- 팔로알토 네트웍스, AI 보안 플랫폼 '프리즈마 에어즈' 출시 발표
- Legacy federal government HR systems: A billion dollar problem, says Workday survey
- I held Samsung's super-thin Galaxy S25 Edge, and it made my Ultra model feel outdated
- Verizon will sell you the Samsung Galaxy S25 Edge for free - how the deal works
- AT&T is already discounting the Samsung Galaxy S25 Edge by $1,100 off - how it works
Tripwire Patch Priority Index for June 2024
Tripwire’s June 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.
First on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve use after free, heap buffer overflow, and out of bounds write vulnerabilities
Next on the patch priority list this month are patches for Microsoft Office and Outlook that resolve 4 remote code execution vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, Cryptographic Services, Themes, Winlogon, OLE, RRAS, Container Manager Service, Event Trace Log, and others.
Next up are patches for Visual Studio that resolve remote code execution, elevation of privilege, and Binary Hijack vulnerabilities.
Lastly, administrators should focus on server-side patches for Dynamics 365 and DHCP Server. These patches resolve numerous issues, including remote code execution, information disclosure, elevation of privilege, and denial of service vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Microsoft Edge (Chromium-based) | CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5497, CVE-2024-5498, CVE-2024-5499 |
| Microsoft Office | CVE-2024-30102, CVE-2024-30104, CVE-2024-30101 |
| Microsoft Office Outlook | CVE-2024-30103 |
| Microsoft Windows | CVE-2024-35252, CVE-2023-50868, CVE-2024-35253, CVE-2024-30096, CVE-2024-30063, CVE-2024-30090, CVE-2024-30089, CVE-2024-30100, CVE-2024-30091, CVE-2024-30087, CVE-2024-30082, CVE-2024-30074, CVE-2024-30075, CVE-2024-30065, CVE-2024-30067, CVE-2024-30066, CVE-2024-30085, CVE-2024-30086, CVE-2024-30064, CVE-2024-30068, CVE-2024-30083, CVE-2024-30069, CVE-2024-30080, CVE-2024-30062, CVE-2024-30072, CVE-2024-30077, CVE-2024-35265, CVE-2024-30097, CVE-2024-30094, CVE-2024-30095, CVE-2024-30084, CVE-2024-35250, CVE-2024-30076, CVE-2024-30093, CVE-2024-30078, CVE-2024-30099, CVE-2024-30088 |
| Visual Studio | CVE-2024-29187, CVE-2024-29060, CVE-2024-30052 |
| Microsoft Dynamics | CVE-2024-35263, CVE-2024-35248, CVE-2024-35249 |
| Windows DHCP Server | CVE-2024-30070 |
