Microsoft’s June 2024 Patch Tuesday Addresses 49 CVEs

On June 11, Microsoft released its June 2024 Patch Tuesday release which patched 49 CVEs with one rated as critical and 48 rated as important.

The only critical vulnerability patched this month was CVE-2024-30080, a remote code execution vulnerability in the Microsoft Message Queuing (MSMQ) component of Windows operating systems. It was assigned a CVSSv3 score of 9.8. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted packet to a vulnerable target. Microsoft rates this vulnerability as “Exploitation More Likely” according to the Microsoft Exploitability Index. However, in order for a system to be vulnerable to this vulnerability, the MSMQ service must be added and enabled. According to Microsoft, if the service is enabled on a Windows installation, a service named “Message Queueing” will be running on TCP port 1801. Tenable customers can use Plugin 174933 to identify systems that have this service running. 

This month’s update includes patches for:

• Azure Data Science Virtual Machines
• Azure File Sync
• Azure Monitor
• Azure SDK
• Azure Storage Library
• Dynamics Business Central
• Microsoft Dynamics
• Microsoft Office
• Microsoft Office Outlook
• Microsoft Office SharePoint
• Microsoft Office Word
• Microsoft Streaming Service
• Microsoft WDAC OLE DB provider for SQL
• Microsoft Windows Speech
• Visual Studio
• Windows Cloud Files Mini Filter Driver
• Windows Container Manager Service
• Windows Cryptographic Services
• Windows DHCP Server
• Windows Distributed File System (DFS)
• Windows Event Logging Service
• Windows Kernel
• Windows Kernel-Mode Drivers
• Windows Link Layer Topology Discovery Protocol
• Windows NT OS Kernel
• Windows Perception Service
• Windows Remote Access Connection Manager
• Windows Routing and Remote Access Service (RRAS)
• Windows Server Service
• Windows Standards-Based Storage Management Service
• Windows Storage
• Windows Themes
• Windows Wi-Fi Driver
• Windows Win32 Kernel Subsystem
• Windows Win32K GRFX
• Winlogon

For more information, please visit our blog.