Tripwire Patch Priority Index for September 2024


Tripwire’s September 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.

First on the list are patches for Microsoft Excel, Visio, and Publisher that resolve remote code execution, elevation of privilege, and security feature bypass vulnerabilities.

Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, Win32k, Mark of the Web, Kernel serversStreaming Service Driver, Networking, Graphics Component, MSHTML, TCP/IP, and others.

Lastly, administrators should focus on server-side patches for Windows Remote Desktop Licensing Service, SQL Server, Admin Center, SharePoint, Dynamics, Hyper-V, and DHCP server. These patches resolve cross-site scripting, information disclosure, denial of service, remote code execution, and elevation of privilege vulnerabilities.

BULLETIN CVE
Microsoft Office Excel CVE-2024-43465
Microsoft Office Visio CVE-2024-43463
Microsoft Office Publisher CVE-2024-38226
Windows CVE-2024-43479, CVE-2024-43457, CVE-2024-38014, CVE-2024-38238, CVE-2024-38245, CVE-2024-38243, CVE-2024-38241, CVE-2024-38242, CVE-2024-38244, CVE-2024-38237, CVE-2024-43492, CVE-2024-38259, CVE-2024-38217, CVE-2024-43487, CVE-2024-38046, CVE-2024-38234, CVE-2024-38233, CVE-2024-38232, CVE-2024-43458, CVE-2024-38250, CVE-2024-38249, CVE-2024-38247, CVE-2024-38246, CVE-2024-38240, CVE-2024-38230, CVE-2024-38252, CVE-2024-38253, CVE-2024-38119, CVE-2024-43461, CVE-2024-38257, CVE-2024-43495, CVE-2024-30073, CVE-2024-38254, CVE-2024-38045, CVE-2024-21416, CVE-2024-38239, CVE-2024-38256, CVE-2024-38248, CVE-2024-43491
Windows Remote Desktop Licensing Service CVE-2024-38231, CVE-2024-38258, CVE-2024-43467, CVE-2024-38263, CVE-2024-38260, CVE-2024-43454, CVE-2024-43455
SQL Server CVE-2024-37965, CVE-2024-37980, CVE-2024-37341, CVE-2024-43474, CVE-2024-37966, CVE-2024-37337, CVE-2024-37342, CVE-2024-37338, CVE-2024-37339, CVE-2024-37335, CVE-2024-26186, CVE-2024-37340, CVE-2024-26191
Windows Admin Center CVE-2024-43475
Microsoft Office SharePoint CVE-2024-43466, CVE-2024-43464, CVE-2024-38227, CVE-2024-38018, CVE-2024-38228
Dynamics Business Central CVE-2024-38225
Microsoft Dynamics 365 (on-premises) CVE-2024-43476
Role: Windows Hyper-V CVE-2024-38235
Windows DHCP Server CVE-2024-38236

 



Source link