Октябрьские патчи от Microsoft закрывают 118 дыр, пять из которых — 0-day

Октябрьские патчи от Microsoft закрывают 118 дыр, пять из которых — 0-day

Октябрьские обновления от Microsoft принесли патчи в общей сложности для 118 уязвимостей. Пять брешей получили статус 0-day, поскольку для них уже доступны рабочие эксплойты.

Согласно сообщениям исследователей, две уязвимости из октябрьского набора активно эксплуатируются в реальных кибератаках. Кроме того, три бреши получили статус критических, так как приводят к удалённому выполнению кода.

По типам проблемы распределились следующим образом:

  • 28 багов повышения прав;
  • 7 возможностей обхода защитных функций;
  • 43 уязвимости, позволяющие выполнить код удалённо;
  • 6 багов раскрытия информации;
  • 26 — DoS;
  • 7 возможностей спуфинга.

Что касается уязвимостей нулевого дня, они получили следующие идентификаторы:

  1. CVE-2024-43573 — возможность спуфинга, затрагивающая платформу Windows MSHTML. Microsoft пока не раскрывает подробности эксплуатации этой бреши.
  2. CVE-2024-43572 — удалённое выполнение кода в Microsoft Management Console. С помощью вредоносных файлов в формате Microsoft Saved Console (MSC) злоумышленники могут выполнить код на целевых устройствах.
  3. CVE-2024-6197 — тоже RCE, но на этот раз затрагивающая Curl. В уведомлении разработчиков отмечается, что вредоносный сервер может использовать брешь с помощью специально подготовленного TLS-сертификата.
  4. CVE-2024-20659 — обход защитных функций в Windows Hyper-V. В случае эксплуатации допускает компрометацию гипервизора и ядра.
  5. CVE-2024-43583 — повышение прав в Windows, открывающее атакующим привилегии уровня SYSTEM.

Список всех октябрьских уязвимостей выглядит так:

