June Patching Update: Securing Systems as Temperatures Rise

Welcome to June’s edition of the OneNeck IT Solutions patching blog. As we approach the Summer Solstice; the longest day of the year, it’s a perfect reminder to shed light on and address vulnerabilities within your systems. Staying proactive in patching and updating is essential as we move into the summer months. This month, we highlight critical updates from Microsoft and significant patches within the Linux environment to ensure your systems remain secure and efficient.

Microsoft Patching Overview

This month, Microsoft has addressed a total of 51 vulnerabilities, categorized as follows:

• 25 Elevation of Privilege Vulnerabilities
• 18 Remote Code Execution Vulnerabilities
• 3 Information Disclosure Vulnerabilities
• 5 Denial of Service Vulnerabilities

Notably, one zero-day vulnerability was patched this month for Microsoft products CVE-2023-50868. This vulnerability involves the NSEC3 Closest Encloser Proof and can exhaust CPU resources, potentially leading to a denial of service. When combined, these updates address an array of critical issues, including remote code execution, privilege escalation, and security feature bypasses. Promptly applying these patches is crucial to prevent potential exploits and maintain system integrity.

Highlighted Patching for June

This month’s critical updates include:

• CVE-2023-50868: MITRE: NSEC3 Closest Encloser Proof Can Exhaust CPU
• CVE-2024-30080: Microsoft Message Queuing Remote Code Execution Vulnerability
• CVE-2024-30082, CVE-2024-30087 & CVE-2024-30091: Win32k Elevation of Privilege Vulnerability
• CVE-2024-30064, CVE-2024-30068, CVE-2024-30088 & CVE-2024-30099: Windows Kernel Elevation of Privilege Vulnerability
• CVE-2024-30085: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exchange Updates

As mentioned in last month’s blog, Microsoft released a Hotfix for Exchange late in April to cumulatively address the issues resulting from the March Exchange Security Update. OneNeck’s customers have not been affected by these issues; as such, our team has held off on applying the Hotfix and will wait for the next Exchange Update.

In the April Hotfix, Microsoft introduced support for ECC certificates and Hybrid Modern Authentication for OWA/ECP, available exclusively for Exchange Server 2019. The following Security or Cumulative Update for Exchange 2019 will also include these features.

Microsoft has recognized the need for DKIM and DMARC for Exchange Server On-Prem following the Q1 2024 announcement from Google and Yahoo. However, at his point in time there have not been any further updates. Customers routing their mail through MS365 should be mostly unaffected by the changes mentioned above rather than sending mail directly from their On-Prem Exchange Server.

Additionally, Microsoft released an Exchange Server Roadmap update this month, outlining their plans for Exchange Server SE (Subscription Edition). This edition is expected to be released early in the third quarter of 2025, coinciding with the end-of-life date for Exchange Server 2016 and 2019. Exchange Server SE will be the code equivalent to Exchange Server 2019 CU15. OneNeck encourages all customers using Exchange to upgrade to Exchange Server 2019. If you have any questions about how OneNeck can assist you with your upgrade decisions, please contact the Service Desk.

Linux Patching Insights for June

This month’s Linux updates are crucial for maintaining the security and stability of your environment. Noteworthy patches include:

• CVE-2023-25775: Kernel Security and Bug Fix Update addressing critical kernel vulnerabilities.
• CVE-2023-20592: Linux-firmware security update to enhance hardware compatibility and security.
• CVE-2023-45235: Edk2 Security Update to improve firmware security.
• CVE-2023-50868: Bind and DHCP security update to secure DNS and network configuration.
• CVE-2024-0450: Python3 Security Update to fix vulnerabilities in the Python programming language.
• CVE-2024-1394: Grafana Security Update and Oracle Linux grafana security update to enhance performance monitoring security.
• CVE-2024-23213: Webkit2gtk3 Security Update to secure web content rendering engines.
• CVE-2024-24549: Tomcat Security and Bug Fix Update to improve web server security.
• CVE-2024-3019: Oracle Linux pcp security update to enhance performance monitoring security.
• CVE-2024-31083: Tigervnc / Xorg-X11 Security Update to secure remote desktop and graphical server environments.
• CVE-2024-32487: Less Security Update to fix vulnerabilities in the less file pager.
• CVE-2024-33602: Glibc Security Update to address critical issues in the GNU C Library.
• CVE-2024-4777: Firefox Security Update to ensure secure web browsing.
• CVE-2023-1989, CVE-2023-40551, CVE-2024-1086: Oracle Linux Unbreakable Enterprise kernel security update to address multiple kernel vulnerabilities.
• CVE-2024-2201: Oracle Linux shim security update to improve boot loader security.

We recommend that you promptly apply all relevant patches to safeguard Linux servers, provide system functionality and ensure robust security.

Microsoft Office & SharePoint Updates

While our scheduled patching activities are comprehensive, they are designed to complement your internal update processes for a wide range of products, including Microsoft Office and SharePoint. We encourage our clients to regularly review and apply updates across all software to ensure the highest level of security. For insights on integrating these updates seamlessly into your security strategy or how OneNeck can support your efforts, do not hesitate to contact our Service Desk.

Closing Thoughts

Maintaining a solid security posture through regular patching is crucial as we move into the heart of summer. Just as applying sunscreen shields you from the sun’s harmful rays, quickly applying these updates will help safeguard your systems against potential threats. If you need assistance or have questions, OneNeck supports your cybersecurity efforts.

Stay secure and patched, and let’s keep your systems cool and protected this summer.

Each month, OneNeck engineers review newly released updates from vendors, like Microsoft, to understand any known issues, actions required and understand the priority of each. This is done immediately following Patch Tuesday releases, and we monitor for adjustments to patches throughout each month.

The information above is gathered monthly during this review and posted for awareness to our customers. This information is generally updated only once per month and is based on our engineers’ review of the information provided by the vendor at that time. As always, for the most up-to-date patching information, please see the vendor’s website or contact us.

Note: If OneNeck actively manages a device or software that is impacted by any of these vulnerabilities, when necessary, OneNeck will be in direct contact with you regarding remediation.

 

Additional Resources: