On Tuesday, the tech giant Microsoft unveiled a total of 79 security updates across eleven product ranges. Among these, seven critical issues were identified in Azure, SharePoint, and Windows. At the moment, three of the addressed vulnerabilities are being exploited in the wild, while a fourth one is linked to exploitable issues. For more insights into this atypical situation, please refer to the “Noteworthy Updates for September” segment below. Microsoft has identified 11 vulnerabilities, all within the Windows system, as prone to exploitation in the upcoming 30-day period. Sophos security solutions can detect eight of the vulnerabilities highlighted this month, and a detailed breakdown is provided in the subsequent table.
The set of patches also incorporates advisory details for three vulnerabilities (CVEs) resolved by Adobe, affecting Reader and ColdFusion. Notably, one of the Reader vulnerabilities identified as CVE-2024-41869 is a critical use-after-free flaw with a known exploit already circulating. Additional appendices specifying all Microsoft patches, categorized by severity, predicted exploitability, and product line, are also included at the end of this article.
Statistical Overview
- Total CVEs: 79
- Adobe advisories covered in the update: 3
- Public disclosures: 1
- Exploits detected: 4*
- Severity
- Critical: 7
- Important: 71
- Moderate: 1
- Impact
- Elevation of privilege: 30
- Executing remote code: 23
- Data disclosure: 11
- Denial of service: 8
- Bypassing security features: 4
- Spoofing: 3
- CVSS base rating 9.0 or above: 2
- CVSS base rating 8.0 or above: 24
* For insights on why CVE-2024-43491 is counted as the fourth exploited-detected CVE for this month, even though there’s no explicit evidence of exploitation, kindly refer to the “Noteworthy Updates for September” section below.
Representation 1: This month’s critical patches encompass one already exploited, and two others susceptible to exploitation within the next 30 days.
Product Assortment
- Windows: 47
- SQL Server: 13
- Azure: 6
- SharePoint: 5
- Office: 4
- 365: 2
- Dynamics 365: 2
- Microsoft AutoUpdate (MAU) for Mac: 1
- Outlook for iOS: 1
- Power BI: 1
- Visio: 1
As per our convention, CVEs applicable to multiple product families are accounted for in each relevant family.
Representation 2: While Windows remains the primary affected family, a series of Native Scoring issues within SQL Server led to its specific focus with 13 patches.
Key Updates for September
Aside from the discussed concerns, various noteworthy topics deserve special attention.
CVE-2024-38217 — Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-43492 — Windows Mark of the Web Security Feature Bypass Vulnerability
The current month addresses two Mark of the Web vulnerabilities, with one currently being actively exploited (CVE-2024-38217) and the other deemed more likely to be exploited in the next 30 days (CVE-2024-43492). Although the latter issue was found internally at Microsoft and classified as moderate in severity, the former was responsibly disclosed by Elastic Security’s Joe Desimone. Desimone has documented the discovery and reporting process, which might interest individuals monitoring code-signing certificate issues. The bug impacts all Windows versions, including Win 11H24, and is categorized as important in severity.
CVE-2024-38014 — Windows Installer Elevation of Privilege Vulnerability
This exploitable flaw is currently being exploited in the wild and affects all Windows versions, including Win 11H24.
CVE-2024-43491 – Microsoft Windows Update Remote Code Execution Vulnerability
The positive aspect of this flaw is that it only affects certain operational components of Windows 10, version 1507, released in July 2015. The flaw is critical, with a base score of 9.8, and is situated in the Windows Servicing Stack. Rather than a typical coding error, Microsoft clarifies that build version numbers “triggered a code defect in the Windows 10 servicing stack that handles the applicability of Optional Components.” For entities impacted by this flaw, following the precise patching sequence outlined in KB5043083 becomes crucial. The provided information includes a list of the specific optional components affected, aiding in understanding the level of exposure.
[29 CVEs] — Windows 11 24H2 patches
Even though Windows 11 24H2 is not yet widely available, this month’s updates allocate a significant portion to this platform, including two vulnerabilities (CVE-2024-38014, CVE-2024-38217) already under exploitation. Users of the new Copilot+ PCs who do not receive patches automatically are advised to manually update their devices.
[0 CVEs] — .NET, Visual Studio, Edge / Chromium, non-iOS Outlook
A less common occurrence this month with no updates for .NET and Visual Studio families. Similarly, there are no patches issued for Edge / Chromium and non-iOS Outlook.
time concerning Edge or regarding Outlook for platforms other than those from Apple.
Figure 3: Despite the dominance of EoP concerns in recent periods, RCE maintains its lead as we approach the three-quarter milestone for 2024.
