March Patching Update: Ensuring a Secure Spring
Welcome to March’s edition of the OneNeck IT Solutions patching blog. As spring approaches, we’re here to help ensure your IT environment is prepared and protected against the latest identified vulnerabilities. This month’s update highlights a variety of patches across Microsoft products and Linux environments, aiming to keep your systems secure and efficient.
Microsoft’s March Patching Overview
In March, Microsoft tackled a total of 59 vulnerabilities, detailed as follows:
- 24 Elevation of Privilege Vulnerabilities
- 3 Security Feature Bypass Vulnerabilities
- 18 Remote Code Execution Vulnerabilities
- 6 Information Disclosure Vulnerabilities
- 6 Denial of Service Vulnerabilities
- 2 Spoofing Vulnerabilities
Fortunately, there are no zero-day vulnerabilities to address this month, allowing IT teams to focus on routine updates and fortifications against potential future exploits.
March’s Patching Highlights
This month’s updates require particular attention to the following vulnerabilities:
- CVE-2024-21407: A Critical Remote Code Execution Vulnerability in Windows Hyper-V.
- CVE-2024-21400: An Elevation of Privilege Vulnerability in Microsoft Azure Kubernetes Service Confidential Container.
- CVE-2024-26199: An Elevation of Privilege Vulnerability in Microsoft Office.
- CVE-2024-20671: A Security Feature Bypass Vulnerability in Microsoft Defender.
These patches address a range of issues, from remote code execution, which could allow unauthorized access to systems, to enact an elevation of privilege. Including a Security Feature Bypass Vulnerability in Microsoft Defender highlights the necessity of this month’s updates, as it affects a core component of Microsoft’s security infrastructure, potentially leaving systems vulnerable to various threats. Administrators are urged to prioritize these patches to mitigate the risks associated with these vulnerabilities, ensuring the protection of systems against exploitation.
Featured Linux Patching Updates
Our Linux Team has closely examined the landscape and identified several critical updates for this month. Each patch plays a significant role in maintaining the security and stability of Linux environments:
- CVE-2023-45863: Important updates for Oracle Linux Unbreakable Enterprise Kernel version 4.14.35 and 5.4.17, enhancing kernel security.
- CVE-2023-4623: Critical security update for the Oracle Linux kernel, bolstering system defenses.
- CVE-2023-42753: Important update for Oracle Linux, addressing security and bug fixes for enhanced system stability.
- CVE-2023-4921: Security update for Oracle Linux Unbreakable Enterprise Kernel version 4.1.12, targeting vulnerabilities for improved security.
- CVE-2023-50868: Significant security update for Oracle Linux’s Unbound, enhancing the security framework of network resolution.
- CVE-2023-6622: Updates for Oracle Linux Unbreakable Enterprise Kernel, patching critical security gaps.
- CVE-2024-0646: Kernel Security Update, crucial for maintaining the integrity and security of the Linux kernel.
- CVE-2024-1551, CVE-2024-1552, CVE-2024-1553: This is a series of important Firefox security updates vital for secure web browsing and system security.
- CVE-2024-21885: An important security update for Oracle Linux’s TigerVNC, ensuring secure remote desktop connections.
These updates safeguard your Linux servers against potential breaches and system vulnerabilities. Given the critical nature of these vulnerabilities, we recommend a thorough review and timely application of these patches to maintain optimal security and functionality within your Linux environment.
Exchange Server
OneNeck strongly cautions customers not to apply the Security Updates for Exchange this month carelessly. Doing so may cause issues with OWA, Exchange Monitoring, and attachment inspection/scanning conditions. We encourage you to review all documentation available from Microsoft regarding this month’s update before proceeding. Customers who are contracted with us for Exchange Management will have the update installed under separate change requests.
Additionally, it is crucial to note that Microsoft will no longer be releasing Cumulative Updates for Exchange Server 2016. As a result, our team strongly recommends that all customers upgrade to Exchange Server 2019. If you have questions about how OneNeck can assist you with your upgrade decisions, do not hesitate to contact the Service Desk (800-272-3077).
SQL Server 2019 Cumulative Update
There is a known issue with KB5033688 (Cumulative Update 25 for SQL Server 2019), released on February 15th, 2024. This fix might create access violation dump files when the SESSION is reset for reuse. Microsoft is continuing to work on a resolution for this issue. We anticipate this fix will likely be included in the next Cumulative Update release.
Microsoft Office & SharePoint Updates
While our scheduled patching activities are comprehensive, they are designed to complement your internal update processes for a wide range of products, including Microsoft Office and SharePoint. We encourage our clients to regularly review and apply updates across all software to ensure the highest level of security. For insights on integrating these updates seamlessly into your security strategy or how OneNeck can support your efforts, do not hesitate to reach out to our Service Desk.
Closing Thoughts
As we march into spring, the proactive application of these updates is key to maintaining a strong cybersecurity posture. Stay ahead of potential threats by ensuring your environment is up-to-date. If you need assistance or have questions, OneNeck is here to support you.
Stay secure and patched, and let’s welcome a safe start to spring together.
Each month, OneNeck engineers review newly released updates from vendors, like Microsoft, to understand any known issues, actions required and understand the priority of each. This is done immediately following Patch Tuesday releases, and we monitor for adjustments to patches throughout each month.
The information above is gathered monthly during this review and posted for awareness to our customers. This information is generally updated only once per month and is based on our engineers’ review of the information provided by the vendor at that time. As always, for the most up-to-date patching information, please see the vendor’s website or contact us.
Note: If OneNeck actively manages a device or software that is impacted by any of these vulnerabilities, when necessary, OneNeck will be in direct contact with you regarding remediation.
Additional Resources: