Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs

On April 9, Microsoft released its April 2024 Patch Tuesday release which patched 147 CVEs with three rated as critical, 142 rated as important and two rated as moderate.

This month, Microsoft patched CVE-2024-29988, a security feature bypass vulnerability in Microsoft Windows SmartScreen. With a CVSSv3 score of 8.8, this flaw could be leveraged by an attacker by convincing a target to open a specially crafted file using social engineering tactics.

It was reported to Microsoft by some of the same researchers that disclosed CVE-2024-21412, an Internet Shortcut Files security feature bypass that was associated with a DarkGate campaign using fake installer files impersonating Apple iTunes, Notion, NVIDIA and others.

This month’s update includes patches for:

• .NET and Visual Studio
• Azure
• Azure AI Search
• Azure Arc
• Azure Compute Gallery
• Azure Migrate
• Azure Monitor
• Azure Private 5G Core
• Azure SDK
• Intel
• Internet Shortcut Files
• Microsoft Azure Kubernetes Service
• Microsoft Brokering File System
• Microsoft Defender for IoT
• Microsoft Edge (Chromium-based)
• Microsoft Install Service
• Microsoft Office Excel
• Microsoft Office Outlook
• Microsoft Office SharePoint
• Microsoft WDAC ODBC Driver
• Microsoft WDAC OLE DB provider for SQL
• Role: DNS Server
• Role: Windows Hyper-V
• SQL Server
• Windows Authentication Methods
• Windows BitLocker
• Windows Compressed Folder
• Windows Cryptographic Services
• Windows DHCP Server
• Windows DWM Core Library
• Windows Defender Credential Guard
• Windows Distributed File System (DFS)
• Windows File Server Resource Management Service
• Windows HTTP.sys
• Windows Internet Connection Sharing (ICS)
• Windows Kerberos
• Windows Kernel
• Windows Local Security Authority Subsystem Service (LSASS)
• Windows Message Queuing
• Windows Mobile Hotspot
• Windows Proxy Driver
• Windows Remote Access Connection Manager
• Windows Remote Procedure Call
• Windows Routing and Remote Access Service (RRAS)
• Windows Secure Boot
• Windows Storage
• Windows Telephony Server
• Windows USB Print Driver
• Windows Update Stack
• Windows Virtual Machine Bus
• Windows Win32K - ICOMP

For more information, please visit our blog.