- 세일즈포스 "제조업종도 AI 시대로 진입··· 80%가 실험 중"
- "기밀 VM의 빈틈을 메운다" 마이크로소프트의 오픈소스 파라바이저 '오픈HCL'란?
- The best early Black Friday AirPods deals: Shop early deals
- The 19 best Black Friday headphone deals 2024: Early sales live now
- I tested the iPad Mini 7 for a week, and its the ultraportable tablet to beat at $100 off
Tripwire Patch Priority Index for January 2024
Tripwire’s January 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Apple, Google, and Atlassian.
First on the patch priority list are patches for Apple, Google Chromium V8, and Atlassian Confluence Data Center and Server. These CVEs have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. For Apple, note that CVE-2024-02322 impacts Apple iOS, iPadOS, macOS, tvOS, and watchOS.
Up next are patches for Microsoft Edge (Chromium-based) that resolve use-after-free and buffer overflow vulnerabilities.
Next on the patch priority list this month are patches for Microsoft Office that resolve a remote code execution vulnerability.
Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, Bluetooth Driver, Common Log File System, Cryptographic Services, Remote Desktop Client, Microsoft Message Queuing, Virtual Hard Disk, BitLocker, Libarchive, Windows Subsystem for Linux, and others.
Next up are patches for .NET and Visual Studio that resolve denial of service, security feature bypass, and elevation of privilege vulnerabilities.
Lastly, administrators should focus on server-side patches for SharePoint, SQL Server, and Hyper-V. These patches have several issues, including remote code execution, security feature bypass, and denial of service vulnerabilities.
BULLETIN |
CVE |
---|---|
CVE-2024-23222, CVE-2024-0519, CVE-2023-22527 |
|
CVE-2024-0222, CVE-2024-0223, CVE-2024-0224, CVE-2024-0225 |
|
CVE-2024-20677 |
|
CVE-2024-21325, CVE-2024-21311, CVE-2024-20682, CVE-2024-21307, CVE-2024-20653, CVE-2024-20652, CVE-2024-20694, CVE-2024-21306, CVE-2022-35737, CVE-2024-20691, CVE-2024-21320, CVE-2024-21310, CVE-2024-20686, CVE-2024-20698, CVE-2024-20692, CVE-2024-20687, CVE-2024-20690, CVE-2024-21305, CVE-2024-20681, CVE-2024-21319, CVE-2024-20654, CVE-2024-20697, CVE-2024-20696, CVE-2024-20683, CVE-2024-20674, CVE-2024-21313, CVE-2024-20661, CVE-2024-20660, CVE-2024-20664, CVE-2024-21314, CVE-2024-20663, CVE-2024-20680, CVE-2024-20657, CVE-2024-21316, CVE-2024-21309, CVE-2024-20658, CVE-2024-20666, CVE-2024-20655, CVE-2024-20662 |
|
CVE-2024-21312, CVE-2024-0057, CVE-2024-20672 |
|
CVE-2024-20656 |
|
CVE-2024-21318 |
|
CVE-2024-0056 |
|
CVE-2024-20699, CVE-2024-20700 |