- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
Tripwire Patch Priority Index for January 2024
Tripwire’s January 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Apple, Google, and Atlassian.
First on the patch priority list are patches for Apple, Google Chromium V8, and Atlassian Confluence Data Center and Server. These CVEs have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. For Apple, note that CVE-2024-02322 impacts Apple iOS, iPadOS, macOS, tvOS, and watchOS.
Up next are patches for Microsoft Edge (Chromium-based) that resolve use-after-free and buffer overflow vulnerabilities.
Next on the patch priority list this month are patches for Microsoft Office that resolve a remote code execution vulnerability.
Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, Bluetooth Driver, Common Log File System, Cryptographic Services, Remote Desktop Client, Microsoft Message Queuing, Virtual Hard Disk, BitLocker, Libarchive, Windows Subsystem for Linux, and others.
Next up are patches for .NET and Visual Studio that resolve denial of service, security feature bypass, and elevation of privilege vulnerabilities.
Lastly, administrators should focus on server-side patches for SharePoint, SQL Server, and Hyper-V. These patches have several issues, including remote code execution, security feature bypass, and denial of service vulnerabilities.
BULLETIN |
CVE |
---|---|
CVE-2024-23222, CVE-2024-0519, CVE-2023-22527 |
|
CVE-2024-0222, CVE-2024-0223, CVE-2024-0224, CVE-2024-0225 |
|
CVE-2024-20677 |
|
CVE-2024-21325, CVE-2024-21311, CVE-2024-20682, CVE-2024-21307, CVE-2024-20653, CVE-2024-20652, CVE-2024-20694, CVE-2024-21306, CVE-2022-35737, CVE-2024-20691, CVE-2024-21320, CVE-2024-21310, CVE-2024-20686, CVE-2024-20698, CVE-2024-20692, CVE-2024-20687, CVE-2024-20690, CVE-2024-21305, CVE-2024-20681, CVE-2024-21319, CVE-2024-20654, CVE-2024-20697, CVE-2024-20696, CVE-2024-20683, CVE-2024-20674, CVE-2024-21313, CVE-2024-20661, CVE-2024-20660, CVE-2024-20664, CVE-2024-21314, CVE-2024-20663, CVE-2024-20680, CVE-2024-20657, CVE-2024-21316, CVE-2024-21309, CVE-2024-20658, CVE-2024-20666, CVE-2024-20655, CVE-2024-20662 |
|
CVE-2024-21312, CVE-2024-0057, CVE-2024-20672 |
|
CVE-2024-20656 |
|
CVE-2024-21318 |
|
CVE-2024-0056 |
|
CVE-2024-20699, CVE-2024-20700 |