Microsoft’s June 2024 Patch Tuesday includes security updates for 51 vulnerabilities, among them 18 remote code execution (RCE) flaws and one publicly disclosed zero-day. Despite the high number of RCEs, only one critical vulnerability was patched this month—a flaw in Microsoft Message Queuing (MSMQ) that could allow remote attackers to execute code on affected systems.
Breakdown of Vulnerabilities
The vulnerabilities addressed in this month’s release include:
- 25 Elevation of Privilege (EoP) vulnerabilities
- 18 Remote Code Execution (RCE) vulnerabilities
- 3 Information Disclosure vulnerabilities
- 5 Denial of Service (DoS) vulnerabilities
The total does not include seven Microsoft Edge vulnerabilities that were resolved earlier on June 3rd. Non-security updates released today include Windows 11 KB5039212 and Windows 10 KB5039211.
Zero-Day Vulnerability
While no actively exploited vulnerabilities were addressed in this release, Microsoft patched one publicly disclosed zero-day, which had already been fixed in other DNS software earlier this year.
CVE-2023-50868 | DNSSEC NSEC3 KeyTrap Denial of Service Vulnerability
Affects: DNS resolvers that validate DNSSEC records
This vulnerability, known as KeyTrap, affects how resolvers handle NSEC3 “closest encloser” proofs. Attackers can trigger a denial of service by exhausting CPU resources during DNSSEC validation. The flaw was previously disclosed in February and addressed by several vendors, including BIND, PowerDNS, Unbound, Knot Resolver, and Dnsmasq.
Other Notable Vulnerabilities
Several vulnerabilities fixed this month stand out due to their potential impact:
- Multiple Microsoft Office RCEs were addressed, including vulnerabilities in Microsoft Outlook that can be exploited from the preview pane—a known attack vector in targeted phishing campaigns.
- Seven Windows Kernel EoP vulnerabilities were resolved, all of which could allow a local attacker to escalate to SYSTEM-level privileges, potentially aiding in lateral movement or post-exploitation activity.
Adobe and Other Vendor Updates
Security updates released by other major vendors in June 2024 include:
- Apple: Released visionOS 1.2, which addresses 21 vulnerabilities.
- ARM: Patched an actively exploited flaw in Mali GPU kernel drivers.
- Cisco: Issued updates for Cisco Finesse and Webex.
- Cox: Fixed an API authentication bypass that affected millions of broadband modems.
- F5: Released fixes for two high-severity API vulnerabilities in BIG-IP Next Central Manager.
- PHP: Patched a critical RCE vulnerability, now linked to ransomware attacks.
- TikTok: Fixed a zero-click zero-day in direct messages, previously exploited in targeted campaigns.
- VMware: Issued patches for three zero-day vulnerabilities exploited at Pwn2Own 2024.
- Zyxel: Released an emergency patch for a critical RCE flaw in end-of-life NAS devices.
SAP’s June 2024 security advisories are no longer publicly accessible, as they now require a customer login to view.
Recommendations for Users and Administrators
Despite a relatively lower vulnerability count this month, several flaws—particularly in Outlook, the Windows kernel, and the Microsoft Message Queuing service—warrant immediate attention. Although none of the patched vulnerabilities were reported as exploited in the wild at the time of release, the existence of a publicly known DNS flaw (KeyTrap) and the presence of preview pane RCEs make this update cycle especially relevant for enterprise security teams.
Security teams should prioritize deploying updates across systems that use MSMQ, Microsoft Office, and DNSSEC-validating resolvers. Patch validation and monitoring for unusual process behavior or privilege escalation attempts should remain active throughout this deployment cycle.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
https://www.netizen.net/contact
