- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
VERT Threat Alert: March 2024 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s March 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1097 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
There were no in-the-wild or disclosed CVEs included in the March Patch Tuesday release.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per-tag basis. Vulnerabilities are also color-coded to aid in identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
|
Tag |
CVE Count |
CVEs |
|
Windows Defender |
1 |
CVE-2024-20671 |
|
.NET |
1 |
CVE-2024-21392 |
|
Skype for Consumer |
1 |
CVE-2024-21411 |
|
Software for Open Networking in the Cloud (SONiC) |
1 |
CVE-2024-21418 |
|
Azure SDK |
1 |
CVE-2024-21421 |
|
Microsoft Office SharePoint |
1 |
CVE-2024-21426 |
|
Windows USB Hub Driver |
1 |
CVE-2024-21429 |
|
Windows USB Serial Driver |
1 |
CVE-2024-21430 |
|
Windows AllJoyn API |
1 |
CVE-2024-21438 |
|
Windows Telephony Server |
1 |
CVE-2024-21439 |
|
Microsoft WDAC OLE DB provider for SQL |
5 |
CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 |
|
Windows USB Print Driver |
2 |
CVE-2024-21442, CVE-2024-21445 |
|
Windows Kernel |
8 |
CVE-2024-21443, CVE-2024-26173, CVE-2024-26174, CVE-2024-26176, CVE-2024-26177, CVE-2024-26178, CVE-2024-26181, CVE-2024-26182 |
|
Windows NTFS |
1 |
CVE-2024-21446 |
|
Microsoft WDAC ODBC Driver |
1 |
CVE-2024-21451 |
|
Windows Standards-Based Storage Management Service |
1 |
CVE-2024-26197 |
|
Windows ODBC Driver |
3 |
CVE-2024-26159, CVE-2024-21440, CVE-2024-26162 |
|
Microsoft QUIC |
1 |
CVE-2024-26190 |
|
Microsoft Exchange Server |
1 |
CVE-2024-26198 |
|
Microsoft Office |
1 |
CVE-2024-26199 |
|
Microsoft Intune |
1 |
CVE-2024-26201 |
|
Azure Data Studio |
1 |
CVE-2024-26203 |
|
Microsoft Django Backend for SQL Server |
1 |
CVE-2024-26164 |
|
Open Management Infrastructure |
2 |
CVE-2024-21330, CVE-2024-21334 |
|
Microsoft Authenticator |
1 |
CVE-2024-21390 |
|
Microsoft Azure Kubernetes Service |
1 |
CVE-2024-21400 |
|
Role: Windows Hyper-V |
2 |
CVE-2024-21407, CVE-2024-21408 |
|
Microsoft Dynamics |
1 |
CVE-2024-21419 |
|
Windows Kerberos |
1 |
CVE-2024-21427 |
|
Windows Hypervisor-Protected Code Integrity |
1 |
CVE-2024-21431 |
|
Windows Update Stack |
1 |
CVE-2024-21432 |
|
Windows Print Spooler Components |
1 |
CVE-2024-21433 |
|
Microsoft Windows SCSI Class System File |
1 |
CVE-2024-21434 |
|
Windows OLE |
1 |
CVE-2024-21435 |
|
Windows Installer |
1 |
CVE-2024-21436 |
|
Microsoft Graphics Component |
1 |
CVE-2024-21437 |
|
Microsoft Teams for Android |
1 |
CVE-2024-21448 |
|
Windows Cloud Files Mini Filter Driver |
1 |
CVE-2024-26160 |
|
Windows Error Reporting |
1 |
CVE-2024-26169 |
|
Windows Composite Image File System |
1 |
CVE-2024-26170 |
|
Windows Compressed Folder |
1 |
CVE-2024-26185 |
|
Intel |
1 |
CVE-2023-28746 |
|
Outlook for Android |
1 |
CVE-2024-26204 |
|
Visual Studio Code |
1 |
CVE-2024-26165 |
|
Microsoft Edge for Android |
1 |
CVE-2024-26167 |
|
Microsoft Edge (Chromium-based) |
3 |
CVE-2024-2173, CVE-2024-2174, CVE-2024-2176 |
Other Information
At the time of publication, no new advisories were included with the March Security Guidance.