Security Measure by Sophos
| CVE | Sophos Intercept X/Endpoint IPS | Sophos XGS Firewall |
| CVE-2024-38237 | Exp/2438237-A | Exp/2438237-A |
| CVE-2024-38238 | Exp/2438238-A | Exp/2438238-A |
| CVE-2024-38241 | Exp/2438241-A | Exp/2438241-A |
| CVE-2024-38242 | Exp/2438242-A | Exp/2438242-A |
| CVE-2024-38243 | Exp/2438243-A | Exp/2438243-A |
| CVE-2024-38244 | Exp/2438244-A | Exp/2438244-A |
| CVE-2024-38245 | Exp/2438245-A | Exp/2438245-A |
| CVE-2024-43461 | SID:2310127 | SID:2310126 |
Should you prefer not to rely on your system automatically fetching Microsoft’s updates each month, you have the option to manually download them from the Windows Update Catalog website. Use the winver.exe utility to identify your Windows 10 or 11 build and then fetch the Cumulative Update package suitable for your system’s architecture and build version.
Appendix A: Impact and Severity of Vulnerabilities
Below is a compilation of September patches organized by impact and further categorized by severity, each group being additionally sorted by CVE.
Elevation of Privilege (30 CVEs)
| Critical severity | |
| CVE-2024-38194 | Azure Web Apps Elevation of Privilege Vulnerability |
| CVE-2024-38216 | Azure Stack Hub Elevation of Privilege Vulnerability |
| CVE-2024-38220 | Azure Stack Hub Elevation of Privilege Vulnerability |
| Important severity | |
| CVE-2024-37341 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2024-37965 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2024-37980 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2024-38014 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2024-38046 | PowerShell Elevation of Privilege Vulnerability |
| CVE-2024-38188 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability |
| CVE-2024-38225 | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability |
| CVE-2024-38237 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38238 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38239 | Windows Kerberos Elevation of Privilege Vulnerability |
| CVE-2024-38240 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| CVE-2024-38241 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38242 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38243 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38244 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38245 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38246 | Win32k Elevation of Privilege Vulnerability |
| CVE-2024-38247 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2024-38248 | Windows Storage Elevation of Privilege Vulnerability |
| CVE-2024-38249 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2024-38250 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2024-38252 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2024-38253 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2024-43457 | Windows Setup and Deployment Elevation of Privilege Vulnerability |
| CVE-2024-43465 | Microsoft Excel Elevation of Privilege Vulnerability |
| CVE-2024-43470 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability |
| CVE-2024-43492 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
Remote Code Execution (23 CVEs)
| Critical severity | |
| CVE-2024-38018 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2024-38119 | Windows Network Address Translation (NAT) Remote Code Execution Vulnerability |
| CVE-2024-43464 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2024-43491 | Microsoft Windows Update Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2024-21416 | Windows TCP/IP Remote Code Execution Vulnerability |
| CVE-2024-26186 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability |
| CVE-2024-26191 | Vulnerability for executing remote code in Microsoft SQL Server Native Scoring |
| CVE-2024-37335 | Vulnerability for executing remote code in Microsoft SQL Server Native Scoring |
| CVE-2024-37338 | Vulnerability for executing remote code in Microsoft SQL Server Native Scoring |
| CVE-2024-37339 | Vulnerability for executing remote code in Microsoft SQL Server Native Scoring |
| CVE-2024-37340 | Vulnerability for executing remote code in Microsoft SQL Server Native Scoring |
| CVE-2024-38045 | Vulnerability for executing remote code in Windows TCP/IP |
| CVE-2024-38227 | Vulnerability for executing remote code in Microsoft SharePoint Server |
| CVE-2024-38228 | Vulnerability for executing remote code in Microsoft SharePoint Server |
| CVE-2024-38259 | Vulnerability for executing remote code in Microsoft Management Console |
| CVE-2024-38260 | Vulnerability for executing remote code in Windows Remote Desktop Licensing Service |
| CVE-2024-38263 | Vulnerability for executing remote code in Windows Remote Desktop Licensing Service |
| CVE-2024-43454 | Vulnerability for executing remote code in Windows Remote Desktop Licensing Service |
| CVE-2024-43463 | Vulnerability for executing remote code in Microsoft Office Visio |
| CVE-2024-43467 | Vulnerability for executing remote code in Windows Remote Desktop Licensing Service |
| CVE-2024-43469 | Vulnerability for executing remote code in Azure CycleCloud |
| CVE-2024-43479 | Vulnerability for executing remote code in Microsoft Power Automate Desktop |
| CVE-2024-43495 | Vulnerability for executing remote code in Windows libarchive |
Information Disclosure (11 CVEs)
| Severity Level: Important | |
