Microsoft Update Tuesday 2024 Julio - Vulnerabilidades

En el CSIRT de Gobierno informamos frecuentemente de vulnerabilidades importantes que pueden afectar sus aplicaciones, datos o equipos.

En esta ocasión compartimos la información publicada por Microsoft como parte de su paquete de parches Update Tuesday de junio de 2024. Se trata de parches para 142 vulnerabilidades, incluyendo 4 de día cero.

Vulnerabilidades

ID	CVSS	EPSS
CVE-2024-38072	7.5
CVE-2024-38071	7.5
CVE-2024-38070	7.8
CVE-2024-38069	7.0
CVE-2024-39684	7.8
CVE-2024-38517	7.8
CVE-2024-38112	7.5
CVE-2024-38105	6.5
CVE-2024-38104	8.8
CVE-2024-38102	6.5
CVE-2024-38101	6.5
CVE-2024-38100	7.8
CVE-2024-38099	5.9
CVE-2024-38094	7.2
CVE-2024-30071	4.7
CVE-2024-30061	7.3
CVE-2024-30013	8.8
CVE-2024-28928	8.8
CVE-2024-28899	8.8
CVE-2024-26184	6.8
CVE-2024-21449	8.8
CVE-2024-21428	8.8
CVE-2024-21425	8.8
CVE-2024-21417	8.8
CVE-2024-21415	8.8
CVE-2024-21414	8.8
CVE-2024-21398	8.8
CVE-2024-21373	8.8
CVE-2024-21335	8.8
CVE-2024-21333	8.8
CVE-2024-21332	8.8
CVE-2024-21331	8.8
CVE-2024-21317	8.8
CVE-2024-21308	8.8
CVE-2024-21303	8.8
CVE-2024-20701	8.8
CVE-2024-38092	8.8
CVE-2024-38091	7.5
CVE-2024-38089	9.1
CVE-2024-38088	8.8
CVE-2024-38068	7.5
CVE-2024-38067	7.5
CVE-2024-38066	7.8
CVE-2024-38010	8.0
CVE-2024-37989	8.0
CVE-2024-37988	8.0
CVE-2024-37987	8.0
CVE-2024-37986	8.0
CVE-2024-37985	5.9
CVE-2024-37984	8.4
CVE-2024-38065	6.8
CVE-2024-38062	7.8
CVE-2024-38061	7.5
CVE-2024-38060	8.8
CVE-2024-38059	7.8
CVE-2024-38087	8.8
CVE-2024-38086	6.4
CVE-2024-38085	7.8
CVE-2024-38081	7.3
CVE-2024-38080	7.8
CVE-2024-38079	7.8
CVE-2024-38078	7.5
CVE-2024-38077	9.8
CVE-2024-38076	9.8
CVE-2024-38074	9.8
CVE-2024-38073	7.5
CVE-2024-38058	6.8
CVE-2024-38057	7.8
CVE-2024-38056	5.5
CVE-2024-38054	7.8
CVE-2024-38053	8.8
CVE-2024-38052	7.8
CVE-2024-38051	7.8
CVE-2024-38050	7.8
CVE-2024-38049	6.6
CVE-2024-38048	6.5
CVE-2024-38047	7.8
CVE-2024-38044	7.2
CVE-2024-38043	7.8
CVE-2024-38041	5.5
CVE-2024-38034	7.8
CVE-2024-38033	7.3
CVE-2024-38032	7.1
CVE-2024-38031	7.5
CVE-2024-38030	6.5
CVE-2024-38028	7.2
CVE-2024-38027	6.5
CVE-2024-38024	7.2
CVE-2024-38023	7.2
CVE-2024-38022	7.0
CVE-2024-38021	8.8
CVE-2024-38020	6.5
CVE-2024-38019	7.2
CVE-2024-38017	5.5
CVE-2024-38015	7.5
CVE-2024-38013	6.7
CVE-2024-38011	8.0
CVE-2024-37981	8.0
CVE-2024-37977	8.0
CVE-2024-37975	8.0
CVE-2024-37974	8.0
CVE-2024-37973	8.4
CVE-2024-37972	8.0
CVE-2024-37971	8.0
CVE-2024-37970	8.0
CVE-2024-37969	8.0
CVE-2024-37336	8.8
CVE-2024-37334	8.8
CVE-2024-37333	8.8
CVE-2024-37332	8.8
CVE-2024-37331	8.8
CVE-2024-37330	8.8
CVE-2024-37329	8.8
CVE-2024-37328	8.8
CVE-2024-37327	8.8
CVE-2024-37326	8.8
CVE-2024-37323	8.8
CVE-2024-37322	8.8
CVE-2024-37321	8.8
CVE-2024-37320	8.8
CVE-2024-37319	8.8
CVE-2024-37318	8.8
CVE-2024-3596	7.5
CVE-2024-35272	8.8
CVE-2024-35271	8.8
CVE-2024-35270	5.3
CVE-2024-35267	7.6
CVE-2024-35266	7.6
CVE-2024-35264	8.1
CVE-2024-35261	7.8
CVE-2024-35256	8.8
CVE-2024-32987	7.5
CVE-2024-30105	7.5
CVE-2024-30098	7.5
CVE-2024-30079	7.8
CVE-2022-44684	6.5
CVE-2024-38095	7.5
CVE-2024-38064	7.5
CVE-2024-38055	5.5
CVE-2024-38025	7.2
CVE-2024-37978	8.0
CVE-2024-37324	8.8
CVE-2024-30081	7.1

Versiones Afectadas

Producto	Versiones
Windows Enroll Engine
Windows Distributed Transaction Coordinator
Windows DHCP Server
.NET and Visual Studio
Windows Local Session Manager (LSM)
Microsoft Defender for IoT
Active Directory Rights Management Services
Role: Active Directory Certificate Services; Active Directory Domain Services
Line Printer Daemon Service (LPD)
Windows Fax and Scan Service
Windows Remote Desktop
Windows iSCSI
Windows Image Acquisition
Windows LockDown Policy (WLDP)
Azure DevOps
Servicing Stack Updates
Azure CycleCloud
Microsoft Office
Microsoft Office SharePoint
Windows MSHTML Platform
Windows Workstation Service
Windows Message Queuing
Windows BitLocker
Windows Remote Desktop Licensing Service
Windows Remote Access Connection Manager
Windows Imaging Component
Microsoft Streaming Service
Windows Win32K - GRFX
Windows Win32K - ICOMP
SQL Server
Windows TCP/IP
Windows MultiPoint Services
Windows PowerShell
Azure Kinect SDK
Windows Win32 Kernel Subsystem
Windows Server Backup
NPS RADIUS Server
Intel
Microsoft Graphics Component
Windows COM Session
Windows Performance Monitor
Windows NTLM
Windows Online Certificate Status Protocol (OCSP)
Windows CoreMessaging
Windows Cryptographic Services
Role: Windows Hyper-V
Microsoft Windows Codecs Library
Azure Network Watcher
Windows Kernel
NDIS
Microsoft Office Outlook
Windows Filtering
Microsoft WS-Discovery
Microsoft Dynamics
Windows Secure Boot
Windows Internet Connection Sharing (ICS)
Windows Themes
Windows Kernel-Mode Drivers
XBox Crypto Graphic Services

Mitigación

Parches y más información: https://msrc.microsoft.com/update-guide/releaseNote/2024-Jul

Microsoft Update Tuesday 2024 Julio - Vulnerabilidades

Vulnerabilidades

Versiones Afectadas

Mitigación

Detalles de la alerta