مجوزهای SYSTEM برای مهاجم وجود دارد.
به گفته کسپرسکی حملات فیشینگ بدافزار Qakbot اخیر برای به دست آوردن مجوزهای SYSTEM از همین آسیب پذیری، بهره برداری می کند.
 آسیب پذیری دیگری نیز با شماره CVE-2024-30046 نیز در Microsoft Visual Studio ردگیری شده است که به صورت عمومی افشا شده است.

به روز رسانی های امنیتی این ماه سایر شرکتها:

* Adobe has released security updates for After Effects, Photoshop, Commerce, InDesign, and more.
* Apple backported an RTKit zero-day to older devices and fixed a Safari WebKit zero-day flaw exploited at Pwn2Own.
* Cisco released security updates for its IP phone products.
* Citrix urged Xencenter admins to manually fix Putty flaw, which can be used to steal an admin’s private SSH key.
* F5 releases security updates for two high-severity BIG-IP Next Central Manager API flaws.
* Google released an emergency update to fix the sixth zero-day of 2024.
* TinyProxy fixes a critical remote code execution flaw that was disclosed by Cisco.
* VMware fixes three zero-day bugs exploited at Pwn2Own 2024.

 لیست کامل به روز رسانی این ماه مایکروسافت
Tag CVE ID CVE Title Severity
.NET and Visual Studio CVE-2024-30045 .NET and Visual Studio Remote Code Execution Vulnerability Important
Azure Migrate CVE-2024-30053 Azure Migrate Cross-Site Scripting Vulnerability Important
Microsoft Bing CVE-2024-30041 Microsoft Bing Search Spoofing Vulnerability Important
Microsoft Brokering File System CVE-2024-30007 Microsoft Brokering File System Elevation of Privilege Vulnerability Important
Microsoft Dynamics 365 Customer Insights CVE-2024-30048 Dynamics 365 Customer Insights Spoofing Vulnerability Important
Microsoft Dynamics 365 Customer Insights CVE-2024-30047 Dynamics 365 Customer Insights Spoofing Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2024-4558 Chromium: CVE-2024-4558 Use after free in ANGLE Unknown
Microsoft Edge (Chromium-based) CVE-2024-4331 Chromium: CVE-2024-4331 Use after free in Picture In Picture Unknown
Microsoft Edge (Chromium-based) CVE-2024-4671 Chromium: CVE-2024-4671 Use after free in Visuals Unknown
Microsoft Edge (Chromium-based) CVE-2024-30055 Microsoft Edge (Chromium-based) Spoofing Vulnerability Low
Microsoft Edge (Chromium-based) CVE-2024-4368 Chromium: CVE-2024-4368 Use after free in Dawn Unknown
Microsoft Edge (Chromium-based) CVE-2024-4559 Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio Unknown
Microsoft Intune CVE-2024-30059 Microsoft Intune for Android Mobile Application Management Tampering Vulnerability Important
Microsoft Office Excel CVE-2024-30042 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical
Microsoft Office SharePoint CVE-2024-30043 Microsoft SharePoint Server Information Disclosure Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2024-30006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Microsoft Windows SCSI Class System File CVE-2024-29994 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability Important
Microsoft Windows Search Component CVE-2024-30033 Windows Search Service Elevation of Privilege Vulnerability Important
Power BI CVE-2024-30054 Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability Important
Visual Studio CVE-2024-30046 Visual Studio Denial of Service Vulnerability Important
Visual Studio CVE-2024-32004 GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories Important
Visual Studio CVE-2024-32002 CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution Important
Windows Cloud Files Mini Filter Driver CVE-2024-30034 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Important
Windows CNG Key Isolation Service CVE-2024-30031 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2024-29996 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2024-30037 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2024-30025 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Cryptographic Services CVE-2024-30020 Windows Cryptographic Services Remote Code Execution Vulnerability Important
Windows Cryptographic Services CVE-2024-30016 Windows Cryptographic Services Information Disclosure Vulnerability Important
Windows Deployment Services CVE-2024-30036 Windows Deployment Services Information Disclosure Vulnerability Important
Windows DHCP Server CVE-2024-30019 DHCP Server Service Denial of Service Vulnerability Important
Windows DWM Core Library CVE-2024-30008 Windows DWM Core Library Information Disclosure Vulnerability Important
Windows DWM Core Library CVE-2024-30051 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2024-30035 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2024-30032 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows Hyper-V CVE-2024-30011 Windows Hyper-V Denial of Service Vulnerability Important
Windows Hyper-V CVE-2024-30017 Windows Hyper-V Remote Code Execution Vulnerability Important
Windows Hyper-V CVE-2024-30010 Windows Hyper-V Remote Code Execution Vulnerability Important
Windows Kernel CVE-2024-30018 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Mark of the Web (MOTW) CVE-2024-30050 Windows Mark of the Web Security Feature Bypass Vulnerability Moderate
Windows Mobile Broadband CVE-2024-30002 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-29997 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-30003 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-30012 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-29999 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-29998 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-30000 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-30005 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-30004 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-30021 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2024-30001 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important
Windows MSHTML Platform CVE-2024-30040 Windows MSHTML Platform Security Feature Bypass Vulnerability Important
Windows NTFS CVE-2024-30027 NTFS Elevation of Privilege Vulnerability Important
Windows Remote Access Connection Manager CVE-2024-30039 Windows Remote Access Connection Manager Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-30009 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-30024 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-30015 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-30029 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-30023 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-30014 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-30022 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Task Scheduler CVE-2024-26238 Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability Important
Windows Win32K – GRFX CVE-2024-30030 Win32k Elevation of Privilege Vulnerability Important
Windows Win32K – ICOMP CVE-2024-30038 Win32k Elevation of Privilege Vulnerability Important
Windows Win32K – ICOMP CVE-2024-30049 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Important
Windows Win32K – ICOMP CVE-2024-30028 Win32k Elevation of Privilege Vulnerability Important
 

منبع:

https://msrc.microsoft.com

https://www.bleepingcomputer.com