May 14, 2024 at 01:54PM
Today’s Microsoft Patch Tuesday includes updates for 61 flaws, with one critical vulnerability fixed in Microsoft SharePoint Server. It addresses 17 elevation of privilege vulnerabilities, two security feature bypass vulnerabilities, 27 remote code execution vulnerabilities, seven information disclosure vulnerabilities, three denial of service vulnerabilities, and four spoofing vulnerabilities. Additionally, three zero-day vulnerabilities have been fixed, two of which were actively exploited.
Here are the key takeaways from the meeting notes:
1. May 2024 Patch Tuesday includes security updates for 61 flaws and addresses three actively exploited or publicly disclosed zero-day vulnerabilities.
2. One critical vulnerability fixed in this Patch Tuesday is a Microsoft SharePoint Server Remote Code Execution Vulnerability.
3. The vulnerabilities are categorized as follows:
– 17 Elevation of Privilege Vulnerabilities
– 2 Security Feature Bypass Vulnerabilities
– 27 Remote Code Execution Vulnerabilities
– 7 Information Disclosure Vulnerabilities
– 3 Denial of Service Vulnerabilities
– 4 Spoofing Vulnerabilities
4. Two actively exploited zero-day vulnerabilities that were fixed in today’s updates are:
– CVE-2024-30040, a Windows MSHTML Platform Security Feature Bypass Vulnerability
– CVE-2024-30051, a Windows DWM Core Library Elevation of Privilege Vulnerability
5. Additionally, there were four Microsoft Edge flaws fixed on May 2nd and four fixed on May 10th.
6. Several other vendors also released updates or advisories in May 2024.
Please let me know if there’s anything else you’d like to know.