SlideShare a Scribd company logo
1 of 40
Download to read offline
Live from Texas,
it’s Patch Tuesday!
April 2024 Patch Tuesday Webinar
Copyright © 2024 Ivanti. All rights reserved. 2
Chris Goettl Todd Schell
Vice President – Product Management Principal Product Manager
Copyright © 2024 Ivanti. All rights reserved. 3
Copyright © 2024 Ivanti. All rights reserved.
Agenda
§ April 2024 Patch Tuesday Overview
§ In the News
§ Bulletins and Releases
§ Between Patch Tuesdays
§ Q & A
Copyright © 2024 Ivanti. All rights reserved. 4
April Patch Tuesday 2024
Microsoft resolved 150 new CVEs for April Patch
Tuesday! This may sound like a downpour, but only
three are rated Critical and only one is a Zero-day
(CVE-2024-26234). The zero-day makes the OS update
your highest priority this month, but a couple of things to
watch for is the SQL Server update of 38 CVEs and the
9 Azure CVEs. These are the areas that will likely take a
little more research, testing, and planning to rollout.
Adobe also released 9 updates, but all were rated as
Priority 3. Google Chrome is expected later in the
evening to round out the Patch Tuesday lineup.
For more details check out this month's Patch Tuesday
blog.
Copyright © 2024 Ivanti. All rights reserved. 5
In the News
Copyright © 2024 Ivanti. All rights reserved. 6
In the News
§ XZ Backdoor: What versions are vulnerable?
§ https://www.techrepublic.com/article/xz-backdoor-linux/
§ Prominent breaches driving cybersecurity regulations
§ https://federalnewsnetwork.com/commentary/2024/04/leveraging-lessons-from-the-okta-breach-to-enhance-
federal-cybersecurity/
§ https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity
§ New Hardening Changes in April
§ https://support.microsoft.com/en-us/topic/kb5036534-latest-windows-hardening-guidance-and-key-
dates-eb1bd411-f68c-4d74-a4e1-456721a6551b
§ Secure Boot Bypass step-by-step instructions in KB 5025885 to enable mitigations after update
§ Oracle’s Critical Patch Updates (CPU) are released next week
Copyright © 2024 Ivanti. All rights reserved. 7
New and Notable Linux Vulnerabilities: 1
CVE-2024-3094
§ CVSS 3: 10.0
§ A backdoor was found in the xz package, versions
5.6.0 and 5.6.1, which provides compression
functionality for different components of the system
including the Kernel
§ Through a series of elaborate dependencies and
code injection, xz would deploy the backdoor into the
secure shell daemon process (sshd), enabling a yet-
to-be-identified attacker to remotely access and
execute code on any affected system.
Impact:
The most high-tech code implant and supply chain
attack to date: this operation took place over a period
of 2 years, in which attacker gained trust of the xz
project maintainer, infiltrated the project, and could
tamper with the code in such a way that would, had it
not been caught, lead to the installation of the backdoor
on all Debian (incl Ubuntu) and Red Hat-based
distributions and deployed systems.
Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 8
New and Notable Linux Vulnerabilities: 2
CVE-2024-25617
§ CVSS 3: 8.6
§ Squid, a web proxy cache, was found to be
susceptible to a Denial-of-Service attack through the
use of HTTP chunked messages.
§ Exploiting this flaw lets a remote attacker block
squid's operation, rendering connections impossible
for legitimate users.
§ Since squid is often deployed as a "gateway"
between intranet systems and the outside Internet, it
could effectively block Internet access to all internal
systems and/or users.
Affects versions starting with 3.5.27 up to 6.8, where it
was fixed.
Mitigation
There is no known mitigation or workaround other
than upgrading affected squid versions to at least
6.8.
Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 9
New and Notable Linux Vulnerabilities: 3
CVE-2024-1086
§ CVSS 3: 7.8
§ Flaw in the Netfilter subsystem of the Linux Kernel
enables local privilege escalation.
§ Possible to trick Netfilter into mistaking NF_DROP
for an NF_ACCEPT (meaning a drop decision could
be misunderstood for an accept decision on a
specially crafted packet filtering rule), which would
lead to a double-free vulnerability in the code,
triggering a user-controlled crash.
§ Initially disclosed in January, but patching by
distributions was not done promptly.
Affects Kernel versions from 3.15 to 6.8-rc1, and
distributions like RHEL, Debian, Ubuntu, and
derivatives. Update to the latest version.
Background
The information on how to exploit this situation to
obtain root privileges has already been published
online and is easily accessible.
Highlighted by TuxCare
Copyright © 2024 Ivanti. All rights reserved. 10
Known Disclosed and Exploited Vulnerabilities
§ CVE-2024-26234 Proxy Driver Spoofing Vulnerability
§ CVSS 3.1 Scores: 6.7 / 5.8
§ Severity: Important
§ Impact: All Windows operating systems from Server 2008 through Windows 11
§ No description is provided for this CVE.
§ NOTE: This CVE was updated to show its exploited and disclosed status mid-day yesterday after the
initial set of Patch Tuesday updates had been released. The severity rating did not change from
Important due to the low CVSS scores.
Copyright © 2024 Ivanti. All rights reserved. 11
Microsoft Patch Tuesday Updates of Interest
Advisory 990001 Latest Servicing Stack
Updates (SSU)
§ https://msrc.microsoft.com/update-
guide/en-US/vulnerability/ADV990001
§ 2012 ESU OS and Windows 10
Azure and Development Tool Updates
§ .NET 6, 7, & 8
§ Azure Arc Cluster (multiple components)
§ Azure AI Search
§ Azure Compute Gallery
§ Azure Kubernetes Service Confidential
Containers
§ Azure Migrate
§ Other Azure Products
§ Visual Studio 2019 & 2022 (multiple
versions)
Source: Microsoft
Copyright © 2024 Ivanti. All rights reserved. 12
Windows 10
and 11 Lifecycle
Awareness
Windows 10 Enterprise and Education
Version Release Date End of Support Date
22H2 10/18/2022 10/14/2025
21H2 11/16/2021 6/11/2024
Windows 10 Home and Pro
Version Release Date End of Support Date
22H2 10/18/2022 10/14/2025
Windows 11 Home and Pro
Version Release Date End of Support Date
23H2 10/31/2023 11/11/2025
22H2 9/20/2022 10/8/2024
Windows 11 Enterprise and Education
Version Release Date End of Support Date
23H2 10/31/2023 11/10/2026
22H2 9/20/2022 10/14/2025
21H2 10/4/2021 10/8/2024
Source: Microsoft
https://docs.microsoft.com/en-us/lifecycle/faq/windows
Copyright © 2024 Ivanti. All rights reserved. 13
Server Long-term Servicing Channel Support
Server LTSC Support
Version Editions Release Date Mainstream Support Ends Extended Support Ends
Windows Server 2022 Datacenter and Standard 08/18/2021 10/13/2026 10/14/2031
Windows Server 2019
(Version 1809)
Datacenter, Essentials, and Standard 11/13/2018 01/09/2024 01/09/2029
Windows Server 2016
(Version 1607)
Datacenter, Essentials, and Standard 10/15/2016 01/11/2022 01/11/2027
https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info
§ Focused on server long-term stability
§ Major version releases every 2-3 years
§ 5 years mainstream and 5 years extended support
§ Server core or server with desktop experience available
Source: Microsoft
Copyright © 2024 Ivanti. All rights reserved. 14
Patch Content Announcements
Announcements Posted on Community Forum Pages
§ https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2
§ Subscribe to receive email for the desired product(s)
Content Info: Endpoint Security
Content Info: Endpoint Manager
Content Info: macOS Updates
Content Info: Linux Updates
Content Info: Patch for Configuration Manager
Content Info: ISEC and Neurons Patch
Content Info: Neurons Patch for InTune
Copyright © 2024 Ivanti. All rights reserved. 15
