Microsoft Nisan 2024 Patch Tuesday: 150 Zafiyet, 67 RCE Kapatıldı

Mehmet Sait YILMAZ 09/04/2024

0 6 dakika okuma süresi

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 67 adet RCE güvenlik açığı ve toplam 150 zafiyeti kapattı.

Kapatılan zafiyetler aşağıdaki gibi:

31 Elevation of Privilege Vulnerabilities
29 Security Feature Bypass Vulnerabilities
67 Remote Code Execution Vulnerabilities
13 Information Disclosure Vulnerabilities
7 Denial of Service Vulnerabilities
3 Spoofing Vulnerabilities

Bu ay Zero-Day yok!

Nisan 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

Tag	CVE ID	CVE Title	Severity
.NET and Visual Studio	CVE-2024-21409	.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability	Important
Azure	CVE-2024-29993	Azure CycleCloud Elevation of Privilege Vulnerability	Important
Azure AI Search	CVE-2024-29063	Azure AI Search Information Disclosure Vulnerability	Important
Azure Arc	CVE-2024-28917	Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability	Important
Azure Compute Gallery	CVE-2024-21424	Azure Compute Gallery Elevation of Privilege Vulnerability	Important
Azure Migrate	CVE-2024-26193	Azure Migrate Remote Code Execution Vulnerability	Important
Azure Monitor	CVE-2024-29989	Azure Monitor Agent Elevation of Privilege Vulnerability	Important
Azure Private 5G Core	CVE-2024-20685	Azure Private 5G Core Denial of Service Vulnerability	Moderate
Azure SDK	CVE-2024-29992	Azure Identity Library for .NET Information Disclosure Vulnerability	Moderate
Intel	CVE-2024-2201	Intel: CVE-2024-2201 Branch History Injection	Important
Internet Shortcut Files	CVE-2024-29988	SmartScreen Prompt Security Feature Bypass Vulnerability	Important
Mariner	CVE-2019-3816	Unknown	Unknown
Mariner	CVE-2019-3833	Unknown	Unknown
Microsoft Azure Kubernetes Service	CVE-2024-29990	Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-28905	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-28907	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-26213	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Brokering File System	CVE-2024-28904	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-29055	Microsoft Defender for IoT Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-29053	Microsoft Defender for IoT Remote Code Execution Vulnerability	Critical
Microsoft Defender for IoT	CVE-2024-29054	Microsoft Defender for IoT Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-21324	Microsoft Defender for IoT Elevation of Privilege Vulnerability	Important
Microsoft Defender for IoT	CVE-2024-21323	Microsoft Defender for IoT Remote Code Execution Vulnerability	Critical
Microsoft Defender for IoT	CVE-2024-21322	Microsoft Defender for IoT Remote Code Execution Vulnerability	Critical
Microsoft Edge (Chromium-based)	CVE-2024-3156	Chromium: CVE-2024-3156 Inappropriate implementation in V8	Unknown
Microsoft Edge (Chromium-based)	CVE-2024-29049	Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability	Moderate
Microsoft Edge (Chromium-based)	CVE-2024-29981	Microsoft Edge (Chromium-based) Spoofing Vulnerability	Low
Microsoft Edge (Chromium-based)	CVE-2024-3159	Chromium: CVE-2024-3159 Out of bounds memory access in V8	Unknown
Microsoft Edge (Chromium-based)	CVE-2024-3158	Chromium: CVE-2024-3158 Use after free in Bookmarks	Unknown
Microsoft Install Service	CVE-2024-26158	Microsoft Install Service Elevation of Privilege Vulnerability	Important
Microsoft Office Excel	CVE-2024-26257	Microsoft Excel Remote Code Execution Vulnerability	Important
Microsoft Office Outlook	CVE-2024-20670	Outlook for Windows Spoofing Vulnerability	Important
Microsoft Office SharePoint	CVE-2024-26251	Microsoft SharePoint Server Spoofing Vulnerability	Important
Microsoft WDAC ODBC Driver	CVE-2024-26214	Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability	Important
Microsoft WDAC OLE DB provider for SQL	CVE-2024-26244	Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability	Important
Microsoft WDAC OLE DB provider for SQL	CVE-2024-26210	Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26233	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26231	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26227	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26223	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26221	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26224	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-26222	Windows DNS Server Remote Code Execution Vulnerability	Important
Role: Windows Hyper-V	CVE-2024-29064	Windows Hyper-V Denial of Service Vulnerability	Important
SQL Server	CVE-2024-28937	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28938	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29044	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28935	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28940	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28943	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28941	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28910	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28944	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28908	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28909	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29985	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28906	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28926	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28933	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28934	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28927	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28930	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29046	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28932	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29047	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28931	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29984	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28929	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28939	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28942	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29043	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28936	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29045	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28915	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28913	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28945	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29048	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28912	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28914	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29983	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-28911	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2024-29982	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	Important
