Welcome to PDQ’s August 2024 Patch Tuesday recap! As kids head back to school, we want to shout out our fellow sysadmins in the education industry. Whether you're dealing with returning staff who’ve forgotten their passwords, managing endless Chromebooks, or feeling overworked and understaffed, we salute you. And now, as you drop everything to deploy patches, know that we’re here for you.
Feel free to join our sysadmin-centric Discord server to chat about IT or education (or if you just need a place to vent). Oh, and maybe treat yourself to a steak dinner since today is National Filet Mignon Day. You deserve it.
Now let’s dive into the Patch Tuesday goodness and see what Microsoft has in store for us this month.
Total exploits patched: 93
Critical patches: 9
Already known or exploited: 10
Some highlights (or lowlights)
CVE-2024-38063: We're starting this month off with a doozy of a vulnerability. Known as CVE-2024-38063 and coming in at a whopping 9.8 CVSS score, this vulnerability impacts basically all Windows devices that have IPv6 enabled. With a network attack vector, low complexity, and no privileges required, this one only requires a bad actor to repeatedly send specially crafted IPv6 packets, which could enable remote code execution. Wow. For all you sysadmins who were too lazy to implement IPv6, your idleness has paid off this time. Regardless, start testing and deploying this patch immediately.
CVE-2024-38166 & CVE-2024-38109: As a special treat, I thought I would include a two-for-one this month. CVE-2024-38166 is a Microsoft Dynamics 365 cross-site scripting vulnerability that can lead to spoofing, and CVE-2024-38109 is an Azure Health Bot elevation of privilege vulnerability. Both are pretty bad in their own right, but thankfully, Microsoft has already remediated both of these vulnerabilities for us. No action is needed from us. Don't ever say Microsoft's never done anything for you.
CVE-2024-38213: Our last highlight today is CVE-2024-38213, which is a security bypass exploit. Basically, this is your classic phishing scenario. A bad actor sends a malicious file and convinces a user to click on it. Usually, Microsoft Defender SmartScreen would protect against this type of behavior. Unfortunately, an attacker who exploits this vulnerability would bypass the SmartScreen user experience. Again, deploy this patch sooner rather than later, unless you really trust your users not to click on stupid stuff.
Wrapping up
One more Patch Tuesday for the history books. Unfortunately, it was a rather brutal month for patches, which doesn’t make back-to-school season any easier for all you EDU sysadmins, but PDQ can help.
If you’re struggling to keep on top of your patch management, make sure to try out PDQ Connect, which can automate your patch deployments. And if you need visibility into the vulnerabilities impacting your organization, try out PDQ Detect, which can prioritize vulnerabilities, drastically simplifying remediation.
Loading...