- Trump taps Sriram Krishnan for AI advisor role amid strategic shift in tech policy
- Interpol Identifies Over 140 Human Traffickers in New Initiative
- 5 network automation startups to watch
- 4 Security Controls Keeping Up with the Evolution of IT Environments
- ICO Warns of Festive Mobile Phone Privacy Snafu
Tripwire Patch Priority Index for May 2024
Tripwire’s June 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe.
First on the list this month is a patch for Microsoft Windows Error Reporting (CVE-2024-26169). This CVE is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.
Next on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve use after free, heap buffer overflow, and spoofing vulnerabilities.
Next on the patch priority list this month is a patch for Microsoft Excel that resolves a remote code execution vulnerability.
Up next are patches for Adobe Reader and Acrobat that resolve arbitrary code execution and memory leak vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 45 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, CLFS, Mobile Broadband, Mark of the Web, DWM Core, MSHTML, RRAS, Bing, NTFS, Cryptographic Services, and others.
Next up are patches for .NET and Visual Studio Code that resolve remote code execution and denial of service vulnerabilities.
Lastly, administrators should focus on server-side patches for SharePoint, Hyper-V, and DHCP. These patches resolve numerous issues, including remote code execution, information disclosure, and denial of service vulnerabilities.
BULLETIN | CVE |
---|---|
Microsoft Error Reporting – KEV | CVE-2024-26169 |
Microsoft Edge (Chromium-based) | CVE-2024-4331, CVE-2024-4368, CVE-2024-4558, CVE-2024-4559, CVE-2024-4671, CVE-2024-30055 |
Microsoft Office Excel | CVE-2024-30042 |
APSB24-29: Adobe Reader and Acrobat | CVE-2024-30284, CVE-2024-30310, CVE-2024-34094, CVE-2024-34095, CVE-2024-34096, CVE-2024-34097, CVE-2024-34098, CVE-2024-34099, CVE-2024-34100, CVE-2024-30311, CVE-2024-30312, CVE-2024-34101 |
Microsoft Windows | CVE-2024-30007, CVE-2024-30016, CVE-2024-30020, CVE-2024-29996, CVE-2024-30025, CVE-2024-30037, CVE-2024-29999, CVE-2024-29998, CVE-2024-30012, CVE-2024-29997, CVE-2024-30001, CVE-2024-30005, CVE-2024-30004, CVE-2024-30003, CVE-2024-30002, CVE-2024-30000, CVE-2024-30021, CVE-2024-30050, CVE-2024-30034, CVE-2024-30030, CVE-2024-30018, CVE-2024-30051, CVE-2024-30035, CVE-2024-30032, CVE-2024-30008, CVE-2024-30033, CVE-2024-30039, CVE-2024-29994, CVE-2024-30038, CVE-2024-30028, CVE-2024-30049, CVE-2024-30040, CVE-2024-30054, CVE-2024-30006, CVE-2024-30031, CVE-2024-30014, CVE-2024-30015, CVE-2024-30023, CVE-2024-30022, CVE-2024-30029, CVE-2024-30024, CVE-2024-30009, CVE-2024-30041, CVE-2024-30036, CVE-2024-26238, CVE-2024-30027 |
.NET and Visual Studio | CVE-2024-30045, CVE-2024-32002, CVE-2024-32004, CVE-2024-30046 |
Windows DHCP Server | CVE-2024-30019 |
Microsoft Office SharePoint | CVE-2024-30043, CVE-2024-30044 |
Windows Hyper-V | CVE-2024-30011, CVE-2024-30010, CVE-2024-30017 |