Alert GCSA-24068 - Microsoft Monthly Security Update - maggio 2024
******************************************************************
Alert ID: GCSA-24068
data: 15 maggio 2024
titolo: Microsoft Monthly Security Update - maggio 2024
******************************************************************
:: Descrizione del problema
Microsoft ha pubblicato il security update per il mese di maggio 2024,
con questa release vengono risolte oltre 60 vulnerabilita',
delle quali una di livello critico:
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-30044
Microsoft comunica inoltre che due vulnerabilita' risultano in corso di sfruttamento
CVE-2024-30040 Windows MSHTML Platform Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-30040
CVE-2024-30051 Windows DWM Core Library Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-30051
Maggiori dettagli sono disponibili alla sezione "Riferimenti".
:: Software / Tecnologie interessate
Windows
Microsoft Edge (Chromium-based)
Microsoft Office
Microsoft Dynamics 365 Customer Insights
Microsoft Bing
Microsoft Intune
Microsoft WDAC OLE DB provider for SQL
Developer Tools (.NET and Visual Studio)
Azure Migrate
Power BI
:: Impatto
Denial of Service (DoS)
Acquisizione di privilegi piu' elevati (EoP)
Esecuzione remota di codice arbitrario (RCE)
Bypass delle funzionalita' di sicurezza (SFB)
Rivelazione di informazioni (ID)
Provide Misleading Information (spoofing)
:: Soluzioni
In Windows per default gli aggiornamenti
avvengono in maniera automatica.
Per verificare manualmente la disponibilita' di aggiornamenti scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update
Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates
MSRC Security Update Guide
https://msrc.microsoft.com/update-guide/deployments
Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Gli aggiornamenti sono disponibili anche tramite WSUS ed il
catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/
:: Riferimenti
Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2024-May
https://msrc.microsoft.com/update-guide
Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
BleepingComputer
https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2024-patch-tuesday-fixes-3-zero-days-61-flaws/
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-zero-day-exploited-in-qakbot-malware-attacks/
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-vpn-failures-caused-by-april-windows-updates/
Krebs on Security
https://krebsonsecurity.com/2024/05/patch-tuesday-may-2024-edition/
SANS Internet Storm Center
https://isc.sans.edu/diary/rss/30920
SecurityWeek
https://www.securityweek.com/microsoft-patches-60-windows-vulns-warns-of-active-zero-day-exploitation/
Kaspersky - QakBot attacks with Windows zero-day (CVE-2024-30051)
https://securelist.com/cve-2024-30051/112618/
The Hacker News
https://thehackernews.com/2024/05/microsoft-patches-61-flaws-including.html
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZkR/jg0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBC/DsAoIoWs26w+BToHCck35ksv9hs/8WiAJ0XbJ3WVtJ+
E43hG14Ftf6ansO/EA==
=ec7s
-----END PGP SIGNATURE-----
Alert ID: GCSA-24068
data: 15 maggio 2024
titolo: Microsoft Monthly Security Update - maggio 2024
******************************************************************
:: Descrizione del problema
Microsoft ha pubblicato il security update per il mese di maggio 2024,
con questa release vengono risolte oltre 60 vulnerabilita',
delle quali una di livello critico:
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-30044
Microsoft comunica inoltre che due vulnerabilita' risultano in corso di sfruttamento
CVE-2024-30040 Windows MSHTML Platform Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-30040
CVE-2024-30051 Windows DWM Core Library Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-30051
Maggiori dettagli sono disponibili alla sezione "Riferimenti".
:: Software / Tecnologie interessate
Windows
Microsoft Edge (Chromium-based)
Microsoft Office
Microsoft Dynamics 365 Customer Insights
Microsoft Bing
Microsoft Intune
Microsoft WDAC OLE DB provider for SQL
Developer Tools (.NET and Visual Studio)
Azure Migrate
Power BI
:: Impatto
Denial of Service (DoS)
Acquisizione di privilegi piu' elevati (EoP)
Esecuzione remota di codice arbitrario (RCE)
Bypass delle funzionalita' di sicurezza (SFB)
Rivelazione di informazioni (ID)
Provide Misleading Information (spoofing)
:: Soluzioni
In Windows per default gli aggiornamenti
avvengono in maniera automatica.
Per verificare manualmente la disponibilita' di aggiornamenti scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update
Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates
MSRC Security Update Guide
https://msrc.microsoft.com/update-guide/deployments
Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Gli aggiornamenti sono disponibili anche tramite WSUS ed il
catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/
:: Riferimenti
Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2024-May
https://msrc.microsoft.com/update-guide
Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
BleepingComputer
https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2024-patch-tuesday-fixes-3-zero-days-61-flaws/
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-zero-day-exploited-in-qakbot-malware-attacks/
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-vpn-failures-caused-by-april-windows-updates/
Krebs on Security
https://krebsonsecurity.com/2024/05/patch-tuesday-may-2024-edition/
SANS Internet Storm Center
https://isc.sans.edu/diary/rss/30920
SecurityWeek
https://www.securityweek.com/microsoft-patches-60-windows-vulns-warns-of-active-zero-day-exploitation/
Kaspersky - QakBot attacks with Windows zero-day (CVE-2024-30051)
https://securelist.com/cve-2024-30051/112618/
The Hacker News
https://thehackernews.com/2024/05/microsoft-patches-61-flaws-including.html
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZkR/jg0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBC/DsAoIoWs26w+BToHCck35ksv9hs/8WiAJ0XbJ3WVtJ+
E43hG14Ftf6ansO/EA==
=ec7s
-----END PGP SIGNATURE-----