TRY NOW
Patch Tuesday

Microsoft Patch Tuesday – April 2024

10 min. read
09/04/2024
By Esben Dochy
Microsoft-Patch-Tuesday-May-2022

⚡ TL;DR | Go Straight to the April 202Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The April 2024 edition of Patch Tuesday brings us 151 new fixes, with 3 rated as critical. We’ve listed the most important changes below.

Microsoft Defender for IoT Vulnerabilities

All critical vulnerabilities this month are part of Microsoft Defender for IoT. CVE-2024-21322, CVE-2024-21323 and CVE-2024-29053 while three additional less critical vulnerabilities were also fixed (CVE-2024-21324, CVE-2024-29055, CVE-2024-29054).

Obviously you have to be using this product in order to be affected. More specifically, you’ll need to be using the legacy on-premises management console.

All three critical vulnerabilities have slightly different requirements ranging from requiring the attacker to be an administrator to any authenticated attacker could trigger the vulnerability.

SmartScreen Prompt Security Feature Bypass Vulnerability

The second high profile fix is a security bypass vulnerability for SmartScreen. Microsoft Defender SmartScreen helps protect you from online threats like malware and phishing by checking websites and downloaded files against a database of unsafe ones. To exploit this security feature bypass vulnerability, an attacker would need to convince a user to launch malicious files using a launcher application that requests that no UI be shown.

CVE-2024-29988 has a CVSS score of 8.8 and Microsoft lists it as one of the vulnerabilities that is more likely to be exploited.

Multiple Elevation of Privilege Vulnerabilities

The large majority of vulnerabilities marked by Microsoft as “more likely” to be exploited this month are elevation of privilege vulnerabilities that all can lead to the attacker gaining SYSTEM privileges. Their CVSS base scores are all 7.8 and Microsoft has not provided any additional information at this time.

  • CVE-2024-26158 (Microsoft Install Service Elevation of Privilege Vulnerability)
  • CVE-2024-26218 (Windows Kernel Elevation of Privilege Vulnerability)
  • CVE-2024-26241 (Win32k Elevation of Privilege Vulnerability)
  • CVE-2024-26211 (Windows RAC Manager Elevation of Privilege Vulnerability)
  • CVE-2024-26230 (Windows Telephony Server Elevation of Privilege Vulnerability)
  • CVE-2024-26239 (Windows Telephony Server Elevation of Privilege Vulnerability)

Run the Patch Tuesday April 2024 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday April 2024 CVE Codes & Titles

CVE NumberCVE Title
CVE-2023-24932Secure Boot Security Feature Bypass Vulnerability
CVE-2024-20669Secure Boot Security Feature Bypass Vulnerability
CVE-2024-20688Secure Boot Security Feature Bypass Vulnerability
CVE-2024-20689Secure Boot Security Feature Bypass Vulnerability
CVE-2024-21409.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2024-21424Azure Compute Gallery Elevation of Privilege Vulnerability
CVE-2024-26250Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26252Windows rndismp6.sys Remote Code Execution Vulnerability
CVE-2024-26253Windows rndismp6.sys Remote Code Execution Vulnerability
CVE-2024-26254Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
CVE-2024-26255Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-26172Windows DWM Core Library Information Disclosure Vulnerability
CVE-2024-26179Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26200Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26205Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26232Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-28920Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28922Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28919Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28896Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28923Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28898Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28901Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-28902Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-28905Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28906Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28908Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28909Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28910Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28911Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28912Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28913Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28914Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28915Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28929Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28931Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28932Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28936Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28939Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28942Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28945Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29043Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29045Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29047Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29050Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2024-29063Azure AI Search Information Disclosure Vulnerability
CVE-2024-29064Windows Hyper-V Denial of Service Vulnerability
CVE-2024-29066Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2024-20685Azure Private 5G Core Denial of Service Vulnerability
CVE-2024-23594Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi
CVE-2024-29990Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-2201Intel: CVE-2024-2201 Branch History Injection
CVE-2024-20678Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2024-20665BitLocker Security Feature Bypass Vulnerability
CVE-2024-20693Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21322Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2024-21323Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2024-21324Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-21447Windows Authentication Elevation of Privilege Vulnerability
CVE-2024-26193Azure Migrate Remote Code Execution Vulnerability
CVE-2024-26168Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26171Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26175Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26180Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26183Windows Kerberos Denial of Service Vulnerability
CVE-2024-26189Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26194Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26195DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-26202DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-26219HTTP.sys Denial of Service Vulnerability
CVE-2024-26220Windows Mobile Hotspot Information Disclosure Vulnerability
CVE-2024-26221Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26222Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26223Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26224Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26227Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26231Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26233Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26243Windows USB Print Driver Elevation of Privilege Vulnerability
CVE-2024-26248Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-26210Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-26229Windows CSC Service Elevation of Privilege Vulnerability
CVE-2024-26235Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-26236Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-26237Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2024-26242Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26244Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-26245Windows SMB Elevation of Privilege Vulnerability
CVE-2024-26207Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-26208Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-26213Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-26214Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability
CVE-2024-26215DHCP Server Service Denial of Service Vulnerability
CVE-2024-26216Windows File Server Resource Management Service Elevation of Privilege Vulnerability
CVE-2024-26217Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-26226Windows Distributed File System (DFS) Information Disclosure Vulnerability
CVE-2024-26228Windows Cryptographic Services Security Feature Bypass Vulnerability
CVE-2024-26240Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26251Microsoft SharePoint Server Spoofing Vulnerability
CVE-2024-26257Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-28924Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28925Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28897Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28900Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-28904Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28907Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28926Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28927Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28930Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28933Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28934Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28935Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28937Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28938Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28940Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28941Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28943Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28944Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29044Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29046Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29048Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29052Windows Storage Elevation of Privilege Vulnerability
CVE-2024-29053Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2024-29055Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29054Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29061Secure Boot Security Feature Bypass Vulnerability
CVE-2024-29062Secure Boot Security Feature Bypass Vulnerability
CVE-2024-20670Outlook for Windows Spoofing Vulnerability
CVE-2024-29982Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29983Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29984Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29985Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-23593Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell
CVE-2024-29989Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-29992Azure Identity Library for .NET Information Disclosure Vulnerability
CVE-2024-29993Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2024-26256libarchive Remote Code Execution Vulnerability
CVE-2024-26158Microsoft Install Service Elevation of Privilege Vulnerability
CVE-2024-28921Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28903Secure Boot Security Feature Bypass Vulnerability
CVE-2024-29988SmartScreen Prompt Security Feature Bypass Vulnerability
CVE-2024-26209Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2024-26218Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26241Win32k Elevation of Privilege Vulnerability
CVE-2024-26234Proxy Driver Spoofing Vulnerability
CVE-2024-26211Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-26212DHCP Server Service Denial of Service Vulnerability
CVE-2024-26230Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26239Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-29056Windows Authentication Elevation of Privilege Vulnerability
CVE-2024-28917Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.