Back to overview

Threat intelligence

Microsoft Security Bulletin Coverage for July 2024

by Security News

Overview

Microsoft’s July 2024 Patch Tuesday has 138 vulnerabilities, 59 of which are Remote Code Execution. The SonicWall Capture Lab’s threat research team has analyzed and addressed Microsoft’s security advisories for the month of July 2024 and has produced coverage for 7 of the reported vulnerabilities.

Vulnerabilities

CVECVE TitleSignature
CVE-2024-38021Microsoft Office Remote Code Execution VulnerabilityIPS 4468 Microsoft Office Remote Code Execution (CVE-2024-38021)
CVE-2024-38052Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityASPY 6807 Exploit-exe exe.MP_394
CVE-2024-38054Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityASPY 6824 Exploit-exe exe.MP_395
CVE-2024-38059Win32k Elevation of Privilege VulnerabilityASPY 6990 Exploit-exe exe.MP_396
CVE-2024-38060Microsoft Windows Codecs Library Remote Code Execution VulnerabilityASPY 586 Malformed-tif tif.MP_23
CVE-2024-38080Windows Hyper-V Elevation of Privilege VulnerabilityASPY 587 Exploit-exe exe.MP_398
CVE-2024-38085Windows Graphics Component Elevation of Privilege VulnerabilityASPY 6991 Exploit-exe exe.MP_397

Release Breakdown

The vulnerabilities can be classified into following categories:

For July there are 5 critical, 132 Important and one moderate vulnerabilities.

2024 Patch Tuesday Monthly Comparison

Microsoft tracks vulnerabilities that are being actively exploited at the time of discovery and those that have been disclosed publicly before the patch Tuesday release for each month. The above chart displays these metrics as seen each month.

Release Detailed Breakdown

Denial of Service Vulnerabilities

CVE-2024-30105.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2024-35270Windows iSCSI Service Denial of Service Vulnerability
CVE-2024-38015Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2024-38027Windows Line Printer Daemon Service Denial of Service Vulnerability
CVE-2024-38031Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-38048Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CVE-2024-38067Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-38068Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-38071Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38072Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38073Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38091Microsoft WS-Discovery Denial of Service Vulnerability
CVE-2024-38095.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38099Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38101Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38102Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38105Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

Elevation of Privilege Vulnerabilities

CVE-2024-21417Windows Text Services Framework Elevation of Privilege Vulnerability
CVE-2024-30079Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-35261Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
CVE-2024-38013Microsoft Windows Server Backup Elevation of Privilege Vulnerability
CVE-2024-38022Windows Image Acquisition Elevation of Privilege Vulnerability
CVE-2024-38033PowerShell Elevation of Privilege Vulnerability
CVE-2024-38034Windows Filtering Platform Elevation of Privilege Vulnerability
CVE-2024-38043PowerShell Elevation of Privilege Vulnerability
CVE-2024-38047PowerShell Elevation of Privilege Vulnerability
CVE-2024-38050Windows Workstation Service Elevation of Privilege Vulnerability
CVE-2024-38052Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38054Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38057Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38059Win32k Elevation of Privilege Vulnerability
CVE-2024-38061DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
CVE-2024-38062Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-38066Windows Win32k Elevation of Privilege Vulnerability
CVE-2024-38079Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38080Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2024-38081.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2024-38085Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38089Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-38092Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2024-38100Windows File Explorer Elevation of Privilege Vulnerability

Information Disclosure Vulnerabilities

CVE-2024-30061Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2024-30071Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-32987Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2024-38017Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-38041Windows Kernel Information Disclosure Vulnerability
CVE-2024-38055Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2024-38056Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2024-38064Windows TCP/IP Information Disclosure Vulnerability

Remote Code Execution Vulnerabilities 

CVE-2024-20701SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21303SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21308SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21317SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21331SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21332SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21333SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21335SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21373SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21398SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21414SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21415SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21425SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21428SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21449SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-28928SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-30013Windows MultiPoint Services Remote Code Execution Vulnerability
CVE-2024-35256SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-35264.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-35271SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-35272SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37318SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37319SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37320SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37321SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37322SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37323SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37324SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37326SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37327SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37328SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37329SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37330SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37331SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37332SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37333SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37334Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-37336SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-38019Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38021Microsoft Office Remote Code Execution Vulnerability
CVE-2024-38023Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38024Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38025Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38028Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38032Microsoft Xbox Remote Code Execution Vulnerability
CVE-2024-38044DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-38049Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
CVE-2024-38051Windows Graphics Component Remote Code Execution Vulnerability
CVE-2024-38053Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
CVE-2024-38060Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2024-38074Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38076Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38077Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38078Xbox Wireless Adapter Remote Code Execution Vulnerability
CVE-2024-38086Azure Kinect SDK Remote Code Execution Vulnerability
CVE-2024-38087SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-38088SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-38094Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2024-38104Windows Fax Service Remote Code Execution Vulnerability

Security Feature Bypass Vulnerabilities 

CVE-2024-26184Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28899Secure Boot Security Feature Bypass Vulnerability
CVE-2024-30098Windows Cryptographic Services Security Feature Bypass Vulnerability
CVE-2024-37969Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37970Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37971Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37972Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37973Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37974Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37975Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37977Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37978Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37981Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37984Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37986Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37987Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37988Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37989Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38010Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38011Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38058BitLocker Security Feature Bypass Vulnerability
CVE-2024-38065Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38069Windows Enroll Engine Security Feature Bypass Vulnerability
CVE-2024-38070Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability

Spoofing Vulnerabilities 

CVE-2024-30081Windows NTLM Spoofing Vulnerability
CVE-2024-35266Azure DevOps Server Spoofing Vulnerability
CVE-2024-35267Azure DevOps Server Spoofing Vulnerability
CVE-2024-38020Microsoft Outlook Spoofing Vulnerability
CVE-2024-38030Windows Themes Spoofing Vulnerability
CVE-2024-38112Windows MSHTML Platform Spoofing Vulnerability

Share This Article

An Article By

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.