Bulletins and Releases
Copyright © 2024 Ivanti. All rights reserved. 16
MS24-04-W11: Windows 11 Update
§ Maximum Severity: Important
§ Affected Products: Microsoft Windows 11 Version 21H2, 22H2, 23H2 and Edge Chromium
§ Description: This bulletin references KB 5036894 (21H2) and KB 5036893 (22H2/23H2).
§ Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing,
Elevation of Privilege, and Information Disclosure
§ Fixes 69 Vulnerabilities: CVE-2024-26234 is known exploited and publicly disclosed. See the
Security Update Guide for the complete list of CVEs.
§ Restart Required: Requires restart
§ Known Issues: None reported
1
2
Copyright © 2024 Ivanti. All rights reserved. 17
MS24-04-W10: Windows 10 Update
§ Maximum Severity: Important
§ Affected Products: Microsoft Windows 10 Versions 1607, 1809, 21H2, 22H2, Server 2016,
Server 2019, Server 2022, Server 2022 Datacenter: Azure Edition, Server 2022 23H2 Edition,
and Edge Chromium
§ Description: This bulletin references 6 KB articles. See KBs for the list of changes.
§ Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing,
Elevation of Privilege, and Information Disclosure
§ Fixes 91 Vulnerabilities: CVE-2024-26234 is known exploited and publicly disclosed. See the
Security Update Guide for the complete list of CVEs.
§ Restart Required: Requires restart
§ Known Issues: See next slide
1
2
Copyright © 2024 Ivanti. All rights reserved. 18
April Known Issues for Windows 10
§ KB 5036892 – Windows 10 Enterprise and Education, version 21H2 Windows 10 IoT Enterprise,
version 21H2 Windows 10 Enterprise Multi-Session, version 21H2 Windows 10, version 22H2,
all editions
§ [Copilot Not Supported] Copilot in Windows (in preview) is not currently supported when
your taskbar is located vertically on the right or left of your screen. Workaround: To
access Copilot in Windows, make sure your taskbar is positioned horizontally on the top or
bottom of your screen.
§ [Icon Display] Windows devices using more than one (1) monitor might experience issues
with desktop icons moving unexpectedly between monitors or other icon alignment issues
when attempting to use Copilot in Windows (in preview).
§ Microsoft is working on a resolution for both issues.
Copyright © 2024 Ivanti. All rights reserved. 19
MS24-04-SQL: Security Updates for SQL Server
§ Maximum Severity: Important
§ Affected Products: Microsoft SQL Server 2019 CU25 and 2022 CU12, Server 2019 and 2022
GDR are also available
§ Description: This security update fixes a series of Microsoft OLE DB Driver vulnerabilities which
could allow remote code execution. This bulletin is based on 4 KB articles.
§ Impact: Remote Code Execution
§ Fixes 38 Vulnerabilities: No CVEs are known exploited or publicly disclosed. See the Security
Update Guide for the complete list of CVEs.
§ Restart Required: Requires restart
§ Known Issues: None reported
2
Copyright © 2024 Ivanti. All rights reserved. 20
§ Maximum Severity: Important
§ Affected Products: Microsoft 365 Apps and Office LTSC for Mac 2021
§ Description: This month’s update resolved various bugs and performance
issues in Office applications. Information on the security updates is available at
https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates.
§ Impact: Remote Code Execution
§ Fixes 1 Vulnerability: CVE-2024-26257 is not known to be exploited or publicly disclosed
§ Restart Required: Requires application restart
§ Known Issues: None reported
MS24-04-O365: Security Updates Microsoft 365 Apps
1
2
Copyright © 2024 Ivanti. All rights reserved. 21
MS24-04-SPT: Security Updates for Sharepoint Server
§ Maximum Severity: Important
§ Affected Products: Microsoft SharePoint Server Subscription Edition, SharePoint Enterprise
Server 2016, and SharePoint Server 2019
§ Description: This month’s update resolves a vulnerability that would allow someone to
impersonate another user. This bulletin is based on 3 KB articles.
§ Impact: Spoofing
§ Fixes 1 Vulnerability: CVE-2024-26251 is not known to be exploited or publicly disclosed
§ Restart Required: Requires application restart
§ Known Issues: None reported
2
Copyright © 2024 Ivanti. All rights reserved. 22
MS24-04-MRNET: Monthly Rollup for Microsoft .NET
§ Maximum Severity: Important
§ Affected Products: Microsoft Windows .Net Framework 3.5 through 4.8.1
§ Description: This update fixes a vulnerability in the .NET framework whereby an attacker or
victim needs to execute code from the local machine to exploit the vulnerability. This bulletin
references 14 KB articles.
§ Impact: Remote Code Execution
§ Fixes 1 Vulnerability: CVE-2024-21409
§ Restart Required: Does not require a system restart after you apply it unless files that are being
updated are locked or are being used.
§ Known Issues: None reported
1
2
Copyright © 2024 Ivanti. All rights reserved. 23
MS24-04-SONET: Monthly Rollup for Microsoft .NET
§ Maximum Severity: Important
§ Affected Products: Microsoft Windows .Net Framework 3.5 through 4.8.1
§ Description: This update fixes a vulnerability in the .NET framework whereby an attacker or
victim needs to execute code from the local machine to exploit the vulnerability. This bulletin
references 14 KB articles.
§ Impact: Remote Code Execution
§ Fixes 1 Vulnerability: CVE-2024-21409
§ Restart Required: Does not require a system restart after you apply it unless files that are being
updated are locked or are being used.
§ Known Issues: None reported
1
2
Copyright © 2024 Ivanti. All rights reserved. 24
Between Patch Tuesdays
Copyright © 2024 Ivanti. All rights reserved. 25
Windows Release Summary
§ Security Updates (with CVEs): AutoCAD 2022 (1), AutoCAD 2023 (1) AutoCAD 2024 (1), Google
Chrome (3), Firefox (2), Firefox ESR (2), Snagit (2), Splunk Universal Forwarder (3), Thunderbird (1),
Wireshark (2)
§ Security Updates (w/o CVEs): Adobe Acrobat DC and Acrobat Reader DC (3), Apache Tomcat (3),
Cisco Webex Meetings Desktop App (1), ClickShare App Machine-Wide Installer (1), Dropbox (2),
Evernote (3), Firefox (1), GoodSync (3), Google Earth Pro (1), Grammarly for Windows (3), IrfanView
(1), LogMeIn (1), Malwarebytes (2), Node.JS (Current) (1), Node.JS (LTS Lower) (2), Node.JS (LTS
Upper) (2), Notepad++ (1), Opera (4), PDF24 Creator (1), Plex Media Server (1), Python (1),
Screenpresso (1), Skype (3), Slack Machine-Wide Installer (2), Tableau Desktop (8), Tableau Prep
Builder (1),Tableau Reader (1), TeamViewer (5), VMware Tools (1), Zoom Outlook Plugin (1), Zoom
Rooms Client (1), Zoom VDI (1)
§ Non-Security Updates: 8x8 Work Desktop (1), Camtasia (1), Cisco Webex Teams (1),CutePDF Writer
(1), Google Drive File Stream (1), GeoGebra Classic (1), NextCloud Desktop Client (2), RingCentral
App (Machine-Wide Installer) (1)
Copyright © 2024 Ivanti. All rights reserved. 26
Windows Third Party CVE Information
§ AutoCAD 2022.1.4
§ ADAC22-240328, QACAD202214
§ Fixes 44 Vulnerabilities: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776,
CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE-
2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-37434, CVE-2022-
40674, CVE-2022-42915, CVE-2022-42916, CVE-2022-46908, CVE-2023-29073, CVE-2023-29074,
CVE-2023-29075, CVE-2023-29076, CVE-2023-41139, CVE-2023-41140, CVE-2024-0446, CVE-2024-
23120, CVE-2024-23121, CVE-2024-23122, CVE-2024-23123, CVE-2024-23124, CVE-2024-23125,
CVE-2024-23126, CVE-2024-23127, CVE-2024-23128, CVE-2024-23129, CVE-2024-23130, CVE-
2024-23131, CVE-2024-23132, CVE-2024-23133, CVE-2024-23134, CVE-2024-23135, CVE-2024-
23136, CVE-2024-23137, CVE-2024-23138
§ AutoCAD 2023.1.5
§ ADAC23-240328, QACAD202315
