- I opened up a cheap 600W charger to test its build, and found 'goo' inside
- How to negotiate like a pro: 4 secrets to success
- One of the cheapest Android tablets I've ever tested replaced my iPad with no sweat
- I use this cheap Android tablet more than my iPad Pro - and don't regret it
- The LG soundbar made my home audio sound like a theater - even though it's not the newest model
Tripwire Patch Priority Index for May 2024
Tripwire’s June 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe.
First on the list this month is a patch for Microsoft Windows Error Reporting (CVE-2024-26169). This CVE is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.
Next on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve use after free, heap buffer overflow, and spoofing vulnerabilities.
Next on the patch priority list this month is a patch for Microsoft Excel that resolves a remote code execution vulnerability.
Up next are patches for Adobe Reader and Acrobat that resolve arbitrary code execution and memory leak vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 45 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, CLFS, Mobile Broadband, Mark of the Web, DWM Core, MSHTML, RRAS, Bing, NTFS, Cryptographic Services, and others.
Next up are patches for .NET and Visual Studio Code that resolve remote code execution and denial of service vulnerabilities.
Lastly, administrators should focus on server-side patches for SharePoint, Hyper-V, and DHCP. These patches resolve numerous issues, including remote code execution, information disclosure, and denial of service vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Microsoft Error Reporting – KEV | CVE-2024-26169 |
| Microsoft Edge (Chromium-based) | CVE-2024-4331, CVE-2024-4368, CVE-2024-4558, CVE-2024-4559, CVE-2024-4671, CVE-2024-30055 |
| Microsoft Office Excel | CVE-2024-30042 |
| APSB24-29: Adobe Reader and Acrobat | CVE-2024-30284, CVE-2024-30310, CVE-2024-34094, CVE-2024-34095, CVE-2024-34096, CVE-2024-34097, CVE-2024-34098, CVE-2024-34099, CVE-2024-34100, CVE-2024-30311, CVE-2024-30312, CVE-2024-34101 |
| Microsoft Windows | CVE-2024-30007, CVE-2024-30016, CVE-2024-30020, CVE-2024-29996, CVE-2024-30025, CVE-2024-30037, CVE-2024-29999, CVE-2024-29998, CVE-2024-30012, CVE-2024-29997, CVE-2024-30001, CVE-2024-30005, CVE-2024-30004, CVE-2024-30003, CVE-2024-30002, CVE-2024-30000, CVE-2024-30021, CVE-2024-30050, CVE-2024-30034, CVE-2024-30030, CVE-2024-30018, CVE-2024-30051, CVE-2024-30035, CVE-2024-30032, CVE-2024-30008, CVE-2024-30033, CVE-2024-30039, CVE-2024-29994, CVE-2024-30038, CVE-2024-30028, CVE-2024-30049, CVE-2024-30040, CVE-2024-30054, CVE-2024-30006, CVE-2024-30031, CVE-2024-30014, CVE-2024-30015, CVE-2024-30023, CVE-2024-30022, CVE-2024-30029, CVE-2024-30024, CVE-2024-30009, CVE-2024-30041, CVE-2024-30036, CVE-2024-26238, CVE-2024-30027 |
| .NET and Visual Studio | CVE-2024-30045, CVE-2024-32002, CVE-2024-32004, CVE-2024-30046 |
| Windows DHCP Server | CVE-2024-30019 |
| Microsoft Office SharePoint | CVE-2024-30043, CVE-2024-30044 |
| Windows Hyper-V | CVE-2024-30011, CVE-2024-30010, CVE-2024-30017 |
