В этом месяце Microsoft устранила 73 бреши, среди которых есть две уязвимости нулевого дня (0-day) — они уже используются в кибератаках. В целом февральский набор патчей рекомендуется установить как можно скорее.
Пять устранённых проблем получили статус критических, включая DoS-баг, возможность удалённого выполнения кода, раскрытия информации и повышения привилегий.
Количественно по классам уязвимости в этом месяце распределились так:
- 16 проблем повышения привилегий.
- 3 обхода защитных функций.
- 30 багов удалённого выполнения кода.
- 5 дыр раскрытия информации.
- 9 — DoS.
- 10 — спуфинг.
Две 0-day получили следующие идентификаторы:
- CVE-2024-21351 — возможность обхода защитной функции Windows SmartScreen. Злоумышленники подсовывают жертвам специальный файл и заставляют запустить его, эксплуатируя таким образом брешь.
- CVE-2024-21412 — уязвимость позволяет обойти предупреждения Mark of the Web (MoTW) в Windows с помощью веб-ярлыка. Для эксплуатации киберпреступник также должен отправить жертве специально подготовленный файл.
Полный список пропатченных дыр приводим ниже:
Затронутый компонент | Идентификатор CVE | Название CVE | Степень риска |
.NET | CVE-2024-21386 | .NET Denial of Service Vulnerability | Важная |
.NET | CVE-2024-21404 | .NET Denial of Service Vulnerability | Важная |
Azure Active Directory | CVE-2024-21401 | Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | Важная |
Azure Active Directory | CVE-2024-21381 | Microsoft Azure Active Directory B2C Spoofing Vulnerability | Важная |
Azure Connected Machine Agent | CVE-2024-21329 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Важная |
Azure DevOps | CVE-2024-20667 | Azure DevOps Server Remote Code Execution Vulnerability | Важная |
Azure File Sync | CVE-2024-21397 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Важная |
Azure Site Recovery | CVE-2024-21364 | Microsoft Azure Site Recovery Elevation of Privilege Vulnerability | Средняя |
Azure Stack | CVE-2024-20679 | Azure Stack Hub Spoofing Vulnerability | Важная |
Internet Shortcut Files | CVE-2024-21412 | Internet Shortcut Files Security Feature Bypass Vulnerability | Важная |
Mariner | CVE-2024-21626 | Неизвестно | Неизвестно |
Microsoft ActiveX | CVE-2024-21349 | Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | Важная |
Microsoft Azure Kubernetes Service | CVE-2024-21403 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | Важная |
Microsoft Azure Kubernetes Service | CVE-2024-21376 | Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability | Важная |
Microsoft Defender for Endpoint | CVE-2024-21315 | Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability | Важная |
Microsoft Dynamics | CVE-2024-21393 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Важная |
Microsoft Dynamics | CVE-2024-21389 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Важная |
Microsoft Dynamics | CVE-2024-21395 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Важная |
Microsoft Dynamics | CVE-2024-21380 | Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | Критическая |
Microsoft Dynamics | CVE-2024-21328 | Dynamics 365 Sales Spoofing Vulnerability | Важная |
Microsoft Dynamics | CVE-2024-21394 | Dynamics 365 Field Service Spoofing Vulnerability | Важная |
Microsoft Dynamics | CVE-2024-21396 | Dynamics 365 Sales Spoofing Vulnerability | Важная |
Microsoft Dynamics | CVE-2024-21327 | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | Важная |
Microsoft Edge (Chromium-based) | CVE-2024-1284 | Chromium: CVE-2024-1284 Use after free in Mojo | Неизвестно |
Microsoft Edge (Chromium-based) | CVE-2024-21399 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Средняя |
Microsoft Edge (Chromium-based) | CVE-2024-1060 | Chromium: CVE-2024-1060 Use after free in Canvas | Неизвестно |
Microsoft Edge (Chromium-based) | CVE-2024-1077 | Chromium: CVE-2024-1077 Use after free in Network | Неизвестно |
Microsoft Edge (Chromium-based) | CVE-2024-1283 | Chromium: CVE-2024-1283 Heap buffer overflow in Skia | Неизвестно |
Microsoft Edge (Chromium-based) | CVE-2024-1059 | Chromium: CVE-2024-1059 Use after free in WebRTC | Неизвестно |
Microsoft Exchange Server | CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Критическая |
Microsoft Office | CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability | Критическая |
Microsoft Office | CVE-2024-20673 | Microsoft Office Remote Code Execution Vulnerability | Важная |
