August Patching Update: Security Amid a Heat Wave of Vulnerabilities

As the August heat settles in, we’re reminded of the importance of staying hydrated to keep ourselves functioning at our best. Similarly, your systems need regular maintenance and updates to remain resilient against the rising tide of cyber threats. Just as water keeps your body in peak condition, these patches are vital to maintaining the health and security of your IT infrastructure. This month, we’re diving into the essential patching updates from Microsoft and Linux to ensure your systems are well-equipped to handle whatever vulnerabilities come their way.

Microsoft’s August Patching Overview

This month, Microsoft has addressed a total of 61 vulnerabilities, categorized as follows:

• 36 Elevation of Privilege Vulnerabilities
• 4 Security Feature Bypass Vulnerabilities
• 28 Remote Code Execution Vulnerabilities
• 8 Information Disclosure Vulnerabilities
• 6 Denial of Service Vulnerabilities
• 7 Spoofing Vulnerabilities

 Zero-Day Vulnerabilities:

This month, Microsoft addressed an unusually high number of zero-day vulnerabilities—ten in total. This surge underscores an urgent need for attention, as attackers actively exploit zero-day vulnerabilities before patches are available, making them particularly dangerous. Addressing these vulnerabilities is critical to safeguarding your systems from potential threats.

• CVE-2024-38178: A Scripting Engine Memory Corruption Vulnerability, which could allow an attacker to execute arbitrary code on a target system.
• CVE-2024-38193: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability that could enable an attacker to gain elevated access to system resources.
• CVE-2024-38213: Windows Mark of the Web Security Feature Bypass Vulnerability, allowing malicious code to run without proper security checks.
• CVE-2024-38106: Windows Kernel Elevation of Privilege Vulnerability that might allow attackers to execute code with elevated permissions.
• CVE-2024-38107: Windows Power Dependency Coordinator Elevation of Privilege Vulnerability that results in unauthorized access and system compromise.
• CVE-2024-38189: Microsoft Project Remote Code Execution Vulnerability, allowing attackers to execute arbitrary code remotely.
• CVE-2024-38199: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability, which might enable attackers to take control of affected systems.
• CVE-2024-21302: Windows Secure Kernel Mode Elevation of Privilege Vulnerability, leading to unauthorized access with elevated privileges.
• CVE-2024-38200: Microsoft Office Spoofing Vulnerability, which could trick users into interacting with malicious content.
• CVE-2024-38202: Windows Update Stack Elevation of Privilege Vulnerability, allowing attackers to elevate their privileges and gain control over the system.
• CVE-2024-38063: Windows TCP/IP Remote Code Execution Vulnerability – Systems are not affected if IPv6 is disabled on the target machine.

Resolution of Known Issues from January 2024 WinRE Update

Microsoft has retired the January 2024 update causing 0x80070643 errors, ensuring that these errors no longer affect system stability.

Exchange Updates

Microsoft released a Hotfix for Exchange late in April to address numerous known issues from the March Exchange Security Update. OneNeck’s customers have not been affected by those known issues, so we have held off on applying the Hotfix to customer Exchange Servers. We continue to wait for the next Exchange Update to apply the included update (there are no Exchange Security Updates this month). 

Exchange 2016:

Exchange 2016 is approaching the end of extended support and will be out of support on October 14th, 2025. If you are using Exchange Server 2019, you can perform an in-place upgrade to the next version, Exchange Server Subscription Edition (SE), so Exchange Server 2016 will need to be decommissioned at some point.

OneNeck encourages all customers using Exchange to upgrade to Exchange Server 2019. If you have questions about how OneNeck can assist you with your upgrade decisions, don’t hesitate to get in touch with the Service Desk.

Linux Patching Insights for August

This month’s Linux updates are vital for maintaining the security and stability of your environment. Noteworthy patches include:

• CVE-2024-5564: Security update for libndp
• CVE-2024-39936: Security update for qt5-qtbase
• CVE-2024-21147: Security update for java-11-openjdk and java-1.8.0-openjdk
• CVE-2024-6604: Security update for Firefox
• CVE-2024-32487: Security update for less
• CVE-2024-36007: Security and bug fix update for the kernel
• CVE-2024-39573: Security update for httpd
• CVE-2024-4467: Security update for qemu-kvm
• CVE-2024-3652: Security update for libreswan
• CVE-2024-35235: Security update for cups
• CVE-2023-31346: Security update for linux-firmware
• CVE-2024-3651: Security update for python-idna
• CVE-2023-52425: Security and bug fix update for xmlrpc-c
• CVE-2024-28182: Security update for nghttp2
• CVE-2024-24806: Security update for libuv
• CVE-2024-34064: Security update for python-jinja2
• CVE-2024-38580: Security update for the kernel
• CVE-2024-6409: Security update for openssh

These updates cover a broad spectrum of vulnerabilities, each playing a crucial role in keeping your Linux servers safe from potential threats and running smoothly. We understand that keeping up with patches can be challenging, but promptly applying these updates will help you avoid any issues and maintain your systems’ security and stability.

Microsoft Office & SharePoint Patching Updates

While our scheduled patching activities are comprehensive, they are designed to complement your internal update processes for a wide range of products, including Microsoft Office and SharePoint. We encourage our clients to regularly review and apply updates across all software to ensure the highest level of security. For insights on integrating these updates seamlessly into your security strategy or how OneNeck can support your efforts, do not hesitate to reach out to our Service Desk.

Closing Thoughts

As the August heat reminds us to stay protected from the sun, it’s equally essential to shield your systems from emerging cyber threats by applying these critical updates. By staying proactive now, you’ll prevent potential headaches down the line and ensure your systems remain resilient. If you have any questions or need a helping hand, OneNeck is here to support you on your cybersecurity journey. Stay secure and patched, and let’s keep your systems cool and protected this summer.

Each month, OneNeck engineers review newly released updates from vendors, like Microsoft, to understand any known issues, actions required and understand the priority of each. This is done immediately following Patch Tuesday releases, and we monitor for adjustments to patches throughout each month.

The information above is gathered monthly during this review and posted for awareness to our customers. This information is generally updated only once per month and is based on our engineers’ review of the information provided by the vendor at that time. As always, for the most up-to-date patching information, please see the vendor’s website or contact us.

Note: If OneNeck actively manages a device or software that is impacted by any of these vulnerabilities, when necessary, OneNeck will be in direct contact with you regarding remediation.

Additional Resources: