Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs

On March 12, Microsoft released its March 2024 Patch Tuesday release which patched 59 CVEs with 2 rated as critical and 57 rated as important.

While no zero-day vulnerabilities were patched this month, Microsoft did address a critical vulnerability affecting Windows Hyper-V. CVE-2024-21407 is a remote code execution vulnerability in Windows Hyper-V, a native hypervisor used to create virtual machines. It was assigned a CVSSv3 score of 8.1 and exploitation could result in code execution on the host server.

This month’s update includes patches for:

• .NET
• Azure Data Studio
• Azure SDK
• Microsoft Authenticator
• Microsoft Azure Kubernetes Service
• Microsoft Dynamics
• Microsoft Edge for Android
• Microsoft Exchange Server
• Microsoft Graphics Component
• Microsoft Intune
• Microsoft Office
• Microsoft Office SharePoint
• Microsoft QUIC
• Microsoft Teams for Android
• Microsoft WDAC ODBC Driver
• Microsoft WDAC OLE DB provider for SQL
• Microsoft Windows SCSI Class System File
• Open Management Infrastructure
• Outlook for Android
• Role: Windows Hyper-V
• Skype for Consumer
• Software for Open Networking in the Cloud (SONiC)
• SQL Server
• Visual Studio Code
• Windows AllJoyn API
• Windows Cloud Files Mini Filter Driver
• Windows Composite Image File System
• Windows Compressed Folder
• Windows Defender
• Windows Error Reporting
• Windows Hypervisor-Protected Code Integrity
• Windows Installer
• Windows Kerberos
• Windows Kernel
• Windows NTFS
• Windows ODBC Driver
• Windows OLE
• Windows Print Spooler Components
• Windows Standards-Based Storage Management Service
• Windows Telephony Server
• Windows Update Stack
• Windows USB Hub Driver
• Windows USB Print Driver
• Windows USB Serial Driver

For more information, please visit our blog.