Microsoft Office OneNote | CVE-2024-21384 | Microsoft Office OneNote Remote Code Execution Vulnerability | Важная |
Microsoft Office Outlook | CVE-2024-21378 | Microsoft Outlook Remote Code Execution Vulnerability | Важная |
Microsoft Office Outlook | CVE-2024-21402 | Microsoft Outlook Elevation of Privilege Vulnerability | Важная |
Microsoft Office Word | CVE-2024-21379 | Microsoft Word Remote Code Execution Vulnerability | Важная |
Microsoft Teams for Android | CVE-2024-21374 | Microsoft Teams for Android Information Disclosure | Важная |
Microsoft WDAC ODBC Driver | CVE-2024-21353 | Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21370 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21350 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21368 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21359 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21365 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21367 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21420 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21366 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21369 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21375 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21361 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21358 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21391 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21360 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft WDAC OLE DB provider for SQL | CVE-2024-21352 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Важная |
Microsoft Windows | CVE-2024-21406 | Windows Printing Service Spoofing Vulnerability | Важная |
Microsoft Windows DNS | CVE-2024-21377 | Windows DNS Information Disclosure Vulnerability | Важная |
Role: DNS Server | CVE-2023-50387 | MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers | Важная |
Role: DNS Server | CVE-2024-21342 | Windows DNS Client Denial of Service Vulnerability | Важная |
Skype for Business | CVE-2024-20695 | Skype for Business Information Disclosure Vulnerability | Важная |
SQL Server | CVE-2024-21347 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Важная |
Trusted Compute Base | CVE-2024-21304 | Trusted Compute Base Elevation of Privilege Vulnerability | Важная |
Windows Hyper-V | CVE-2024-20684 | Windows Hyper-V Denial of Service Vulnerability | Критическая |
Windows Internet Connection Sharing (ICS) | CVE-2024-21343 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | Важная |
Windows Internet Connection Sharing (ICS) | CVE-2024-21348 | Internet Connection Sharing (ICS) Denial of Service Vulnerability | Важная |
Windows Internet Connection Sharing (ICS) | CVE-2024-21357 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Критическая |
Windows Internet Connection Sharing (ICS) | CVE-2024-21344 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | Важная |
Windows Kernel | CVE-2024-21371 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
Windows Kernel | CVE-2024-21338 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
Windows Kernel | CVE-2024-21341 | Windows Kernel Remote Code Execution Vulnerability | Важная |
Windows Kernel | CVE-2024-21345 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
Windows Kernel | CVE-2024-21362 | Windows Kernel Security Feature Bypass Vulnerability | Важная |
Windows Kernel | CVE-2024-21340 | Windows Kernel Information Disclosure Vulnerability | Важная |
Windows LDAP - Lightweight Directory Access Protocol | CVE-2024-21356 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Важная |
Windows Message Queuing | CVE-2024-21363 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Важная |
Windows Message Queuing | CVE-2024-21355 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Важная |
Windows Message Queuing | CVE-2024-21405 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Важная |
Windows Message Queuing | CVE-2024-21354 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Важная |
Windows OLE | CVE-2024-21372 | Windows OLE Remote Code Execution Vulnerability | Важная |
Windows SmartScreen | CVE-2024-21351 | Windows SmartScreen Security Feature Bypass Vulnerability | Средняя |
Windows USB Serial Driver | CVE-2024-21339 | Windows USB Generic Parent Driver Remote Code Execution Vulnerability | Важная |
Windows Win32K - ICOMP | CVE-2024-21346 | Win32k Elevation of Privilege Vulnerability | Важная |