§ Fixes 19 Vulnerabilities: CVE-2024-0446, CVE-2024-23120, CVE-2024-23121, CVE-2024-23122,
CVE-2024-23123, CVE-2024-23124, CVE-2024-23125, CVE-2024-23126, CVE-2024-23127, CVE-
2024-23128, CVE-2024-23129, CVE-2024-23130, CVE-2024-23131, CVE-2024-23132, CVE-2024-
23133, CVE-2024-23134, CVE-2024-23135, CVE-2024-23136, CVE-2024-23137
Copyright © 2024 Ivanti. All rights reserved. 27
Windows Third Party CVE Information (cont)
§ AutoCAD 2024.1.3
§ ADAC23-240328, QACAD202413
§ Fixes 20 Vulnerabilities: CVE-2024-0446, CVE-2024-23120, CVE-2024-23121, CVE-2024-23122,
CVE-2024-23123, CVE-2024-23124, CVE-2024-23125, CVE-2024-23126, CVE-2024-23127,
CVE-2024-23128, CVE-2024-23129, CVE-2024-23130, CVE-2024-23131, CVE-2024-23132,
CVE-2024-23133, CVE-2024-23134, CVE-2024-23135, CVE-2024-23136, CVE-2024-23137,
CVE-2024-23138
§ Google Chrome 123.0.6312.59
§ CHROME-240319, QGC1230631259
§ Fixes 7 Vulnerabilities: CVE-2024-2625, CVE-2024-2626, CVE-2024-2627, CVE-2024-2628, CVE-
2024-2629, CVE-2024-2630, CVE-2024-2631
§ Google Chrome 123.0.6312.86
§ CHROME-240326, QGC1230631286
§ Fixes 4 Vulnerabilities: CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887
Copyright © 2024 Ivanti. All rights reserved. 28
Windows Third Party CVE Information (cont)
§ Google Chrome 123.0.6312.106
§ CHROME-240402, QGC12306312106
§ Fixes 3 Vulnerabilities: CVE-2024-3156, CVE-2024-3158, CVE-2024-3159
§ Firefox 124.0
§ FF-240319, QFF1240
§ Fixes 12 Vulnerabilities: CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-
2613, CVE-2024-2614. CVE-2024-2615
§ Firefox 124.0.1
§ FF-240322, QFF12401
§ Fixes 2 Vulnerabilities: CVE-2024-29943, CVE-2024-29944
Copyright © 2024 Ivanti. All rights reserved. 29
Windows Third Party CVE Information (cont)
§ Firefox ESR 115.9.0
§ FFE-240319, QFFE11590
§ Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2610. CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-
2616
§ Firefox ESR 115.9.1
§ FFE-240322, QFFE11591
§ Fixes 1 Vulnerability: CVE-2024-29944
§ Thunderbird 115.9.0
§ TB-240319, QTB11590
§ Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-
2616
Copyright © 2024 Ivanti. All rights reserved. 30
Windows Third Party CVE Information (cont)
§ Splunk Universal Forwarder 9.0.9
§ SPLUNKF90-240329, QSPLUNKF909
§ Fixes 2 Vulnerabilities: CVE-2024-29945, CVE-2024-29946
§ Splunk Universal Forwarder 9.1.4
§ SPLUNKF91-240329, QSPLUNKF914
§ Fixes 2 Vulnerabilities: CVE-2024-29945, CVE-2024-29946
§ Splunk Universal Forwarder 9.2.1
§ SPLUNKF92-240329, QSPLUNKF921
§ Fixes 2 Vulnerabilities: CVE-2024-29945, CVE-2024-29946
Copyright © 2024 Ivanti. All rights reserved. 31
Windows Third Party CVE Information
§ SnagIt 2022.1.5
§ SNAG22-240321, QSNAG202215
§ Fixes 1 Vulnerability: CVE-2024-24810
§ SnagIt 2023.2.3
§ SNAG23-240320, QSNAG202323
§ Fixes 1 Vulnerability: CVE-2024-24810
§ Wireshark 4.0.14
§ WIRES40-240327, QWIRES4014EXE & QWIRES4014MSI
§ Fixes 1 Vulnerability: CVE-2024-2955
§ Wireshark 4.2.4
§ WIRES42-240327, QWIRES424EXE & QWIRES424MSI
§ Fixes 1 Vulnerability: CVE-2024-2955
Copyright © 2024 Ivanti. All rights reserved. 32
Apple Release Summary
§ Security Updates (with CVEs): Apple macOS Sonoma (1), Apple macOS Ventura (1), Apple
Safari (2), Google Chrome (3), Firefox (2), Firefox ESR (2), Microsoft Edge (3), Thunderbird (1)
§ Security Updates (w/o CVEs): Brave (1)
§ Non-Security Updates: Alfred (1), Adobe Acrobat DC and Acrobat Reader DC (2), Brave (2),
draw.io (1), Dropbox (2), Evernote (4), Firefox (1), Figma (2), Google Drive (1), Grammarly (8),
Hazel (1), IntelliJ IDEA (2), LibreOffice (1), OneDrive for Mac (1), Microsoft Office 2019 Outlook
(3), PyCharm Professional (2), Slack (1), SeaMonkey (1), Snagit (3), Spotify (2), Microsoft
Teams (1), Visual Studio Code (1)
Copyright © 2024 Ivanti. All rights reserved. 33
Apple Updates with CVE Information
§ macOS Ventura 13.6.6
§ HT214095
§ Fixes 1 Vulnerability: CVE-2024-1580
§ macOS Sonoma 14.4.1
§ HT214096
§ Fixes 1 Vulnerability: CVE-2024-1580
§ Safari 17.4 for Ventura and Monterey
§ HT214094
§ Fixes 1 Vulnerability: CVE-2024-1580
Copyright © 2024 Ivanti. All rights reserved. 34
Apple Third Party CVE Information
§ Google Chrome 123.0.6312.59
§ CHROMEMAC-240320
§ Fixes 10 Vulnerabilities: CVE-2024-1086, CVE-2024-1672, CVE-2024-1673, CVE-2024-2625,
CVE-2024-2626, CVE-2024-2627, CVE-2024-2628, CVE-2024-2629, CVE-2024-2630, CVE-2024-
2631
§ Google Chrome 123.0.6312.87
§ CHROMEMAC-240326
§ Fixes 4 Vulnerabilities: CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887
§ Google Chrome 123.0.6312.107
§ CHROMEMAC-240404
§ Fixes 3 Vulnerabilities: CVE-2024-3156, CVE-2024-3158, CVE-2024-3159
Copyright © 2024 Ivanti. All rights reserved. 35
Apple Third Party CVE Information (cont)
§ Firefox 124.0
§ FF-240319
§ Fixes 12 Vulnerabilities: CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-
2613, CVE-2024-2614. CVE-2024-2615
§ Firefox 124.0.1
§ FF-240322
§ Fixes 2 Vulnerabilities: CVE-2024-29943, CVE-2024-29944
§ Firefox ESR 115.9.0
§ FFE-240319
§ Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2610. CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-
2616
Copyright © 2024 Ivanti. All rights reserved. 36
Apple Third Party CVE Information (cont)
§ Firefox ESR 115.9.1
§ FFE-240322
§ Fixes 1 Vulnerability: CVE-2024-29944
§ Thunderbird 115.9.0
§ TB-240319
§ Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607,
CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-
2616
Copyright © 2024 Ivanti. All rights reserved. 37
Apple Third Party CVE Information (cont)
§ Microsoft Edge 123.0.2420.53
§ MEDGEMAC-240322
§ Fixes 10 Vulnerabilities: CVE-2023-29057, CVE-2024-26247, CVE-2024-2625, CVE-2024-
2626, CVE-2024-2627, CVE-2024-2628, CVE-2024-2629, CVE-2024-2630, CVE-2024-2631,
CVE-2024-29057
§ Microsoft Edge 123.0.2420.65
§ MEDGEMAC-240328
§ Fixes 4 Vulnerabilities: CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887
§ Microsoft Edge 123.0.2420.81
§ MEDGEMAC-240404
§ Fixes 5 Vulnerabilities: CVE-2024-29049, CVE-2024-29981, CVE-2024-3156, CVE-2024-
3158, CVE-2024-3159
Copyright © 2024 Ivanti. All rights reserved. 38
Q & A
Copyright © 2024 Ivanti. All rights reserved.
Copyright © 2024 Ivanti. All rights reserved. 39
Thank you
Copyright © 2024 Ivanti. All rights reserved.
By receiving this presentation (whether in tangible or digital form or through visual or auditory means), recipient
acknowledges and agrees that: (a) recipient will not copy, reproduce, transmit, divulge, or distribute the presentation or
its contents, in whole or in part, to any third party without the express written consent of Ivanti; (b) recipient will treat and
protect the presentation and its contents as "Confidential Information" under its Nondisclosure Agreement (NDA) with
Ivanti; (c) if recipient has not entered into an NDA with Ivanti, they unconditionally agree that by receiving this
presentation they will treat and protect this presentation and its contents in accordance with the foregoing restrictions
and in any event with no less care than afforded to its own confidential information; and (d) recipient’s failure to comply
with the foregoing obligations of confidentiality could result in substantial harm to Ivanti and may be cause for legal
action. If recipient does not agree to the above, they may not participate in receipt of the presentation.
Disclaimer
The information presented in this presentation is for information purposes only and is not a
commitment, promise, or legal obligation to deliver any material, code, or functionality and
should not be relied upon in making a purchasing decision.
40
Confidentiality Notice

More Related Content

Similar to 2024 April Patch Tuesday

Similar to 2024 April Patch Tuesday (20)

Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia Marzo
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de Marzo
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - Mars
 
Patch Tuesday Italia Maggio
Patch Tuesday Italia MaggioPatch Tuesday Italia Maggio
Patch Tuesday Italia Maggio
 
Français Patch Tuesday - Mai
Français Patch Tuesday - MaiFrançais Patch Tuesday - Mai
Français Patch Tuesday - Mai
 
Patch Tuesday de Mayo
Patch Tuesday de MayoPatch Tuesday de Mayo
Patch Tuesday de Mayo
 
2024 January Patch Tuesday
2024 January Patch Tuesday2024 January Patch Tuesday
2024 January Patch Tuesday
 
Français Patch Tuesday – Janvier
Français Patch Tuesday – JanvierFrançais Patch Tuesday – Janvier
Français Patch Tuesday – Janvier
 
Patch Tuesday de Enero
Patch Tuesday de EneroPatch Tuesday de Enero
Patch Tuesday de Enero
 
2024 Enero Patch Tuesday
2024 Enero Patch Tuesday2024 Enero Patch Tuesday
2024 Enero Patch Tuesday
 
2023 October Patch Tuesday
2023 October Patch Tuesday2023 October Patch Tuesday
2023 October Patch Tuesday
 
2023 Patch Tuesday de Octubre
2023 Patch Tuesday de Octubre2023 Patch Tuesday de Octubre
2023 Patch Tuesday de Octubre
 
2024 Gennaio Patch Tuesday
2024 Gennaio Patch Tuesday2024 Gennaio Patch Tuesday
2024 Gennaio Patch Tuesday
 
Français Patch Tuesday – Octobre
Français Patch Tuesday – OctobreFrançais Patch Tuesday – Octobre
Français Patch Tuesday – Octobre
 