| CVE-2024-37337 | Vulnerability in Microsoft SQL Server Native Scoring allowing information disclosure |
| CVE-2024-37342 | Vulnerability in Microsoft SQL Server Native Scoring allowing information disclosure |
| CVE-2024-37966 | Vulnerability in Microsoft SQL Server Native Scoring allowing information disclosure |
| CVE-2024-38254 | Vulnerability in Windows Authentication allowing information disclosure |
| CVE-2024-38256 | Vulnerability in Windows Kernel-Mode Driver allowing information disclosure |
| CVE-2024-38257 | Vulnerability in Microsoft AllJoyn API allowing information disclosure |
| CVE-2024-38258 | Vulnerability in Windows Remote Desktop Licensing Service allowing information disclosure |
| CVE-2024-43458 | Vulnerability in Windows Networking allowing information disclosure |
| CVE-2024-43474 | Vulnerability in Microsoft SQL Server allowing information disclosure |
| CVE-2024-43475 | Vulnerability in Microsoft Windows Admin Center allowing information disclosure |
| CVE-2024-43482 | Vulnerability in Microsoft Outlook for iOS allowing information disclosure |
Denial of Service (8 CVEs)
| Severity Level: Important | |
| CVE-2024-38230 | Vulnerability in Windows Standards-Based Storage Management Service leading to denial of service |
| CVE-2024-38231 | Vulnerability in Windows Remote Desktop Licensing Service leading to denial of service |
| CVE-2024-38232 | Vulnerability in Windows Networking leading to denial of service |
| CVE-2024-38233 | Vulnerability in Windows Networking leading to denial of service |
| CVE-2024-38234 | Vulnerability in Windows Networking leading to denial of service |
| CVE-2024-38235 | Vulnerability in Windows Hyper-V leading to denial of service |
| CVE-2024-38236 | Vulnerability in DHCP Server Service leading to denial of service |
| CVE-2024-43466 | Vulnerability in Microsoft SharePoint Server leading to denial of service |
Security Feature Bypass (4 CVEs)
| Severity Level: Important | |
| CVE-2024-30073 | Vulnerability in Windows Security Zone Mapping leading to security feature bypass |
| CVE-2024-38217 | Vulnerability in Windows Mark of the Web leading to security feature bypass |
| CVE-2024-38226 | Vulnerability in Microsoft Publisher leading to security feature bypass |
| Severity Level: Moderate | |
| CVE-2024-43487 | Vulnerability in Windows Mark of the Web leading to security feature bypass |
Spoofing (3 CVEs)
| Severity Level: Important | |
| CVE-2024-43455 | Vulnerability in Windows Remote Desktop Licensing Service leading to spoofing |
| CVE-2024-43461 | Vulnerability in Windows MSHTML Platform leading to spoofing |
| CVE-2024-43476 | Vulnerability in Microsoft Dynamics 365 (on-premises) leading to cross-site scripting |
Appendix B: Exploitability
This section lists the September CVEs identified by Microsoft to be currently exploited or likely to be exploited within 30 days of release. They are categorized by the CVE. For CVE-2024-43491, although the specific issue is not known to be actively exploited, some of the vulnerabilities addressed by the rejected servicing-stack updates are, so it has been included in this list. (For more context, refer to the “Notable September updates” section above.)
| Exploitation detected | |
| CVE-2024-38014 | Vulnerability in Windows Installer leading to elevation of privilege |
| CVE-2024-38217 | Vulnerability in Windows Mark of the Web leading to security feature bypass |
| CVE-2024-38226 | Vulnerability in Microsoft Publisher leading to security feature bypass |
| CVE-2024-43491 | Vulnerability in Microsoft Windows Update leading to remote code execution |
| Exploitation more likely within the next 30 days | |
| CVE-2024-38018 | Vulnerability in Microsoft SharePoint Server leading to remote code execution |
| CVE-2024-38227 | Vulnerability in Microsoft SharePoint Server leading to remote code execution | VUL-2024-38228 | Microsoft SharePoint Server Exploit Vulnerability |
| VUL-2024-38237 | Kernel Streaming WOW Thunk Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38238 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38241 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38242 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38243 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38244 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38245 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38246 | Win32k Privilege Escalation Vulnerability |
| VUL-2024-38247 | Windows Graphics Component Privilege Escalation Vulnerability |
| VUL-2024-38249 | Windows Graphics Component Privilege Escalation Vulnerability |
| VUL-2024-38252 | Windows Win32 Kernel Subsystem Privilege Escalation Vulnerability |
| VUL-2024-38253 | Windows Win32 Kernel Subsystem Privilege Escalation Vulnerability |
| VUL-2024-43457 | Windows Setup and Deployment Privilege Escalation Vulnerability |
| VUL-2024-43461 | Windows MSHTML Platform Deception Vulnerability |
| VUL-2024-43464 | Microsoft SharePoint Server Exploit Vulnerability |
| VUL-2024-43487 | Windows Mark of the Web Security Feature Circumvention Vulnerability |
Appendix C: Affected Products
Below is a compilation of patches released in September, categorized by product family and then by severity level. Each list is additionally sorted by CVE. Patches applicable to multiple product families are included multiple times, once for each relevant product family.
