July 9, 2024 at 05:13PM
July’s Microsoft security update addresses 139 CVEs, including actively exploited vulnerabilities and a public Intel microprocessor issue. Notably, two zero-day bugs were identified, posing a moderate threat. Additionally, critical vulnerabilities affecting Windows Remote Desktop Licensing Service require immediate attention, with a recommendation to disable the service if not in use. Software vendors voiced concerns about the prominence of elevation of privilege bugs, emphasizing their potential severity. Furthermore, a significant number of vulnerabilities impact Microsoft SQL Server, necessitating patching despite their lower criticality based on CVSS scores.
Key Takeaways from Meeting Notes:
1. July’s security update from Microsoft includes patches for a total of 139 unique CVEs, with fixes for more vulnerabilities than the previous two monthly releases combined.
2. This update addresses issues that, if left unmitigated, could enable a range of malicious activities including remote code execution, privilege escalation, data theft, security feature bypass, and other exploits.
3. Two zero-day vulnerabilities are actively being exploited. One affects Windows Hyper-V virtualization technology, and the other affects the Windows MSHTML Platform (aka Trident browser engine).
4. Microsoft has rated the severity of these vulnerabilities as moderate but has provided limited information in their release notes, prompting the need for urgent patching to mitigate potential exploitation.
5. The update also includes fixes for high-priority bugs, including remote code execution vulnerabilities in the Windows Remote Desktop Licensing Service component, which should be prioritized for immediate patching.
6. A significant number of unique CVEs (39) in this update pertain to Microsoft SQL Server, although none of them are rated as critical based on their CVSS scores.
7. The update also addresses 20 elevation of privilege (EoP) bugs, which security researchers emphasize should be given equal attention to remote code execution vulnerabilities due to the potential for attackers to gain complete admin control of affected systems.
These takeaways highlight the urgent need for organizations to prioritize and expedite the installation of the July security update from Microsoft to mitigate the risk of exploitation of numerous vulnerabilities.