Windows Authentication Methods	CVE-2024-29056	Windows Authentication Elevation of Privilege Vulnerability	Important
Windows Authentication Methods	CVE-2024-21447	Windows Authentication Elevation of Privilege Vulnerability	Important
Windows BitLocker	CVE-2024-20665	BitLocker Security Feature Bypass Vulnerability	Important
Windows Compressed Folder	CVE-2024-26256	libarchive Remote Code Execution Vulnerability	Important
Windows Cryptographic Services	CVE-2024-26228	Windows Cryptographic Services Security Feature Bypass Vulnerability	Important
Windows Cryptographic Services	CVE-2024-29050	Windows Cryptographic Services Remote Code Execution Vulnerability	Important
Windows Defender Credential Guard	CVE-2024-26237	Windows Defender Credential Guard Elevation of Privilege Vulnerability	Important
Windows DHCP Server	CVE-2024-26212	DHCP Server Service Denial of Service Vulnerability	Important
Windows DHCP Server	CVE-2024-26215	DHCP Server Service Denial of Service Vulnerability	Important
Windows DHCP Server	CVE-2024-26195	DHCP Server Service Remote Code Execution Vulnerability	Important
Windows DHCP Server	CVE-2024-26202	DHCP Server Service Remote Code Execution Vulnerability	Important
Windows Distributed File System (DFS)	CVE-2024-29066	Windows Distributed File System (DFS) Remote Code Execution Vulnerability	Important
Windows Distributed File System (DFS)	CVE-2024-26226	Windows Distributed File System (DFS) Information Disclosure Vulnerability	Important
Windows DWM Core Library	CVE-2024-26172	Windows DWM Core Library Information Disclosure Vulnerability	Important
Windows File Server Resource Management Service	CVE-2024-26216	Windows File Server Resource Management Service Elevation of Privilege Vulnerability	Important
Windows HTTP.sys	CVE-2024-26219	HTTP.sys Denial of Service Vulnerability	Important
Windows Internet Connection Sharing (ICS)	CVE-2024-26253	Windows rndismp6.sys Remote Code Execution Vulnerability	Important
Windows Internet Connection Sharing (ICS)	CVE-2024-26252	Windows rndismp6.sys Remote Code Execution Vulnerability	Important
Windows Kerberos	CVE-2024-26183	Windows Kerberos Denial of Service Vulnerability	Important
Windows Kerberos	CVE-2024-26248	Windows Kerberos Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-20693	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-26245	Windows SMB Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-26229	Windows CSC Service Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2024-26218	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Local Security Authority Subsystem Service (LSASS)	CVE-2024-26209	Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability	Important
Windows Message Queuing	CVE-2024-26232	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	Important
Windows Message Queuing	CVE-2024-26208	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	Important
Windows Mobile Hotspot	CVE-2024-26220	Windows Mobile Hotspot Information Disclosure Vulnerability	Important
Windows Proxy Driver	CVE-2024-26234	Proxy Driver Spoofing Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-28902	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-28900	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-28901	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26255	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26230	Windows Telephony Server Elevation of Privilege Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26239	Windows Telephony Server Elevation of Privilege Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26207	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26217	Windows Remote Access Connection Manager Information Disclosure Vulnerability	Important
Windows Remote Access Connection Manager	CVE-2024-26211	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability	Important
Windows Remote Procedure Call	CVE-2024-20678	Remote Procedure Call Runtime Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-26200	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-26179	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-26205	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Secure Boot	CVE-2024-29061	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28921	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-20689	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26250	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28922	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-29062	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-20669	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28898	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-20688	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-23593	Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell	Important
Windows Secure Boot	CVE-2024-28896	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28919	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-23594	Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi	Important
Windows Secure Boot	CVE-2024-28923	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28903	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26189	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26240	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28924	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28897	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28925	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26175	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-28920	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26194	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26180	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26171	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Secure Boot	CVE-2024-26168	Secure Boot Security Feature Bypass Vulnerability	Important
Windows Storage	CVE-2024-29052	Windows Storage Elevation of Privilege Vulnerability	Important
Windows Telephony Server	CVE-2024-26242	Windows Telephony Server Elevation of Privilege Vulnerability	Important
Windows Update Stack	CVE-2024-26236	Windows Update Stack Elevation of Privilege Vulnerability	Important
Windows Update Stack	CVE-2024-26235	Windows Update Stack Elevation of Privilege Vulnerability	Important
Windows USB Print Driver	CVE-2024-26243	Windows USB Print Driver Elevation of Privilege Vulnerability	Important
Windows Virtual Machine Bus	CVE-2024-26254	Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability	Important
Windows Win32K – ICOMP	CVE-2024-26241	Win32k Elevation of Privilege Vulnerability	Important