Microsoft's February 2024 Patch Tuesday addresses 73 issues, 2 zero-day flaws
Take action: Big patch release, but the items to focus on are - patch your Windows computers, Microsoft Office as well as Exchange, Dynamics and Hyper-V. The big effort is all the windows and office items, as well as the Exchange which is by nature exposed on the Internet.
Learn More
Microsoft's Patch Tuesday for February 2024 addressed a comprehensive set of vulnerabilities across its product range, fixing a total of 73 security flaws alongside updates for six non-Microsoft vulnerabilities. The release patches five critical issues as well as two vulnerabilities that are being actively exploited:
- 16 elevation of privilege vulnerabilities,
- 3 security feature bypass vulnerabilities,
- 30 remote code execution vulnerabilities,
- 5 information disclosure vulnerabilities,
- 9 denial of service vulnerabilities,
- 10 spoofing vulnerabilities.
Separately, Microsoft has released an Edge patch on February 8th.
The critical and zero day items fixed are within Windows, Exchange, Outlook, Dynamics and Hyper-V:
- CVE-2024-21351, a zero day Windows SmartScreen security feature bypass vulnerability, permitted attackers to circumvent SmartScreen's security checks by tricking a user into opening a malicious file.
- CVE-2024-21412, an Internet Shortcut Files security feature bypass vulnerability, allowed attackers to bypass Mark of the Web (MoTW) warnings, thus potentially facilitating unauthorized actions by convincing users to click on a malicious file link. This vulnerability had been exploited by the APT group DarkCasino in targeted campaigns.
- CVE-2024-21410, Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2024-21413, Microsoft Outlook Remote Code Execution Vulnerability
- CVE-2024-21380, Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
- CVE-2024-20684, Windows Hyper-V Denial of Service Vulnerability
- CVE-2024-21357, Windows Internet Connection Sharing Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
For details on applying updates, Microsoft's official advisory and support pages offers comprehensive resources.
A full list of released patches
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET | CVE-2024-21386 | .NET Denial of Service Vulnerability | Important |
| .NET | CVE-2024-21404 | .NET Denial of Service Vulnerability | Important |
| Azure Active Directory | CVE-2024-21401 | Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | Important |
| Azure Active Directory | CVE-2024-21381 | Microsoft Azure Active Directory B2C Spoofing Vulnerability | Important |
| Azure Connected Machine Agent | CVE-2024-21329 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important |
| Azure DevOps | CVE-2024-20667 | Azure DevOps Server Remote Code Execution Vulnerability | Important |
| Azure File Sync | CVE-2024-21397 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Important |
| Azure Site Recovery | CVE-2024-21364 | Microsoft Azure Site Recovery Elevation of Privilege Vulnerability | Moderate |
| Azure Stack | CVE-2024-20679 | Azure Stack Hub Spoofing Vulnerability | Important |
| Internet Shortcut Files | CVE-2024-21412 | Internet Shortcut Files Security Feature Bypass Vulnerability | Important |
| Mariner | CVE-2024-21626 | Unknown | Unknown |
| Microsoft ActiveX | CVE-2024-21349 | Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | Important |
| Microsoft Azure Kubernetes Service | CVE-2024-21403 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | Important |
| Microsoft Azure Kubernetes Service | CVE-2024-21376 | Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability | Important |
| Microsoft Defender for Endpoint | CVE-2024-21315 | Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-21393 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-21389 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-21395 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-21380 | Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | Critical |
| Microsoft Dynamics | CVE-2024-21328 | Dynamics 365 Sales Spoofing Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-21394 | Dynamics 365 Field Service Spoofing Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-21396 | Dynamics 365 Sales Spoofing Vulnerability | Important |
| Microsoft Dynamics | CVE-2024-21327 | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2024-1284 | Chromium: CVE-2024-1284 Use after free in Mojo | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2024-21399 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Moderate |
| Microsoft Edge (Chromium-based) | CVE-2024-1060 | Chromium: CVE-2024-1060 Use after free in Canvas | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2024-1077 | Chromium: CVE-2024-1077 Use after free in Network | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2024-1283 | Chromium: CVE-2024-1283 Heap buffer overflow in Skia | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2024-1059 | Chromium: CVE-2024-1059 Use after free in WebRTC | Unknown |
| Microsoft Exchange Server | CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical |
| Microsoft Office | CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2024-20673 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office OneNote | CVE-2024-21384 | Microsoft Office OneNote Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook | CVE-2024-21378 | Microsoft Outlook Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook | CVE-2024-21402 | Microsoft Outlook Elevation of Privilege Vulnerability | Important |
| Microsoft Office Word | CVE-2024-21379 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Teams for Android | CVE-2024-21374 | Microsoft Teams for Android Information Disclosure | Important |
| Microsoft WDAC ODBC Driver | CVE-2024-21353 | Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21370 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21350 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21368 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21359 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21365 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21367 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21420 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21366 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21369 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21375 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21361 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21358 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21391 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21360 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2024-21352 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Microsoft Windows | CVE-2024-21406 | Windows Printing Service Spoofing Vulnerability | Important |
| Microsoft Windows DNS | CVE-2024-21377 | Windows DNS Information Disclosure Vulnerability | Important |
| Role: DNS Server | CVE-2023-50387 | MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers | Important |
| Role: DNS Server | CVE-2024-21342 | Windows DNS Client Denial of Service Vulnerability | Important |
| Skype for Business | CVE-2024-20695 | Skype for Business Information Disclosure Vulnerability | Important |
| SQL Server | CVE-2024-21347 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Important |
| Trusted Compute Base | CVE-2024-21304 | Trusted Compute Base Elevation of Privilege Vulnerability | Important |
| Windows Hyper-V | CVE-2024-20684 | Windows Hyper-V Denial of Service Vulnerability | Critical |
| Windows Internet Connection Sharing (ICS) | CVE-2024-21343 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | Important |
| Windows Internet Connection Sharing (ICS) | CVE-2024-21348 | Internet Connection Sharing (ICS) Denial of Service Vulnerability | Important |
| Windows Internet Connection Sharing (ICS) | CVE-2024-21357 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Critical |
| Windows Internet Connection Sharing (ICS) | CVE-2024-21344 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | Important |
| Windows Kernel | CVE-2024-21371 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2024-21338 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2024-21341 | Windows Kernel Remote Code Execution Vulnerability | Important |
| Windows Kernel | CVE-2024-21345 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2024-21362 | Windows Kernel Security Feature Bypass Vulnerability | Important |
| Windows Kernel | CVE-2024-21340 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows LDAP - Lightweight Directory Access Protocol | CVE-2024-21356 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows Message Queuing | CVE-2024-21363 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Important |
| Windows Message Queuing | CVE-2024-21355 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Important |
| Windows Message Queuing | CVE-2024-21405 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Important |
| Windows Message Queuing | CVE-2024-21354 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Important |
| Windows OLE | CVE-2024-21372 | Windows OLE Remote Code Execution Vulnerability | Important |
| Windows SmartScreen | CVE-2024-21351 | Windows SmartScreen Security Feature Bypass Vulnerability | Moderate |
| Windows USB Serial Driver | CVE-2024-21339 | Windows USB Generic Parent Driver Remote Code Execution Vulnerability | Important |
| Windows Win32K - ICOMP | CVE-2024-21346 | Win32k Elevation of Privilege Vulnerability | Important |