2024 Janvier Patch Tuesday
2024 Janvier Patch Tuesday2024 Janvier Patch Tuesday
2024 Janvier Patch Tuesday
 
2023 Ottobre Patch Tuesday
2023 Ottobre Patch Tuesday2023 Ottobre Patch Tuesday
2023 Ottobre Patch Tuesday
 
2023 Ottobre Patch Tuesday
2023 Ottobre Patch Tuesday2023 Ottobre Patch Tuesday
2023 Ottobre Patch Tuesday
 
2023 January Patch Tuesday
2023 January Patch Tuesday2023 January Patch Tuesday
2023 January Patch Tuesday
 
FR September 2023 Patch Tuesday
FR September 2023 Patch TuesdayFR September 2023 Patch Tuesday
FR September 2023 Patch Tuesday
 

More from Ivanti

More from Ivanti (8)

Patch Tuesday de Diciembre
Patch Tuesday de DiciembrePatch Tuesday de Diciembre
Patch Tuesday de Diciembre
 
Français Patch Tuesday – Décembre
Français Patch Tuesday – DécembreFrançais Patch Tuesday – Décembre
Français Patch Tuesday – Décembre
 
2023 Patch Tuesday Italia Dicembre
2023 Patch Tuesday Italia Dicembre2023 Patch Tuesday Italia Dicembre
2023 Patch Tuesday Italia Dicembre
 
2023 Ivanti December Patch Tuesday
2023 Ivanti December Patch Tuesday2023 Ivanti December Patch Tuesday
2023 Ivanti December Patch Tuesday
 
Patch Tuesday Italia Novembre
Patch Tuesday Italia NovembrePatch Tuesday Italia Novembre
Patch Tuesday Italia Novembre
 
Français Patch Tuesday – Novembre
Français Patch Tuesday – NovembreFrançais Patch Tuesday – Novembre
Français Patch Tuesday – Novembre
 
Patch Tuesday de Noviembre
Patch Tuesday de NoviembrePatch Tuesday de Noviembre
Patch Tuesday de Noviembre
 
2023 November Patch Tuesday
2023 November Patch Tuesday2023 November Patch Tuesday
2023 November Patch Tuesday
 

Recently uploaded

Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 

Recently uploaded (20)

Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Your enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jYour enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4j
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 