Windows (47 Vulnerabilities)
| Critical Risk Level | |
| VUL-2024-38119 | Windows Network Address Translation (NAT) Exploit Vulnerability |
| VUL-2024-43491 | Microsoft Windows Update Exploit Vulnerability |
| Significant Risk Level | |
| VUL-2024-21416 | Windows TCP/IP Exploit Vulnerability |
| VUL-2024-30073 | Windows Security Zone Mapping Security Feature Workaround Vulnerability |
| VUL-2024-38014 | Windows Installer Privilege Escalation Vulnerability |
| VUL-2024-38045 | Windows TCP/IP Exploit Vulnerability |
| VUL-2024-38046 | PowerShell Privilege Escalation Vulnerability |
| VUL-2024-38217 | Windows Mark of the Web Security Feature Circumvention Vulnerability |
| VUL-2024-38230 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
| VUL-2024-38231 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability |
| VUL-2024-38232 | Windows Networking Denial of Service Vulnerability |
| VUL-2024-38233 | Windows Networking Denial of Service Vulnerability |
| VUL-2024-38234 | Windows Networking Denial of Service Vulnerability |
| VUL-2024-38235 | Windows Hyper-V Denial of Service Vulnerability |
| VUL-2024-38236 | DHCP Server Service Denial of Service Vulnerability |
| VUL-2024-38237 | Kernel Streaming WOW Thunk Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38238 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38239 | Windows Kerberos Privilege Escalation Vulnerability |
| VUL-2024-38240 | Windows Remote Access Connection Manager Privilege Escalation Vulnerability |
| VUL-2024-38241 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38242 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38243 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38244 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38245 | Kernel Streaming Service Driver Privilege Escalation Vulnerability |
| VUL-2024-38246 | Win32k Privilege Escalation Vulnerability |
| VUL-2024-38247 | Windows Graphics Component Privilege Escalation Vulnerability |
| VUL-2024-38248 | Windows Storage Privilege Escalation Vulnerability |
| VUL-2024-38249 | Windows Graphics Component Privilege Escalation Vulnerability |
| VUL-2024-38252 | Windows Win32 Kernel Subsystem Privilege Escalation Vulnerability |
| VUL-2024-38253 | Windows Win32 Kernel Subsystem Privilege Escalation Vulnerability |
| VUL-2024-38254 | Windows Authentication Information Exposure Vulnerability |
| VUL-2024-38256 | Windows Kernel-Mode Driver Information Exposure Vulnerability |
| VUL-2024-38257 | Microsoft AllJoyn API Information Exposure Vulnerability |
| VUL-2024-38258 | Windows Remote Desktop Licensing Service Information Exposure Vulnerability |
| VUL-2024-38259 | Microsoft Management Console Exploit Vulnerability |
| VUL-2024-38260 | Windows Remote Desktop Licensing Service Exploit Vulnerability |
| VUL-2024-38263 | Windows Remote Desktop Licensing Service Exploit Vulnerability |
| VUL-2024-43454 | Windows Remote Desktop Licensing Service Exploit Vulnerability |
| VUL-2024-43455 | Windows Remote Desktop Licensing Service Deception Vulnerability |
| VUL-2024-43457 | WindowsVulnerability Elevation of Privilege in Setup and Deployment |
| CVE-2024-43458 | Information Disclosure Vulnerability in Windows Networking |
| CVE-2024-43461 | Platform Spoofing Vulnerability in Windows MSHTML |
| CVE-2024-43467 | Remote Code Execution Vulnerability in Windows Remote Desktop Licensing Service |
| CVE-2024-43475 | Information Disclosure Vulnerability in Microsoft Windows Admin Center |
| CVE-2024-43495 | Remote Code Execution Vulnerability in libarchive for Windows |
| Alert level: Moderate | |
| CVE-2024-43487 | Security Feature Bypass Vulnerability in Windows Mark of the Web |
SQL Server (13 vulnerabilities)
| Alert level: Important | |
