Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Microsoft fixes 142 vulnerabilities in the July 2024 Patch Tuesday update
Among them were four zero days CVEs.
11 min. read
Published onJuly 10, 2024
published onJuly 10, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Microsoft’s Patch Tuesday in July 2024 dealt with 142 vulnerabilities, many of which revolve around remote code execution vulnerabilities. Among these were four zero-days that made the tech world very anxious: two actively exploited and another pair that had just been made public.
The Windows Hyper-V Elevation of Privilege Vulnerability was highlighted in the zero days. Microsoft fixed this vulnerability, which allowed attackers to reach SYSTEM privileges. Another fix that stands out is the Windows MSHTML spoofing vulnerability, which requires attackers to send a harmful file to their target. This method is frequently used in cyber attacks.
Microsoft also addressed the zero-day vulnerabilities in .NET, Visual Studio, and the FetchBench side channel, which can steal information through remote code execution. These two were not disclosed to the public, and the Redmond-based tech giant preferred to deal with them before making them known to users.
Here’s the breakdown of all the types of fixed vulnerabilities with the July Patch Tuesday updates.
Microsoft did not only patch vulnerabilities but also fixed five critical ones. All of these were flaws in remote code execution. This means that attackers could have taken over a system from a distance, making these fixes very important for the safety of users around the globe. The breakdown of fixed vulnerabilities involved different dangers, ranging from privilege escalation to service refusal.
The Redmond-based tech giant wasn’t alone in this effort. Big tech players such as Adobe, Cisco, and VMware also released updates, indicating a joint action within the tech sector to fight against cybersecurity risks. Adobe fixed vulnerabilities in Premiere Pro, InDesign, and Bridge, while Cisco and VMware dealt with flaws found within their products; this shows that every nook of the technology globe may be exposed to danger.
It is also worth mentioning that SQL Server customers might want to update their Windows servers as soon as possible. The July Patch Tuesday update deals with tens of CVEs that focus on SQL Server vulnerabilities. As you can see in the table below, all of them are deemed important, with some reaching a high score.
For those who worry about cybersecurity, there is another issue they might want to pay attention to: CVEs with theNo Customer Action Is Requiredlabel.Microsoft announced in Junethat it wanted to release CVEs specifically for cloud security issues; many of these will also have the label, so it will be an extra step for those wanting to keep their devices and servers safe. The July Patch Tuesday update doesn’t feature any CVEs with the label, but starting next month, Microsoft might release them with these additional criteria to be considered and consulted.
Below, you can see all the CVEs addressed with the July Patch Tuesday updates. The 142 vulnerabilities are almosttriple the number of CVEs addressed last month.
More about the topics:Cybersecurity,microsoft
Milan Stanojevic
Windows Toubleshooting Expert
Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He’s a PC enthusiast and he spends most of his time learning about computers and technology.
Before joining WindowsReport, he worked as a front-end web developer. Now, he’s one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Milan Stanojevic
Windows Toubleshooting Expert
Before joining WindowsReport, he worked as a front-end web developer. Now, he’s specialized in Windows errors & software issues.