2024 April Patch Tuesday

  • 1. Live from Texas, it’s Patch Tuesday! April 2024 Patch Tuesday Webinar
  • 2. Copyright © 2024 Ivanti. All rights reserved. 2 Chris Goettl Todd Schell Vice President – Product Management Principal Product Manager
  • 3. Copyright © 2024 Ivanti. All rights reserved. 3 Copyright © 2024 Ivanti. All rights reserved. Agenda § April 2024 Patch Tuesday Overview § In the News § Bulletins and Releases § Between Patch Tuesdays § Q & A
  • 4. Copyright © 2024 Ivanti. All rights reserved. 4 April Patch Tuesday 2024 Microsoft resolved 150 new CVEs for April Patch Tuesday! This may sound like a downpour, but only three are rated Critical and only one is a Zero-day (CVE-2024-26234). The zero-day makes the OS update your highest priority this month, but a couple of things to watch for is the SQL Server update of 38 CVEs and the 9 Azure CVEs. These are the areas that will likely take a little more research, testing, and planning to rollout. Adobe also released 9 updates, but all were rated as Priority 3. Google Chrome is expected later in the evening to round out the Patch Tuesday lineup. For more details check out this month's Patch Tuesday blog.
  • 5. Copyright © 2024 Ivanti. All rights reserved. 5 In the News
  • 6. Copyright © 2024 Ivanti. All rights reserved. 6 In the News § XZ Backdoor: What versions are vulnerable? § https://www.techrepublic.com/article/xz-backdoor-linux/ § Prominent breaches driving cybersecurity regulations § https://federalnewsnetwork.com/commentary/2024/04/leveraging-lessons-from-the-okta-breach-to-enhance- federal-cybersecurity/ § https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity § New Hardening Changes in April § https://support.microsoft.com/en-us/topic/kb5036534-latest-windows-hardening-guidance-and-key- dates-eb1bd411-f68c-4d74-a4e1-456721a6551b § Secure Boot Bypass step-by-step instructions in KB 5025885 to enable mitigations after update § Oracle’s Critical Patch Updates (CPU) are released next week
  • 7. Copyright © 2024 Ivanti. All rights reserved. 7 New and Notable Linux Vulnerabilities: 1 CVE-2024-3094 § CVSS 3: 10.0 § A backdoor was found in the xz package, versions 5.6.0 and 5.6.1, which provides compression functionality for different components of the system including the Kernel § Through a series of elaborate dependencies and code injection, xz would deploy the backdoor into the secure shell daemon process (sshd), enabling a yet- to-be-identified attacker to remotely access and execute code on any affected system. Impact: The most high-tech code implant and supply chain attack to date: this operation took place over a period of 2 years, in which attacker gained trust of the xz project maintainer, infiltrated the project, and could tamper with the code in such a way that would, had it not been caught, lead to the installation of the backdoor on all Debian (incl Ubuntu) and Red Hat-based distributions and deployed systems. Highlighted by TuxCare
  • 8. Copyright © 2024 Ivanti. All rights reserved. 8 New and Notable Linux Vulnerabilities: 2 CVE-2024-25617 § CVSS 3: 8.6 § Squid, a web proxy cache, was found to be susceptible to a Denial-of-Service attack through the use of HTTP chunked messages. § Exploiting this flaw lets a remote attacker block squid's operation, rendering connections impossible for legitimate users. § Since squid is often deployed as a "gateway" between intranet systems and the outside Internet, it could effectively block Internet access to all internal systems and/or users. Affects versions starting with 3.5.27 up to 6.8, where it was fixed. Mitigation There is no known mitigation or workaround other than upgrading affected squid versions to at least 6.8. Highlighted by TuxCare
  • 9. Copyright © 2024 Ivanti. All rights reserved. 9 New and Notable Linux Vulnerabilities: 3 CVE-2024-1086 § CVSS 3: 7.8 § Flaw in the Netfilter subsystem of the Linux Kernel enables local privilege escalation. § Possible to trick Netfilter into mistaking NF_DROP for an NF_ACCEPT (meaning a drop decision could be misunderstood for an accept decision on a specially crafted packet filtering rule), which would lead to a double-free vulnerability in the code, triggering a user-controlled crash. § Initially disclosed in January, but patching by distributions was not done promptly. Affects Kernel versions from 3.15 to 6.8-rc1, and distributions like RHEL, Debian, Ubuntu, and derivatives. Update to the latest version. Background The information on how to exploit this situation to obtain root privileges has already been published online and is easily accessible. Highlighted by TuxCare
  • 10. Copyright © 2024 Ivanti. All rights reserved. 10 Known Disclosed and Exploited Vulnerabilities § CVE-2024-26234 Proxy Driver Spoofing Vulnerability § CVSS 3.1 Scores: 6.7 / 5.8 § Severity: Important § Impact: All Windows operating systems from Server 2008 through Windows 11 § No description is provided for this CVE. § NOTE: This CVE was updated to show its exploited and disclosed status mid-day yesterday after the initial set of Patch Tuesday updates had been released. The severity rating did not change from Important due to the low CVSS scores.
  • 11. Copyright © 2024 Ivanti. All rights reserved. 11 Microsoft Patch Tuesday Updates of Interest Advisory 990001 Latest Servicing Stack Updates (SSU) § https://msrc.microsoft.com/update- guide/en-US/vulnerability/ADV990001 § 2012 ESU OS and Windows 10 Azure and Development Tool Updates § .NET 6, 7, & 8 § Azure Arc Cluster (multiple components) § Azure AI Search § Azure Compute Gallery § Azure Kubernetes Service Confidential Containers § Azure Migrate § Other Azure Products § Visual Studio 2019 & 2022 (multiple versions) Source: Microsoft
  • 12. Copyright © 2024 Ivanti. All rights reserved. 12 Windows 10 and 11 Lifecycle Awareness Windows 10 Enterprise and Education Version Release Date End of Support Date 22H2 10/18/2022 10/14/2025 21H2 11/16/2021 6/11/2024 Windows 10 Home and Pro Version Release Date End of Support Date 22H2 10/18/2022 10/14/2025 Windows 11 Home and Pro Version Release Date End of Support Date 23H2 10/31/2023 11/11/2025 22H2 9/20/2022 10/8/2024 Windows 11 Enterprise and Education Version Release Date End of Support Date 23H2 10/31/2023 11/10/2026 22H2 9/20/2022 10/14/2025 21H2 10/4/2021 10/8/2024 Source: Microsoft https://docs.microsoft.com/en-us/lifecycle/faq/windows
  • 13. Copyright © 2024 Ivanti. All rights reserved. 13 Server Long-term Servicing Channel Support Server LTSC Support Version Editions Release Date Mainstream Support Ends Extended Support Ends Windows Server 2022 Datacenter and Standard 08/18/2021 10/13/2026 10/14/2031 Windows Server 2019 (Version 1809) Datacenter, Essentials, and Standard 11/13/2018 01/09/2024 01/09/2029 Windows Server 2016 (Version 1607) Datacenter, Essentials, and Standard 10/15/2016 01/11/2022 01/11/2027 https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info § Focused on server long-term stability § Major version releases every 2-3 years § 5 years mainstream and 5 years extended support § Server core or server with desktop experience available Source: Microsoft
  • 14. Copyright © 2024 Ivanti. All rights reserved. 14 Patch Content Announcements Announcements Posted on Community Forum Pages § https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2 § Subscribe to receive email for the desired product(s) Content Info: Endpoint Security Content Info: Endpoint Manager Content Info: macOS Updates Content Info: Linux Updates Content Info: Patch for Configuration Manager Content Info: ISEC and Neurons Patch Content Info: Neurons Patch for InTune
