Security Advisory: June 2024 Microsoft Patch Tuesday Updates 

Microsoft has released its June 2024 Patch Tuesday updates, addressing a total of 51 security vulnerabilities. Among these, 18 are remote code execution (RCE) flaws, and one is a publicly disclosed zero-day vulnerability, CVE-2023-50868, in the DNSSEC validation process. This month’s updates include one critical vulnerability and several important fixes across various Microsoft products, including Microsoft Message Queuing (MSMQ), Microsoft Outlook, and Windows Kernel.

June 2024 Microsoft Patch Tuesday Updates Technical Overview

Technical Details:

• Total Vulnerabilities Addressed: 51
  • Elevation of Privilege Vulnerabilities: 25
  • Remote Code Execution Vulnerabilities: 18
  • Information Disclosure Vulnerabilities: 3
  • Denial of Service Vulnerabilities: 5
• Publicly Disclosed Zero-Day: CVE-2023-50868 (DNSSEC validation denial-of-service)

Critical Vulnerabilities:

1. CVE-2024-30080 – MSMQ Remote Code Execution (CVSS score: 9.8):
   • An attacker can exploit this flaw by sending a specially crafted MSMQ packet to a vulnerable MSMQ server, potentially resulting in remote code execution on the server side.

Important Vulnerabilities:

1. CVE-2023-50868 – DNSSEC Validation Denial-of-Service (CVSS score: 7.5):
   • This flaw can be exploited by causing excessive resource consumption on a DNSSEC-validating resolver, leading to a denial of service for legitimate users.
2. Microsoft Outlook Remote Code Execution (CVE-2024-30103):
   • Discovered by Morphisec, this vulnerability can be exploited without user interaction, allowing an attacker to execute arbitrary code with the same privileges as the user.
3. Windows Kernel Privilege Elevation Flaws:
   • Multiple vulnerabilities in the Windows Kernel could allow a local attacker to gain SYSTEM privileges.

What We Suggest for the June 2024 Microsoft Patch Tuesday Updates

• Immediate Patch Deployment:
  • Apply the June 2024 Patch Tuesday updates to all affected systems to mitigate the addressed vulnerabilities. Prioritize the deployment of updates for MSMQ, Microsoft Outlook, and Windows Kernel.
• Review and Harden DNSSEC Implementations:
  • Ensure DNSSEC configurations are robust and apply any additional patches from DNS software providers like BIND, PowerDNS, and Dnsmasq to protect against CVE-2023-50868.
• Monitor and Mitigate Exploitation Attempts:
  • Enable logging and monitoring for unusual activities, especially related to MSMQ and DNS services, to detect potential exploitation attempts.
• User Awareness and Training:
  • Educate users on the importance of applying updates promptly and being cautious of suspicious emails or links, particularly given the potential for remote code execution exploits in Microsoft Outlook.