| CVE-2024-26186 | Remote Code Execution Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-26191 | Remote Code Execution Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37335 | Remote Code Execution Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37337 | Information Disclosure Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37338 | Remote Code Execution Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37339 | Remote Code Execution Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37340 | Remote Code Execution Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37341 | Elevation of Privilege Vulnerability in Microsoft SQL Server |
| CVE-2024-37342 | Information Disclosure Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37965 | Elevation of Privilege Vulnerability in Microsoft SQL Server |
| CVE-2024-37966 | Information Disclosure Vulnerability in Microsoft SQL Server Native Scoring |
| CVE-2024-37980 | Elevation of Privilege Vulnerability in Microsoft SQL Server |
| CVE-2024-43474 | Information Disclosure Vulnerability in Microsoft SQL Server |
Azure (6 vulnerabilities)
| Alert level: Critical | |
| CVE-2024-38194 | Elevation of Privilege Vulnerability in Azure Web Apps |
| CVE-2024-38216 | Elevation of Privilege Vulnerability in Azure Stack Hub |
| CVE-2024-38220 | Elevation of Privilege Vulnerability in Azure Stack Hub |
| Alert level: Important | |
| CVE-2024-38188 | Elevation of Privilege Vulnerability in Azure Network Watcher VM Agent |
| CVE-2024-43469 | Remote Code Execution Vulnerability in Azure CycleCloud |
| CVE-2024-43470 | Elevation of Privilege Vulnerability in Azure Network Watcher VM Agent |
SharePoint (5 vulnerabilities)
| Alert level: Critical | |
| CVE-2024-38018 | Remote Code Execution Vulnerability in Microsoft SharePoint Server |
| CVE-2024-43464 | Remote Code Execution Vulnerability in Microsoft SharePoint Server |
| Alert level: Important | |
| CVE-2024-38227 | Remote Code Execution Vulnerability in Microsoft SharePoint Server |
| CVE-2024-38228 | Remote Code Execution Vulnerability in Microsoft SharePoint Server |
| CVE-2024-43466 | Denial of Service Vulnerability in Microsoft SharePoint Server |
Office (4 vulnerabilities)
| Alert level: Important | |
| CVE-2024-38226 | Security Features Bypass Vulnerability in Microsoft Publisher |
| CVE-2024-38250 | Elevation of Privilege Vulnerability in Windows Graphics Component |
| CVE-2024-43463 | Remote Code Execution Vulnerability in Microsoft Office Visio |
| CVE-2024-43465 | Elevation of Privilege Vulnerability in Microsoft Excel |
365 (2 vulnerabilities)
| Alert level: Important | |
| CVE-2024-43463 | Remote Code Execution Vulnerability in Microsoft Office Visio |
| CVE-2024-43465 | Elevation of Privilege Vulnerability in Microsoft Excel |
Dynamics 365 (2 vulnerabilities)
| Alert level: Important | |
| CVE-2024-38225 | Elevation of Privilege Vulnerability in Microsoft Dynamics 365 Business Central |
| CVE-2024-43476 | Cross-site Scripting Vulnerability in Microsoft Dynamics 365 (on-premises) |
Microsoft AutoUpdate (MAU) for Mac (1 vulnerability)
| Alert level: Important | |
| CVE-2024-43492 | Elevation of Privilege Vulnerability in Microsoft AutoUpdate (MAU) |
Outlook for iOS (1 vulnerability)
| Alert level: Important | |
| CVE-2024-43482 | Information Disclosure Vulnerability in Microsoft Outlook for iOS |
PowerBI (1 vulnerability)
| Alert level: Important | |
| CVE-2024-43479 | Remote Code Execution Vulnerability in Microsoft Power Automate Desktop |
Visio (1 vulnerability)
| Alert level: Important | |
| CVE-2024-43463 | Remote Code Execution Vulnerability in Microsoft Office Visio |
Appendix D: Advisories and Other Products
This is a catalog of alerts and details on other relevant vulnerabilities in the September version, categorized by product.
Relevant to Adobe (non-Microsoft release) (3 vulnerabilities)
| CVE-2024-41869 | APSB24-70 | Use After Free (CWE-416) |
| CVE-2024-41874 | APSB24-71 | Deserialization of Untrusted Data (CWE-502) |
| CVE-2024-39420 | APSB24-70 | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) |
About Author