  • 15. Copyright © 2024 Ivanti. All rights reserved. 15 Bulletins and Releases
  • 16. Copyright © 2024 Ivanti. All rights reserved. 16 MS24-04-W11: Windows 11 Update § Maximum Severity: Important § Affected Products: Microsoft Windows 11 Version 21H2, 22H2, 23H2 and Edge Chromium § Description: This bulletin references KB 5036894 (21H2) and KB 5036893 (22H2/23H2). § Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege, and Information Disclosure § Fixes 69 Vulnerabilities: CVE-2024-26234 is known exploited and publicly disclosed. See the Security Update Guide for the complete list of CVEs. § Restart Required: Requires restart § Known Issues: None reported 1 2
  • 17. Copyright © 2024 Ivanti. All rights reserved. 17 MS24-04-W10: Windows 10 Update § Maximum Severity: Important § Affected Products: Microsoft Windows 10 Versions 1607, 1809, 21H2, 22H2, Server 2016, Server 2019, Server 2022, Server 2022 Datacenter: Azure Edition, Server 2022 23H2 Edition, and Edge Chromium § Description: This bulletin references 6 KB articles. See KBs for the list of changes. § Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege, and Information Disclosure § Fixes 91 Vulnerabilities: CVE-2024-26234 is known exploited and publicly disclosed. See the Security Update Guide for the complete list of CVEs. § Restart Required: Requires restart § Known Issues: See next slide 1 2
  • 18. Copyright © 2024 Ivanti. All rights reserved. 18 April Known Issues for Windows 10 § KB 5036892 – Windows 10 Enterprise and Education, version 21H2 Windows 10 IoT Enterprise, version 21H2 Windows 10 Enterprise Multi-Session, version 21H2 Windows 10, version 22H2, all editions § [Copilot Not Supported] Copilot in Windows (in preview) is not currently supported when your taskbar is located vertically on the right or left of your screen. Workaround: To access Copilot in Windows, make sure your taskbar is positioned horizontally on the top or bottom of your screen. § [Icon Display] Windows devices using more than one (1) monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview). § Microsoft is working on a resolution for both issues.
  • 19. Copyright © 2024 Ivanti. All rights reserved. 19 MS24-04-SQL: Security Updates for SQL Server § Maximum Severity: Important § Affected Products: Microsoft SQL Server 2019 CU25 and 2022 CU12, Server 2019 and 2022 GDR are also available § Description: This security update fixes a series of Microsoft OLE DB Driver vulnerabilities which could allow remote code execution. This bulletin is based on 4 KB articles. § Impact: Remote Code Execution § Fixes 38 Vulnerabilities: No CVEs are known exploited or publicly disclosed. See the Security Update Guide for the complete list of CVEs. § Restart Required: Requires restart § Known Issues: None reported 2
  • 20. Copyright © 2024 Ivanti. All rights reserved. 20 § Maximum Severity: Important § Affected Products: Microsoft 365 Apps and Office LTSC for Mac 2021 § Description: This month’s update resolved various bugs and performance issues in Office applications. Information on the security updates is available at https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates. § Impact: Remote Code Execution § Fixes 1 Vulnerability: CVE-2024-26257 is not known to be exploited or publicly disclosed § Restart Required: Requires application restart § Known Issues: None reported MS24-04-O365: Security Updates Microsoft 365 Apps 1 2
  • 21. Copyright © 2024 Ivanti. All rights reserved. 21 MS24-04-SPT: Security Updates for Sharepoint Server § Maximum Severity: Important § Affected Products: Microsoft SharePoint Server Subscription Edition, SharePoint Enterprise Server 2016, and SharePoint Server 2019 § Description: This month’s update resolves a vulnerability that would allow someone to impersonate another user. This bulletin is based on 3 KB articles. § Impact: Spoofing § Fixes 1 Vulnerability: CVE-2024-26251 is not known to be exploited or publicly disclosed § Restart Required: Requires application restart § Known Issues: None reported 2
  • 22. Copyright © 2024 Ivanti. All rights reserved. 22 MS24-04-MRNET: Monthly Rollup for Microsoft .NET § Maximum Severity: Important § Affected Products: Microsoft Windows .Net Framework 3.5 through 4.8.1 § Description: This update fixes a vulnerability in the .NET framework whereby an attacker or victim needs to execute code from the local machine to exploit the vulnerability. This bulletin references 14 KB articles. § Impact: Remote Code Execution § Fixes 1 Vulnerability: CVE-2024-21409 § Restart Required: Does not require a system restart after you apply it unless files that are being updated are locked or are being used. § Known Issues: None reported 1 2
  • 23. Copyright © 2024 Ivanti. All rights reserved. 23 MS24-04-SONET: Monthly Rollup for Microsoft .NET § Maximum Severity: Important § Affected Products: Microsoft Windows .Net Framework 3.5 through 4.8.1 § Description: This update fixes a vulnerability in the .NET framework whereby an attacker or victim needs to execute code from the local machine to exploit the vulnerability. This bulletin references 14 KB articles. § Impact: Remote Code Execution § Fixes 1 Vulnerability: CVE-2024-21409 § Restart Required: Does not require a system restart after you apply it unless files that are being updated are locked or are being used. § Known Issues: None reported 1 2
  • 24. Copyright © 2024 Ivanti. All rights reserved. 24 Between Patch Tuesdays
  • 25. Copyright © 2024 Ivanti. All rights reserved. 25 Windows Release Summary § Security Updates (with CVEs): AutoCAD 2022 (1), AutoCAD 2023 (1) AutoCAD 2024 (1), Google Chrome (3), Firefox (2), Firefox ESR (2), Snagit (2), Splunk Universal Forwarder (3), Thunderbird (1), Wireshark (2) § Security Updates (w/o CVEs): Adobe Acrobat DC and Acrobat Reader DC (3), Apache Tomcat (3), Cisco Webex Meetings Desktop App (1), ClickShare App Machine-Wide Installer (1), Dropbox (2), Evernote (3), Firefox (1), GoodSync (3), Google Earth Pro (1), Grammarly for Windows (3), IrfanView (1), LogMeIn (1), Malwarebytes (2), Node.JS (Current) (1), Node.JS (LTS Lower) (2), Node.JS (LTS Upper) (2), Notepad++ (1), Opera (4), PDF24 Creator (1), Plex Media Server (1), Python (1), Screenpresso (1), Skype (3), Slack Machine-Wide Installer (2), Tableau Desktop (8), Tableau Prep Builder (1),Tableau Reader (1), TeamViewer (5), VMware Tools (1), Zoom Outlook Plugin (1), Zoom Rooms Client (1), Zoom VDI (1) § Non-Security Updates: 8x8 Work Desktop (1), Camtasia (1), Cisco Webex Teams (1),CutePDF Writer (1), Google Drive File Stream (1), GeoGebra Classic (1), NextCloud Desktop Client (2), RingCentral App (Machine-Wide Installer) (1)
  • 26. Copyright © 2024 Ivanti. All rights reserved. 26 Windows Third Party CVE Information § AutoCAD 2022.1.4 § ADAC22-240328, QACAD202214 § Fixes 44 Vulnerabilities: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE- 2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-37434, CVE-2022- 40674, CVE-2022-42915, CVE-2022-42916, CVE-2022-46908, CVE-2023-29073, CVE-2023-29074, CVE-2023-29075, CVE-2023-29076, CVE-2023-41139, CVE-2023-41140, CVE-2024-0446, CVE-2024- 23120, CVE-2024-23121, CVE-2024-23122, CVE-2024-23123, CVE-2024-23124, CVE-2024-23125, CVE-2024-23126, CVE-2024-23127, CVE-2024-23128, CVE-2024-23129, CVE-2024-23130, CVE- 2024-23131, CVE-2024-23132, CVE-2024-23133, CVE-2024-23134, CVE-2024-23135, CVE-2024- 23136, CVE-2024-23137, CVE-2024-23138 § AutoCAD 2023.1.5 § ADAC23-240328, QACAD202315 § Fixes 19 Vulnerabilities: CVE-2024-0446, CVE-2024-23120, CVE-2024-23121, CVE-2024-23122, CVE-2024-23123, CVE-2024-23124, CVE-2024-23125, CVE-2024-23126, CVE-2024-23127, CVE- 2024-23128, CVE-2024-23129, CVE-2024-23130, CVE-2024-23131, CVE-2024-23132, CVE-2024- 23133, CVE-2024-23134, CVE-2024-23135, CVE-2024-23136, CVE-2024-23137