Затронутый компонентИдентификатор CVEНазвание CVEУровень риска
.NET and Visual StudioCVE-2024-38229.NET and Visual Studio Remote Code Execution VulnerabilityВажная
.NET and Visual StudioCVE-2024-43485.NET and Visual Studio Denial of Service VulnerabilityВажная
.NET, .NET Framework, Visual StudioCVE-2024-43484.NET, .NET Framework, and Visual Studio Denial of Service VulnerabilityВажная
.NET, .NET Framework, Visual StudioCVE-2024-43483.NET, .NET Framework, and Visual Studio Denial of Service VulnerabilityВажная
Azure CLICVE-2024-43591Azure Command Line Integration (CLI) Elevation of Privilege VulnerabilityВажная
Azure MonitorCVE-2024-38097Azure Monitor Agent Elevation of Privilege VulnerabilityВажная
Azure StackCVE-2024-38179Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege VulnerabilityВажная
BranchCacheCVE-2024-43506BranchCache Denial of Service VulnerabilityВажная
BranchCacheCVE-2024-38149BranchCache Denial of Service VulnerabilityВажная
Code Integrity GuardCVE-2024-43585Code Integrity Guard Security Feature Bypass VulnerabilityВажная
DeepSpeedCVE-2024-43497DeepSpeed Remote Code Execution VulnerabilityВажная
Internet Small Computer Systems Interface (iSCSI)CVE-2024-43515Internet Small Computer Systems Interface (iSCSI) Denial of Service VulnerabilityВажная
Microsoft ActiveXCVE-2024-43517Microsoft ActiveX Data Objects Remote Code Execution VulnerabilityВажная
Microsoft Configuration ManagerCVE-2024-43468Microsoft Configuration Manager Remote Code Execution VulnerabilityКритическая
Microsoft Defender for EndpointCVE-2024-43614Microsoft Defender for Endpoint for Linux Spoofing VulnerabilityВажная
Microsoft Edge (Chromium-based)CVE-2024-9369Chromium: CVE-2024-9369 Insufficient data validation in MojoНеизвестно
Microsoft Edge (Chromium-based)CVE-2024-9370Chromium: CVE-2024-9370 Inappropriate implementation in V8Неизвестно
Microsoft Edge (Chromium-based)CVE-2024-7025Chromium: CVE-2024-7025 Integer overflow in LayoutНеизвестно
Microsoft Graphics ComponentCVE-2024-43534Windows Graphics Component Information Disclosure VulnerabilityВажная
Microsoft Graphics ComponentCVE-2024-43508Windows Graphics Component Information Disclosure VulnerabilityВажная
Microsoft Graphics ComponentCVE-2024-43556Windows Graphics Component Elevation of Privilege VulnerabilityВажная
Microsoft Graphics ComponentCVE-2024-43509Windows Graphics Component Elevation of Privilege VulnerabilityВажная
Microsoft Management ConsoleCVE-2024-43572Microsoft Management Console Remote Code Execution VulnerabilityВажная
Microsoft OfficeCVE-2024-43616Microsoft Office Remote Code Execution VulnerabilityВажная
Microsoft OfficeCVE-2024-43576Microsoft Office Remote Code Execution VulnerabilityВажная
Microsoft OfficeCVE-2024-43609Microsoft Office Spoofing VulnerabilityВажная
Microsoft Office ExcelCVE-2024-43504Microsoft Excel Remote Code Execution VulnerabilityВажная
Microsoft Office SharePointCVE-2024-43503Microsoft SharePoint Elevation of Privilege VulnerabilityВажная
Microsoft Office VisioCVE-2024-43505Microsoft Office Visio Remote Code Execution VulnerabilityВажная
Microsoft Simple Certificate Enrollment ProtocolCVE-2024-43544Microsoft Simple Certificate Enrollment Protocol Denial of Service VulnerabilityВажная
Microsoft Simple Certificate Enrollment ProtocolCVE-2024-43541Microsoft Simple Certificate Enrollment Protocol Denial of Service VulnerabilityВажная
Microsoft WDAC OLE DB provider for SQLCVE-2024-43519Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityВажная
Microsoft Windows SpeechCVE-2024-43574Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution VulnerabilityВажная
OpenSSH for WindowsCVE-2024-43615Microsoft OpenSSH for Windows Remote Code Execution VulnerabilityВажная
OpenSSH for WindowsCVE-2024-43581Microsoft OpenSSH for Windows Remote Code Execution VulnerabilityВажная
OpenSSH for WindowsCVE-2024-38029Microsoft OpenSSH for Windows Remote Code Execution VulnerabilityВажная
Outlook for AndroidCVE-2024-43604Outlook for Android Elevation of Privilege VulnerabilityВажная
Power BICVE-2024-43612Power BI Report Server Spoofing VulnerabilityВажная
Power BICVE-2024-43481Power BI Report Server Spoofing VulnerabilityВажная
Remote Desktop ClientCVE-2024-43533Remote Desktop Client Remote Code Execution VulnerabilityВажная
Remote Desktop ClientCVE-2024-43599Remote Desktop Client Remote Code Execution VulnerabilityВажная
Role: Windows Hyper-VCVE-2024-43521Windows Hyper-V Denial of Service VulnerabilityВажная
Role: Windows Hyper-VCVE-2024-20659Windows Hyper-V Security Feature Bypass VulnerabilityВажная
Role: Windows Hyper-VCVE-2024-43567Windows Hyper-V Denial of Service VulnerabilityВажная
Role: Windows Hyper-VCVE-2024-43575Windows Hyper-V Denial of Service VulnerabilityВажная
RPC Endpoint Mapper ServiceCVE-2024-43532Remote Registry Service Elevation of Privilege VulnerabilityВажная
Service FabricCVE-2024-43480Azure Service Fabric for Linux Remote Code Execution VulnerabilityВажная
Sudo for WindowsCVE-2024-43571Sudo for Windows Spoofing VulnerabilityВажная
Visual C++ Redistributable InstallerCVE-2024-43590Visual C++ Redistributable Installer Elevation of Privilege VulnerabilityВажная
Visual StudioCVE-2024-43603Visual Studio Collector Service Denial of Service VulnerabilityВажная
Visual Studio CodeCVE-2024-43488Visual Studio Code extension for Arduino Remote Code Execution VulnerabilityКритическая
Visual Studio CodeCVE-2024-43601Visual Studio Code for Linux Remote Code Execution VulnerabilityВажная
Windows Ancillary Function Driver for WinSockCVE-2024-43563Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityВажная
Windows BitLockerCVE-2024-43513BitLocker Security Feature Bypass VulnerabilityВажная
Windows Common Log File System DriverCVE-2024-43501Windows Common Log File System Driver Elevation of Privilege VulnerabilityВажная
Windows Cryptographic ServicesCVE-2024-43546Windows Cryptographic Information Disclosure VulnerabilityВажная
Windows cURL ImplementationCVE-2024-6197Open Source Curl Remote Code Execution VulnerabilityВажная
