Haberler

Microsoft Mayıs 2024 Patch Tuesday: 3 Zero Day, 61 Zafiyet Kapatıldı

Mehmet Sait YILMAZ fotoğrafı Mehmet Sait YILMAZ Bir e-posta göndermek 14/05/2024
0 3 dakika okuma süresi

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 3 adet Zero day güvenlik açığı ve toplam 61 zafiyeti kapattı.

Kapatılan zafiyetler aşağıdaki gibi:

  • 17 Elevation of Privilege Vulnerabilities
  • 2 Security Feature Bypass Vulnerabilities
  • 27 Remote Code Execution Vulnerabilities
  • 7 Information Disclosure Vulnerabilities
  • 3 Denial of Service Vulnerabilities
  • 4 Spoofing Vulnerabilities

Üç Adet Zero Day Kapatıldı

CVE-2024-30040 – Windows MSHTML Platform Security Feature Bypass Vulnerability

CVE-2024-30051 – Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2024-30046Visual Studio Denial of Service Vulnerability

Mayıs 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

TagCVE IDCVE TitleSeverity
.NET and Visual StudioCVE-2024-30045.NET and Visual Studio Remote Code Execution VulnerabilityImportant
Azure MigrateCVE-2024-30053Azure Migrate Cross-Site Scripting VulnerabilityImportant
Microsoft BingCVE-2024-30041Microsoft Bing Search Spoofing VulnerabilityImportant
Microsoft Brokering File SystemCVE-2024-30007Microsoft Brokering File System Elevation of Privilege VulnerabilityImportant
Microsoft Dynamics 365 Customer InsightsCVE-2024-30048Dynamics 365 Customer Insights Spoofing VulnerabilityImportant
Microsoft Dynamics 365 Customer InsightsCVE-2024-30047Dynamics 365 Customer Insights Spoofing VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2024-4558Chromium: CVE-2024-4558 Use after free in ANGLEUnknown
Microsoft Edge (Chromium-based)CVE-2024-4331Chromium: CVE-2024-4331 Use after free in Picture In PictureUnknown
Microsoft Edge (Chromium-based)CVE-2024-4671Chromium: CVE-2024-4671 Use after free in VisualsUnknown
Microsoft Edge (Chromium-based)CVE-2024-30055Microsoft Edge (Chromium-based) Spoofing VulnerabilityLow
Microsoft Edge (Chromium-based)CVE-2024-4368Chromium: CVE-2024-4368 Use after free in DawnUnknown
Microsoft Edge (Chromium-based)CVE-2024-4559Chromium: CVE-2024-4559 Heap buffer overflow in WebAudioUnknown
Microsoft IntuneCVE-2024-30059Microsoft Intune for Android Mobile Application Management Tampering VulnerabilityImportant
Microsoft Office ExcelCVE-2024-30042Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2024-30044Microsoft SharePoint Server Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2024-30043Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-30006Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft Windows SCSI Class System FileCVE-2024-29994Microsoft Windows SCSI Class System File Elevation of Privilege VulnerabilityImportant
Microsoft Windows Search ComponentCVE-2024-30033Windows Search Service Elevation of Privilege VulnerabilityImportant
Power BICVE-2024-30054Microsoft Power BI Client JavaScript SDK Information Disclosure VulnerabilityImportant
Visual StudioCVE-2024-30046Visual Studio Denial of Service VulnerabilityImportant
Visual StudioCVE-2024-32004GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositoriesImportant
Visual StudioCVE-2024-32002CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code ExecutionImportant
Windows Cloud Files Mini Filter DriverCVE-2024-30034Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityImportant
Windows CNG Key Isolation ServiceCVE-2024-30031Windows CNG Key Isolation Service Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2024-29996Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2024-30037Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2024-30025Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Cryptographic ServicesCVE-2024-30020Windows Cryptographic Services Remote Code Execution VulnerabilityImportant
Windows Cryptographic ServicesCVE-2024-30016Windows Cryptographic Services Information Disclosure VulnerabilityImportant
Windows Deployment ServicesCVE-2024-30036Windows Deployment Services Information Disclosure VulnerabilityImportant
Windows DHCP ServerCVE-2024-30019DHCP Server Service Denial of Service VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30008Windows DWM Core Library Information Disclosure VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30051Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30035Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-30032Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows Hyper-VCVE-2024-30011Windows Hyper-V Denial of Service VulnerabilityImportant
Windows Hyper-VCVE-2024-30017Windows Hyper-V Remote Code Execution VulnerabilityImportant
Windows Hyper-VCVE-2024-30010Windows Hyper-V Remote Code Execution VulnerabilityImportant
Windows KernelCVE-2024-30018Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows Mark of the Web (MOTW)CVE-2024-30050Windows Mark of the Web Security Feature Bypass VulnerabilityModerate
Windows Mobile BroadbandCVE-2024-30002Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-29997Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30003Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30012Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-29999Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-29998Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30000Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30005Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30004Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30021Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows Mobile BroadbandCVE-2024-30001Windows Mobile Broadband Driver Remote Code Execution VulnerabilityImportant
Windows MSHTML PlatformCVE-2024-30040Windows MSHTML Platform Security Feature Bypass VulnerabilityImportant
Windows NTFSCVE-2024-30027NTFS Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2024-30039Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30009Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30024Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30015Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30029Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30023Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30014Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2024-30022Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Task SchedulerCVE-2024-26238Microsoft PLUGScheduler Scheduled Task Elevation of Privilege VulnerabilityImportant
Windows Win32K – GRFXCVE-2024-30030Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-30038Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-30049Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-30028Win32k Elevation of Privilege VulnerabilityImportant
Mehmet Sait YILMAZ fotoğrafı Mehmet Sait YILMAZ Bir e-posta göndermek 14/05/2024
0 3 dakika okuma süresi
Mehmet Sait YILMAZ fotoğrafı

Mehmet Sait YILMAZ

İlgili Makaleler

Veeam, Proxmox VE ile Veri Koruma Alanında Yeni Bir Döneme Giriyor!

14/05/2024

Microsoft Azure’da Şaşırtıcı Bulut Erişimleri: Collector.alt Alanlarına Dair Gözlemler

14/05/2024

Azure Entra ID’de Single Sign On (SSO) Sorunları Devam Ediyor

13/05/2024

Google, Project Starline ile Görüntülü Görüşmeleri Bir Üst Seviyeye Taşıyor!

13/05/2024

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Başa dön tuşu