  • 27. Copyright © 2024 Ivanti. All rights reserved. 27 Windows Third Party CVE Information (cont) § AutoCAD 2024.1.3 § ADAC23-240328, QACAD202413 § Fixes 20 Vulnerabilities: CVE-2024-0446, CVE-2024-23120, CVE-2024-23121, CVE-2024-23122, CVE-2024-23123, CVE-2024-23124, CVE-2024-23125, CVE-2024-23126, CVE-2024-23127, CVE-2024-23128, CVE-2024-23129, CVE-2024-23130, CVE-2024-23131, CVE-2024-23132, CVE-2024-23133, CVE-2024-23134, CVE-2024-23135, CVE-2024-23136, CVE-2024-23137, CVE-2024-23138 § Google Chrome 123.0.6312.59 § CHROME-240319, QGC1230631259 § Fixes 7 Vulnerabilities: CVE-2024-2625, CVE-2024-2626, CVE-2024-2627, CVE-2024-2628, CVE- 2024-2629, CVE-2024-2630, CVE-2024-2631 § Google Chrome 123.0.6312.86 § CHROME-240326, QGC1230631286 § Fixes 4 Vulnerabilities: CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887
  • 28. Copyright © 2024 Ivanti. All rights reserved. 28 Windows Third Party CVE Information (cont) § Google Chrome 123.0.6312.106 § CHROME-240402, QGC12306312106 § Fixes 3 Vulnerabilities: CVE-2024-3156, CVE-2024-3158, CVE-2024-3159 § Firefox 124.0 § FF-240319, QFF1240 § Fixes 12 Vulnerabilities: CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607, CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024- 2613, CVE-2024-2614. CVE-2024-2615 § Firefox 124.0.1 § FF-240322, QFF12401 § Fixes 2 Vulnerabilities: CVE-2024-29943, CVE-2024-29944
  • 29. Copyright © 2024 Ivanti. All rights reserved. 29 Windows Third Party CVE Information (cont) § Firefox ESR 115.9.0 § FFE-240319, QFFE11590 § Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610. CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024- 2616 § Firefox ESR 115.9.1 § FFE-240322, QFFE11591 § Fixes 1 Vulnerability: CVE-2024-29944 § Thunderbird 115.9.0 § TB-240319, QTB11590 § Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024- 2616
  • 30. Copyright © 2024 Ivanti. All rights reserved. 30 Windows Third Party CVE Information (cont) § Splunk Universal Forwarder 9.0.9 § SPLUNKF90-240329, QSPLUNKF909 § Fixes 2 Vulnerabilities: CVE-2024-29945, CVE-2024-29946 § Splunk Universal Forwarder 9.1.4 § SPLUNKF91-240329, QSPLUNKF914 § Fixes 2 Vulnerabilities: CVE-2024-29945, CVE-2024-29946 § Splunk Universal Forwarder 9.2.1 § SPLUNKF92-240329, QSPLUNKF921 § Fixes 2 Vulnerabilities: CVE-2024-29945, CVE-2024-29946
  • 31. Copyright © 2024 Ivanti. All rights reserved. 31 Windows Third Party CVE Information § SnagIt 2022.1.5 § SNAG22-240321, QSNAG202215 § Fixes 1 Vulnerability: CVE-2024-24810 § SnagIt 2023.2.3 § SNAG23-240320, QSNAG202323 § Fixes 1 Vulnerability: CVE-2024-24810 § Wireshark 4.0.14 § WIRES40-240327, QWIRES4014EXE & QWIRES4014MSI § Fixes 1 Vulnerability: CVE-2024-2955 § Wireshark 4.2.4 § WIRES42-240327, QWIRES424EXE & QWIRES424MSI § Fixes 1 Vulnerability: CVE-2024-2955
  • 32. Copyright © 2024 Ivanti. All rights reserved. 32 Apple Release Summary § Security Updates (with CVEs): Apple macOS Sonoma (1), Apple macOS Ventura (1), Apple Safari (2), Google Chrome (3), Firefox (2), Firefox ESR (2), Microsoft Edge (3), Thunderbird (1) § Security Updates (w/o CVEs): Brave (1) § Non-Security Updates: Alfred (1), Adobe Acrobat DC and Acrobat Reader DC (2), Brave (2), draw.io (1), Dropbox (2), Evernote (4), Firefox (1), Figma (2), Google Drive (1), Grammarly (8), Hazel (1), IntelliJ IDEA (2), LibreOffice (1), OneDrive for Mac (1), Microsoft Office 2019 Outlook (3), PyCharm Professional (2), Slack (1), SeaMonkey (1), Snagit (3), Spotify (2), Microsoft Teams (1), Visual Studio Code (1)
  • 33. Copyright © 2024 Ivanti. All rights reserved. 33 Apple Updates with CVE Information § macOS Ventura 13.6.6 § HT214095 § Fixes 1 Vulnerability: CVE-2024-1580 § macOS Sonoma 14.4.1 § HT214096 § Fixes 1 Vulnerability: CVE-2024-1580 § Safari 17.4 for Ventura and Monterey § HT214094 § Fixes 1 Vulnerability: CVE-2024-1580
  • 34. Copyright © 2024 Ivanti. All rights reserved. 34 Apple Third Party CVE Information § Google Chrome 123.0.6312.59 § CHROMEMAC-240320 § Fixes 10 Vulnerabilities: CVE-2024-1086, CVE-2024-1672, CVE-2024-1673, CVE-2024-2625, CVE-2024-2626, CVE-2024-2627, CVE-2024-2628, CVE-2024-2629, CVE-2024-2630, CVE-2024- 2631 § Google Chrome 123.0.6312.87 § CHROMEMAC-240326 § Fixes 4 Vulnerabilities: CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887 § Google Chrome 123.0.6312.107 § CHROMEMAC-240404 § Fixes 3 Vulnerabilities: CVE-2024-3156, CVE-2024-3158, CVE-2024-3159
  • 35. Copyright © 2024 Ivanti. All rights reserved. 35 Apple Third Party CVE Information (cont) § Firefox 124.0 § FF-240319 § Fixes 12 Vulnerabilities: CVE-2023-5388, CVE-2024-2605, CVE-2024-2606, CVE-2024-2607, CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024- 2613, CVE-2024-2614. CVE-2024-2615 § Firefox 124.0.1 § FF-240322 § Fixes 2 Vulnerabilities: CVE-2024-29943, CVE-2024-29944 § Firefox ESR 115.9.0 § FFE-240319 § Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610. CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024- 2616
  • 36. Copyright © 2024 Ivanti. All rights reserved. 36 Apple Third Party CVE Information (cont) § Firefox ESR 115.9.1 § FFE-240322 § Fixes 1 Vulnerability: CVE-2024-29944 § Thunderbird 115.9.0 § TB-240319 § Fixes 10 Vulnerabilities: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024- 2616
  • 37. Copyright © 2024 Ivanti. All rights reserved. 37 Apple Third Party CVE Information (cont) § Microsoft Edge 123.0.2420.53 § MEDGEMAC-240322 § Fixes 10 Vulnerabilities: CVE-2023-29057, CVE-2024-26247, CVE-2024-2625, CVE-2024- 2626, CVE-2024-2627, CVE-2024-2628, CVE-2024-2629, CVE-2024-2630, CVE-2024-2631, CVE-2024-29057 § Microsoft Edge 123.0.2420.65 § MEDGEMAC-240328 § Fixes 4 Vulnerabilities: CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887 § Microsoft Edge 123.0.2420.81 § MEDGEMAC-240404 § Fixes 5 Vulnerabilities: CVE-2024-29049, CVE-2024-29981, CVE-2024-3156, CVE-2024- 3158, CVE-2024-3159
  • 38. Copyright © 2024 Ivanti. All rights reserved. 38 Q & A
  • 39. Copyright © 2024 Ivanti. All rights reserved. Copyright © 2024 Ivanti. All rights reserved. 39 Thank you
  • 40. Copyright © 2024 Ivanti. All rights reserved. By receiving this presentation (whether in tangible or digital form or through visual or auditory means), recipient acknowledges and agrees that: (a) recipient will not copy, reproduce, transmit, divulge, or distribute the presentation or its contents, in whole or in part, to any third party without the express written consent of Ivanti; (b) recipient will treat and protect the presentation and its contents as "Confidential Information" under its Nondisclosure Agreement (NDA) with Ivanti; (c) if recipient has not entered into an NDA with Ivanti, they unconditionally agree that by receiving this presentation they will treat and protect this presentation and its contents in accordance with the foregoing restrictions and in any event with no less care than afforded to its own confidential information; and (d) recipient’s failure to comply with the foregoing obligations of confidentiality could result in substantial harm to Ivanti and may be cause for legal action. If recipient does not agree to the above, they may not participate in receipt of the presentation. Disclaimer The information presented in this presentation is for information purposes only and is not a commitment, promise, or legal obligation to deliver any material, code, or functionality and should not be relied upon in making a purchasing decision. 40 Confidentiality Notice