Windows EFI PartitionCVE-2024-37982Windows Resume Extensible Firmware Interface Security Feature Bypass VulnerabilityВажная
Windows EFI PartitionCVE-2024-37976Windows Resume Extensible Firmware Interface Security Feature Bypass VulnerabilityВажная
Windows EFI PartitionCVE-2024-37983Windows Resume Extensible Firmware Interface Security Feature Bypass VulnerabilityВажная
Windows Hyper-VCVE-2024-30092Windows Hyper-V Remote Code Execution VulnerabilityВажная
Windows KerberosCVE-2024-43547Windows Kerberos Information Disclosure VulnerabilityВажная
Windows KerberosCVE-2024-38129Windows Kerberos Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2024-43502Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2024-43511Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2024-43520Windows Kernel Denial of Service VulnerabilityВажная
Windows KernelCVE-2024-43527Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2024-43570Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2024-37979Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows Kernel-Mode DriversCVE-2024-43554Windows Kernel-Mode Driver Information Disclosure VulnerabilityВажная
Windows Kernel-Mode DriversCVE-2024-43535Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityВажная
Windows Local Security Authority (LSA)CVE-2024-43522Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43555Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43540Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43536Windows Mobile Broadband Driver Remote Code Execution VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43538Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43525Windows Mobile Broadband Driver Remote Code Execution VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43559Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43561Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43558Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43542Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43557Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43526Windows Mobile Broadband Driver Remote Code Execution VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43543Windows Mobile Broadband Driver Remote Code Execution VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43523Windows Mobile Broadband Driver Remote Code Execution VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43524Windows Mobile Broadband Driver Remote Code Execution VulnerabilityВажная
Windows Mobile BroadbandCVE-2024-43537Windows Mobile Broadband Driver Denial of Service VulnerabilityВажная
Windows MSHTML PlatformCVE-2024-43573Windows MSHTML Platform Spoofing VulnerabilityСредняя
Windows NetlogonCVE-2024-38124Windows Netlogon Elevation of Privilege VulnerabilityВажная
Windows Network Address Translation (NAT)CVE-2024-43562Windows Network Address Translation (NAT) Denial of Service VulnerabilityВажная
Windows Network Address Translation (NAT)CVE-2024-43565Windows Network Address Translation (NAT) Denial of Service VulnerabilityВажная
Windows NT OS KernelCVE-2024-43553NT OS Kernel Elevation of Privilege VulnerabilityВажная
Windows NTFSCVE-2024-43514Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityВажная
Windows Online Certificate Status Protocol (OCSP)CVE-2024-43545Windows Online Certificate Status Protocol (OCSP) Server Denial of Service VulnerabilityВажная
Windows Print Spooler ComponentsCVE-2024-43529Windows Print Spooler Elevation of Privilege VulnerabilityВажная
Windows Remote DesktopCVE-2024-43582Remote Desktop Protocol Server Remote Code Execution VulnerabilityКритическая
Windows Remote Desktop Licensing ServiceCVE-2024-38262Windows Remote Desktop Licensing Service Remote Code Execution VulnerabilityВажная
Windows Remote Desktop ServicesCVE-2024-43456Windows Remote Desktop Services Tampering VulnerabilityВажная
Windows Resilient File System (ReFS)CVE-2024-43500Windows Resilient File System (ReFS) Information Disclosure VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43592Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43589Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-38212Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43593Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-38261Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43611Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43453Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-38265Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43607Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43549Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43608Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2024-43564Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityВажная
Windows ScriptingCVE-2024-43584Windows Scripting Engine Security Feature Bypass VulnerabilityВажная
Windows Secure ChannelCVE-2024-43550Windows Secure Channel Spoofing VulnerabilityВажная
Windows Secure Kernel ModeCVE-2024-43516Windows Secure Kernel Mode Elevation of Privilege VulnerabilityВажная
Windows Secure Kernel ModeCVE-2024-43528Windows Secure Kernel Mode Elevation of Privilege VulnerabilityВажная
Windows ShellCVE-2024-43552Windows Shell Remote Code Execution VulnerabilityВажная
Windows Standards-Based Storage Management ServiceCVE-2024-43512Windows Standards-Based Storage Management Service Denial of Service VulnerabilityВажная
Windows StorageCVE-2024-43551Windows Storage Elevation of Privilege VulnerabilityВажная
Windows Storage Port DriverCVE-2024-43560Microsoft Windows Storage Port Driver Elevation of Privilege VulnerabilityВажная
Windows Telephony ServerCVE-2024-43518Windows Telephony Server Remote Code Execution VulnerabilityВажная
WinlogonCVE-2024-43583Winlogon Elevation of Privilege VulnerabilityВажная
Данные о правообладателе фото и видеоматериалов взяты с сайта «Anti-Malware.ru», подробнее в Правилах сервиса
Анализ
×
Microsoft
Сфера деятельности:Связь и ИТ
154
Microsoft Edge
Производитель:Microsoft
9
Google Android
Производитель:Google
122
Windows Mobile
Производитель:Microsoft