⚡ TL;DR | Go Straight to the March 2024 Patch Tuesday Audit Report
Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The March 2024 edition of Patch Tuesday brings us 60 new fixes, with 2 rated as critical. We’ve listed the most important changes below.
Windows Hyper-V Vulnerabilities
The only two critial vulnerabilities this month are in Hyper-V. CVE-2024-21407, a remote code execution vulnerability and CVE-2024-21408, a denial of service vulnerability.
To exploit the RCE vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server.
For the denial of service vulnerability, Microsoft doesn’t provide any additional data.
Both vulnerabilities obviously require the usage of Hyper-v, something you can easily discover and map using the built-in “Hyper-V: Virtual guest machines” Report.
Windows Print Spooler Elevation of Privilege Vulnerability
The print spooler comes back this month with a vulnerability that is more likely to be exlpoited. CVE-2024-21433 requires an attacker to win a race condition and can lead to the attacker gaining SYSTEM priviliges.
Windows Kernel Elevation of Privilege Vulnerability
The last highlight of this month’s patch Tuesday is CVE-2024-26182. A vulnerability in the Windows Kernel that if exploited allows attackers to gain SYSTEM privileges. Similar to most vulnreabilities, not a lot of additional information was provided.
Run the Patch Tuesday March 2024 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday March 2024 CVE Codes & Titles
| CVE Number | CVE Title |
| CVE-2024-20671 | Microsoft Defender Security Feature Bypass Vulnerability |
| CVE-2024-21392 | .NET and Visual Studio Denial of Service Vulnerability |
| CVE-2024-21411 | Skype for Consumer Remote Code Execution Vulnerability |
| CVE-2024-21418 | Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability |
| CVE-2024-21421 | Azure SDK Spoofing Vulnerability |
| CVE-2024-21426 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2024-21429 | Windows USB Hub Driver Remote Code Execution Vulnerability |
| CVE-2024-21430 | Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability |
| CVE-2024-21438 | Microsoft AllJoyn API Denial of Service Vulnerability |
| CVE-2024-21439 | Windows Telephony Server Elevation of Privilege Vulnerability |
| CVE-2024-21441 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21442 | Windows USB Print Driver Elevation of Privilege Vulnerability |
| CVE-2024-21443 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-21444 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21445 | Windows USB Print Driver Elevation of Privilege Vulnerability |
| CVE-2024-21446 | NTFS Elevation of Privilege Vulnerability |
| CVE-2024-21450 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21451 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2024-26197 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
| CVE-2024-26159 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2024-26190 | Microsoft QUIC Denial of Service Vulnerability |
| CVE-2024-26198 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2024-26199 | Microsoft Office Elevation of Privilege Vulnerability |
| CVE-2024-26201 | Microsoft Intune Linux Agent Elevation of Privilege Vulnerability |
| CVE-2024-26203 | Azure Data Studio Elevation of Privilege Vulnerability |
| CVE-2024-26161 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-26164 | Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21330 | Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
| CVE-2024-21334 | Open Management Infrastructure (OMI) Remote Code Execution Vulnerability |
| CVE-2024-21390 | Microsoft Authenticator Elevation of Privilege Vulnerability |
| CVE-2024-21400 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability |
| CVE-2024-21407 | Windows Hyper-V Remote Code Execution Vulnerability |
| CVE-2024-21408 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2024-21419 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2024-21427 | Windows Kerberos Security Feature Bypass Vulnerability |
| CVE-2024-21431 | Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability |
| CVE-2024-21432 | Windows Update Stack Elevation of Privilege Vulnerability |
| CVE-2024-21434 | Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability |
| CVE-2024-21435 | Windows OLE Remote Code Execution Vulnerability |
| CVE-2024-21436 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2024-21440 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2024-21448 | Microsoft Teams for Android Information Disclosure Vulnerability |
| CVE-2024-26162 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2024-26166 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-26169 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
| CVE-2024-26173 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-26174 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2024-26176 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-26177 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2024-26178 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-26181 | Windows Kernel Denial of Service Vulnerability |
| CVE-2023-28746 | Intel: CVE-2023-28746 Register File Data Sampling (RFDS) |
| CVE-2024-26204 | Outlook for Android Information Disclosure Vulnerability |
| CVE-2024-26165 | Visual Studio Code Elevation of Privilege Vulnerability |
| CVE-2024-21433 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2024-21437 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2024-26160 | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability |
| CVE-2024-26170 | Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability |
| CVE-2024-26182 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-26185 | Windows Compressed Folder Tampering Vulnerability |