- I recommend the Pixel 9 to most people looking to upgrade - especially while it's $250 off
- Google's viral research assistant just got its own app - here's how it can help you
- Sony will give you a free 55-inch 4K TV right now - but this is the last day to qualify
- I've used virtually every Linux distro, but this one has a fresh perspective
- The 7 gadgets I never travel without (and why they make such a big difference)
VERT Threat Alert: March 2024 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s March 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1097 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
There were no in-the-wild or disclosed CVEs included in the March Patch Tuesday release.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per-tag basis. Vulnerabilities are also color-coded to aid in identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
|
Tag |
CVE Count |
CVEs |
|
Windows Defender |
1 |
CVE-2024-20671 |
|
.NET |
1 |
CVE-2024-21392 |
|
Skype for Consumer |
1 |
CVE-2024-21411 |
|
Software for Open Networking in the Cloud (SONiC) |
1 |
CVE-2024-21418 |
|
Azure SDK |
1 |
CVE-2024-21421 |
|
Microsoft Office SharePoint |
1 |
CVE-2024-21426 |
|
Windows USB Hub Driver |
1 |
CVE-2024-21429 |
|
Windows USB Serial Driver |
1 |
CVE-2024-21430 |
|
Windows AllJoyn API |
1 |
CVE-2024-21438 |
|
Windows Telephony Server |
1 |
CVE-2024-21439 |
|
Microsoft WDAC OLE DB provider for SQL |
5 |
CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 |
|
Windows USB Print Driver |
2 |
CVE-2024-21442, CVE-2024-21445 |
|
Windows Kernel |
8 |
CVE-2024-21443, CVE-2024-26173, CVE-2024-26174, CVE-2024-26176, CVE-2024-26177, CVE-2024-26178, CVE-2024-26181, CVE-2024-26182 |
|
Windows NTFS |
1 |
CVE-2024-21446 |
|
Microsoft WDAC ODBC Driver |
1 |
CVE-2024-21451 |
|
Windows Standards-Based Storage Management Service |
1 |
CVE-2024-26197 |
|
Windows ODBC Driver |
3 |
CVE-2024-26159, CVE-2024-21440, CVE-2024-26162 |
|
Microsoft QUIC |
1 |
CVE-2024-26190 |
|
Microsoft Exchange Server |
1 |
CVE-2024-26198 |
|
Microsoft Office |
1 |
CVE-2024-26199 |
|
Microsoft Intune |
1 |
CVE-2024-26201 |
|
Azure Data Studio |
1 |
CVE-2024-26203 |
|
Microsoft Django Backend for SQL Server |
1 |
CVE-2024-26164 |
|
Open Management Infrastructure |
2 |
CVE-2024-21330, CVE-2024-21334 |
|
Microsoft Authenticator |
1 |
CVE-2024-21390 |
|
Microsoft Azure Kubernetes Service |
1 |
CVE-2024-21400 |
|
Role: Windows Hyper-V |
2 |
CVE-2024-21407, CVE-2024-21408 |
|
Microsoft Dynamics |
1 |
CVE-2024-21419 |
|
Windows Kerberos |
1 |
CVE-2024-21427 |
|
Windows Hypervisor-Protected Code Integrity |
1 |
CVE-2024-21431 |
|
Windows Update Stack |
1 |
CVE-2024-21432 |
|
Windows Print Spooler Components |
1 |
CVE-2024-21433 |
|
Microsoft Windows SCSI Class System File |
1 |
CVE-2024-21434 |
|
Windows OLE |
1 |
CVE-2024-21435 |
|
Windows Installer |
1 |
CVE-2024-21436 |
|
Microsoft Graphics Component |
1 |
CVE-2024-21437 |
|
Microsoft Teams for Android |
1 |
CVE-2024-21448 |
|
Windows Cloud Files Mini Filter Driver |
1 |
CVE-2024-26160 |
|
Windows Error Reporting |
1 |
CVE-2024-26169 |
|
Windows Composite Image File System |
1 |
CVE-2024-26170 |
|
Windows Compressed Folder |
1 |
CVE-2024-26185 |
|
Intel |
1 |
CVE-2023-28746 |
|
Outlook for Android |
1 |
CVE-2024-26204 |
|
Visual Studio Code |
1 |
CVE-2024-26165 |
|
Microsoft Edge for Android |
1 |
CVE-2024-26167 |
|
Microsoft Edge (Chromium-based) |
3 |
CVE-2024-2173, CVE-2024-2174, CVE-2024-2176 |
Other Information
At the time of publication, no new advisories were included with the March Security Guidance.
