مایکروسافت به روز رسانی سه شنبه های ماه سپتامبر خود را منتشر کرد و 79 آسیب پذیری شامل 4 آسیب پذیری Zero-day را رفع نموده است.
در این به روز رسانی 7 آسیب پذیری حیاتی اجرای کد از راه دور و ارتقای سطح دسترسی نیز رفع شده است.
لیست آسیب پذیری ها در هر دسته به شکل زیر است:
- 30 Elevation of Privilege Vulnerabilities
- 4 Security Feature Bypass Vulnerabilities
- 23 Remote Code Execution Vulnerabilities
- 11 Information Disclosure Vulnerabilities
- 8 Denial of Service Vulnerabilities
- 3 Spoofing Vulnerabilities
چهار آسیب پذیری Zero-day
یکی از 4 آسیب پذیری رفع شده به صورت عمومی افشا شده است.
CVE-2024-38014 – Windows Installer Elevation of Privilege Vulnerability
این آسیب پذیری به مهاجم امکان دسترسی به مجوزهای سطح SYSTEM را میدهد. جزییاتی از این آسیب پذیری توسط مایکروسافت منتشر نشده است.
CVE-2024-38217 – Windows Mark of the Web Security Feature Bypass Vulnerability
این آسیب پذیری ماه قبل به صورت عمومی منتشر شد و بنظر می رسد که از سال 2018 مورد بهره برداری قرار گرفته است.
طبق گزارشات منتشر شده، تکنیکی که LNK stomping نامیده می شود، امکان ایجاد فایل های LNK را با مسیرها یا ساختار داخلی غیراستاندارد فراهم می کند که منجر به باز شدن فایل با بای پس کردن Smart App Control و Mark of the Web Security می شود.
زمانی که مهاجم از این آسیب پذیری بهره برداری می کند، دستور موجود در فایل LNK بدون هشدار امنیتی ای اجرا خواهد شد.
CVE-2024-38226 – Microsoft Publisher Security Feature Bypass Vulnerability
مایکروسافت یک حفره امنیتی Microsoft Publisher را که محافظت های امنیتی را در مستندات دانلود شده دور میزند، رفع نموده است. زمانی که مهاجم از این آسیب پذیری با موفقیت بهره برداری کند، می تواند پالیسی های ماکرو آفیس را که برای مسدود سازی فایل های مخرب و غیرقابل اعتماد بکار می رود را دور بزند.
CVE-2024-43491 – Microsoft Windows Update Remote Code Execution Vulnerability
مایکروسافت یک آسیب پذیری در servicing stack را که منجر به اجرای کد از راه دور می شود را رفع نموده است.
این آسیب پذیری روی ویندوز 10 نسخه 1507 اثر داشته که در سال 2017 نیز دوره آن به پایان رسیده است. همچنین روی ویندوز های 10 نسخه های Enterprise 2015 LTSB و IoT Enterprise 2015 LTSB که هنوز تحت پشتیبانی هستند، نیز وجود دارد.
این آسیب پذیری جالب توجه است چرا که باعث می شود کامپوننت های اختیاری مانند Active Directory Lightweight Directory Services, XPS Viewer, Internet Explorer 11, LPD Print Service و Windows Media Player به نسخه های RTM اصلی خود برگردند.
این اتفاق باعث می شود که تمام CVE قدیمی نیز برگشته و از آنها نیز بهره برداری شود.
آپدیت های جدید سایر شرکتها
- Apache fixes a critical OFBiz remote code execution vulnerability that was a bypass for previously fixed flaws.
- Cisco fixed multiple vulnerabilities this month, including a backdoor admin account in Smart Licensing Utility and a command injection vulnerability in ISE.
- Eucleak attack extracts ECDSA secret keys to clone YubiKey FIDO devices.
- Fortinet released security updates for flaws in Fortisandbox and FortiAnalyzer & FortiManager.
- Google backported a fix for an actively exploited
- Pixel elevation of privileges flaw to other Android devices.
- Ivanti releases security updates for critical vTM auth bypass with public exploit.
- LiteSpeed Cache plugin for WordPress fixes an unauthenticated account takeover issue.
- A SonicWall access control flaw fixed last month is now exploited in ransomware attacks.
- Veeam fixes a critical RCE vulnerability in Backup & Replication software
- Zyxel warned of a critical OS command injection flaw in its routers.
