Operating System:

[WIN]

Published:

13 March 2024

Protect yourself against future threats.

//Service

Sensitive Information Alert

Alert notification provided via email for sensitive material found online by our analyst team which specifically targets your organisation.

Read more
Resources > Security Bulletins > ASB-2024.0051 

===========================================================================
                         AUSCERT Security Bulletin                         
                                                                           
                               ASB-2024.0051                               
         Microsoft Patch Tuesday update for Windows for March 2024         
                               13 March 2024                               
                                                                           
===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Windows 10                                              
                   Windows 11                                              
                   Windows Server                                          
Operating System:  Windows                                                 
Resolution:        Patch/Upgrade                                           
CVE Names:         CVE-2024-21437 CVE-2024-21438 CVE-2024-21439            
                   CVE-2024-21440 CVE-2024-21441 CVE-2024-21442            
                   CVE-2024-21443 CVE-2024-21444 CVE-2024-21445            
                   CVE-2024-21446 CVE-2024-21450 CVE-2024-21451            
                   CVE-2024-26159 CVE-2024-26160 CVE-2024-26161            
                   CVE-2024-26162 CVE-2024-26166 CVE-2024-26169            
                   CVE-2024-26170 CVE-2024-26173 CVE-2024-26174            
                   CVE-2024-26176 CVE-2024-26177 CVE-2024-26178            
                   CVE-2024-26181 CVE-2024-26182 CVE-2023-28746            
                   CVE-2024-26185 CVE-2024-26197 CVE-2024-26190            
                   CVE-2024-21407 CVE-2024-21408 CVE-2024-21427            
                   CVE-2024-21429 CVE-2024-21430 CVE-2024-21431            
                   CVE-2024-21432 CVE-2024-21433 CVE-2024-21434            
                   CVE-2024-21435 CVE-2024-21436                           

Comment: CVSS (Max):  8.8* CVE-2024-21435 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
         CVSS Source: Microsoft                                            
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
         * Not all CVSS available when published                           



OVERVIEW

        Microsoft has released its monthly security patch update for the
        month of March 2024.

        This update resolves 41 vulnerabilities across the following
        product(s): [1]

         Windows 10
         Windows 11
         Windows 11 version 21H2
         Windows Server 2016
         Windows Server 2019
         Windows Server 2022
         Windows Server 2022, 23H2 Edition


IMPACT

        Microsoft has given the following details regarding these
        vulnerabilities.

         Details         Impact                   Severity
         CVE-2023-28746  Information Disclosure   Important
         CVE-2024-21407  Remote Code Execution    Critical
         CVE-2024-21408  Denial of Service        Critical
         CVE-2024-21427  Security Feature Bypass  Important
         CVE-2024-21429  Remote Code Execution    Important
         CVE-2024-21430  Remote Code Execution    Important
         CVE-2024-21431  Security Feature Bypass  Important
         CVE-2024-21432  Elevation of Privilege   Important
         CVE-2024-21433  Elevation of Privilege   Important
         CVE-2024-21434  Elevation of Privilege   Important
         CVE-2024-21435  Remote Code Execution    Important
         CVE-2024-21436  Elevation of Privilege   Important
         CVE-2024-21437  Elevation of Privilege   Important
         CVE-2024-21438  Denial of Service        Important
         CVE-2024-21439  Elevation of Privilege   Important
         CVE-2024-21440  Remote Code Execution    Important
         CVE-2024-21441  Remote Code Execution    Important
         CVE-2024-21442  Elevation of Privilege   Important
         CVE-2024-21443  Elevation of Privilege   Important
         CVE-2024-21444  Remote Code Execution    Important
         CVE-2024-21445  Elevation of Privilege   Important
         CVE-2024-21446  Elevation of Privilege   Important
         CVE-2024-21450  Remote Code Execution    Important
         CVE-2024-21451  Remote Code Execution    Important
         CVE-2024-26159  Remote Code Execution    Important
         CVE-2024-26160  Information Disclosure   Important
         CVE-2024-26161  Remote Code Execution    Important
         CVE-2024-26162  Remote Code Execution    Important
         CVE-2024-26166  Remote Code Execution    Important
         CVE-2024-26169  Elevation of Privilege   Important
         CVE-2024-26170  Elevation of Privilege   Important
         CVE-2024-26173  Elevation of Privilege   Important
         CVE-2024-26174  Information Disclosure   Important
         CVE-2024-26176  Elevation of Privilege   Important
         CVE-2024-26177  Information Disclosure   Important
         CVE-2024-26178  Elevation of Privilege   Important
         CVE-2024-26181  Denial of Service        Important
         CVE-2024-26182  Elevation of Privilege   Important
         CVE-2024-26185  Tampering                Important
         CVE-2024-26190  Denial of Service        Important
         CVE-2024-26197  Denial of Service        Important


MITIGATION

        Microsoft recommends updating the software with the version made
        available on the Microsoft Update Catalogue for the following
        Knowledge Base articles. [1].

         KB5035845, KB5035849, KB5035853, KB5035854, KB5035855
         KB5035856, KB5035857, KB5035858, KB5035959


REFERENCES

        [1] Microsoft Security Update Guidance
            https://portal.msrc.microsoft.com/en-us/security-guidance




AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================