MS Family May 2024 Routine Security Update Advisory

Overview

 

Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. users of affected products are advised to update to the latest version.

 

Affected Products

 

Azure Monitor Agent
Windows 11 23H2
Windows 11 v22H2
Windows 11 v21H2
Windows 10 22H2
Windows 10 21H2
Windows Server 2022 23H2 (Server Core installation)
Windows Server 2022, Windows Server 2022 (Server Core installation)
Windows Server 2019
Windows Server 2016
Microsoft Office
Microsoft SharePoint
Microsoft .NET
Microsoft Visual Studio
Microsoft Dynamics 365
Microsoft Azure

 

Resolved Vulnerabilities

 

One vulnerability rated Critical and 11 vulnerabilities rated Important were found.

Critical-rated privilege escalation vulnerability in Azure Monitor (CVE-2024-30060)

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability (CVE-2024-29987)

Free After Use Vulnerability in Picture In Picture in Google Chrome (CVE-2024-4331)

Heap Buffer Overflow Vulnerability in WebAudio in Google Chrome (CVE-2024-4559)

Use After Free Vulnerability in Dawn in Google Chrome (CVE-2024-4948)

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability (CVE-2024-29991)

Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2024-30055)

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability (CVE-2024-30056)

Use After Free Vulnerability in V8 of Google Chrome (CVE-2024-4949)

Use After Free Vulnerability in V8 in Google Chrome (CVE-2024-3914)

Use After Free Vulnerability in ANGLE in Google Chrome (CVE-2024-4558)

Use After Free Vulnerability in Dawn in Google Chrome (CVE-2024-4368)

Azure Monitor Agent Privilege Escalation Vulnerability (CVE-2024-30060)

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability (CVE-2024-29986)

Improper Implementation Vulnerability in Downloads in Google Chrome (CVE-2024-4950)

 

Vulnerability Patches

 

The following product-specific vulnerability patches were made available in the May 16, 2024 Update Please download and install them using the Windows Update feature or by referring to the URLs in the product information below.

https://msrc.microsoft.com/update-guide/

 

Referenced Sites

 

[1] (Korean) https://msrc.microsoft.com/update-guide/ko-kr/
[2] (English) https://msrc.microsoft.com/update-guide/en-us/
[3] https://msrc.microsoft.com/update-guide/ko-kr/releaseNote/2024-May