لیست کامل به روز رسانی های ماه سپتامبر 2024 مایکروسافت
| Tag | CVE ID | CVE Title | Severity |
| Azure CycleCloud | CVE-2024-43469 | Azure CycleCloud Remote Code Execution Vulnerability | Important |
| Azure Network Watcher | CVE-2024-38188 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | Important |
| Azure Network Watcher | CVE-2024-43470 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | Important |
| Azure Stack | CVE-2024-38216 | Azure Stack Hub Elevation of Privilege Vulnerability | Critical |
| Azure Stack | CVE-2024-38220 | Azure Stack Hub Elevation of Privilege Vulnerability | Critical |
| Azure Web Apps | CVE-2024-38194 | Azure Web Apps Elevation of Privilege Vulnerability | Critical |
| Dynamics Business Central | CVE-2024-38225 | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | Important |
| Microsoft AutoUpdate (MAU) | CVE-2024-43492 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important |
| Microsoft Dynamics 365 (on-premises) | CVE-2024-43476 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Graphics Component | CVE-2024-38247 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2024-38250 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2024-38249 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Management Console | CVE-2024-38259 | Microsoft Management Console Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2024-43465 | Microsoft Excel Elevation of Privilege Vulnerability | Important |
| Microsoft Office Publisher | CVE-2024-38226 | Microsoft Publisher Security Feature Bypass Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-38227 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-43464 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2024-38018 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2024-38228 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-43466 | Microsoft SharePoint Server Denial of Service Vulnerability | Important |
| Microsoft Office Visio | CVE-2024-43463 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| Microsoft Outlook for iOS | CVE-2024-43482 | Microsoft Outlook for iOS Information Disclosure Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38245 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38241 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38242 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38244 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38243 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38237 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Streaming Service | CVE-2024-38238 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Important |
| Power Automate | CVE-2024-43479 | Microsoft Power Automate Desktop Remote Code Execution Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2024-38235 | Windows Hyper-V Denial of Service Vulnerability | Important |
| SQL Server | CVE-2024-37338 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37980 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important |
| SQL Server | CVE-2024-26191 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37339 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37337 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | Important |
| SQL Server | CVE-2024-26186 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37342 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | Important |
| SQL Server | CVE-2024-43474 | Microsoft SQL Server Information Disclosure Vulnerability | Important |
| SQL Server | CVE-2024-37335 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37966 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | Important |
| SQL Server | CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important |
| SQL Server | CVE-2024-37965 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important |
| SQL Server | CVE-2024-37341 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important |
| Windows Admin Center | CVE-2024-43475 | Microsoft Windows Admin Center Information Disclosure Vulnerability | Important |
| Windows AllJoyn API | CVE-2024-38257 | Microsoft AllJoyn API Information Disclosure Vulnerability | Important |
| Windows Authentication Methods | CVE-2024-38254 | Windows Authentication Information Disclosure Vulnerability | Important |
| Windows DHCP Server | CVE-2024-38236 | DHCP Server Service Denial of Service Vulnerability | Important |
| Windows Installer | CVE-2024-38014 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Kerberos | CVE-2024-38239 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
| Windows Kernel-Mode Drivers | CVE-2024-38256 | Windows Kernel-Mode Driver Information Disclosure Vulnerability | Important |
| Windows Libarchive | CVE-2024-43495 | Windows libarchive Remote Code Execution Vulnerability | Important |
| Windows Mark of the Web (MOTW) | CVE-2024-38217 | Windows Mark of the Web Security Feature Bypass Vulnerability | Important |
| Windows Mark of the Web (MOTW) | CVE-2024-43487 | Windows Mark of the Web Security Feature Bypass Vulnerability | Moderate |
| Windows MSHTML Platform | CVE-2024-43461 | Windows MSHTML Platform Spoofing Vulnerability | Important |
| Windows Network Address Translation (NAT) | CVE-2024-38119 | Windows Network Address Translation (NAT) Remote Code Execution Vulnerability | Critical |
| Windows Network Virtualization | CVE-2024-38232 | Windows Networking Denial of Service Vulnerability | Important |
| Windows Network Virtualization | CVE-2024-38233 | Windows Networking Denial of Service Vulnerability | Important |
| Windows Network Virtualization | CVE-2024-38234 | Windows Networking Denial of Service Vulnerability | Important |
| Windows Network Virtualization | CVE-2024-43458 | Windows Networking Information Disclosure Vulnerability | Important |
| Windows PowerShell | CVE-2024-38046 | PowerShell Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2024-38240 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38231 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38258 | Windows Remote Desktop Licensing Service Information Disclosure Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-43467 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-43454 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38263 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-38260 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Important |
| Windows Remote Desktop Licensing Service | CVE-2024-43455 | Windows Remote Desktop Licensing Service Spoofing Vulnerability | Important |
| Windows Security Zone Mapping | CVE-2024-30073 | Windows Security Zone Mapping Security Feature Bypass Vulnerability | Important |
| Windows Setup and Deployment | CVE-2024-43457 | Windows Setup and Deployment Elevation of Privilege Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2024-38230 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Storage | CVE-2024-38248 | Windows Storage Elevation of Privilege Vulnerability | Important |
| Windows TCP/IP | CVE-2024-21416 | Windows TCP/IP Remote Code Execution Vulnerability | Important |
| Windows TCP/IP | CVE-2024-38045 | Windows TCP/IP Remote Code Execution Vulnerability | Important |
| Windows Update | CVE-2024-43491 | Microsoft Windows Update Remote Code Execution Vulnerability | Critical |
| Windows Win32K – GRFX | CVE-2024-38246 | Win32k Elevation of Privilege Vulnerability | Important |
| Windows Win32K – ICOMP | CVE-2024-38252 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Important |
| Windows Win32K – ICOMP | CVE-2024-38253 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Important |
منبع:
