Microsoft’s March 2024 Patch Tuesday Addresses 60 Vulnerabilities, Including 18 RCE Bugs

March 12, 2024

Microsoft's March 2024 Patch Tuesday has seen the release of security patches for a total of 60 vulnerabilities, which include eighteen remote code execution bugs. Among these, only two critical vulnerabilities were addressed: one related to Hyper-V that could lead to remote code execution, and another that could cause a denial of service. The total count of 60 flaws does not include an additional four Microsoft Edge flaws that were fixed earlier on March 7th. Notably, Microsoft did not report any zero-day vulnerabilities in this round of Patch Tuesday updates.

Among the vulnerabilities fixed, some are worth highlighting. One such vulnerability is CVE-2024-26199, a Microsoft Office Elevation of Privilege Vulnerability. This flaw could allow any authenticated user to gain SYSTEM privileges. Microsoft's official explanation stated, "Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges." This vulnerability was identified by Iván Almuiña from Hacking Corporation Sàrl.

Another noteworthy vulnerability is CVE-2024-20671, a Microsoft Defender Security Feature Bypass Vulnerability. An attacker who successfully exploited this flaw could prevent Microsoft Defender from starting. Microsoft stated, "An authenticated attacker who successfully exploited this vulnerability could prevent Microsoft Defender from starting." This issue will be addressed by automatic updates to the Windows Defender Antimalware Platform. The flaw was discovered by Manuel Feifel from Infoguard (Vurex).

Lastly, CVE-2024-21411 refers to a Skype for Consumer Remote Code Execution Vulnerability. This vulnerability could be exploited by an attacker sending a malicious link or image via instant message and convincing the user to click on it. Microsoft explained, "An attacker could exploit the vulnerability by sending the user a malicious link or a malicious image via Instant Message and then convincing the user to click the link or image." This flaw was discovered by Hector Peralta and Nicole Armua, who were working with the Trend Micro Zero Day Initiative.

Other vendors also released updates or advisories in March 2024. A comprehensive list of resolved vulnerabilities in the March 2024 Patch Tuesday updates can be found in the full report.

Latest News

• CISA Systems Compromised Through Ivanti Vulnerabilities, Prompting System Shutdown
• Magnet Goblin Exploits 1-Day Vulnerabilities with New Linux Variant of NerbianRAT Malware
• BianLian Threat Actors Utilize JetBrains TeamCity Vulnerabilities in Ransomware Assaults
• US CISA Systems Breached: Cybersecurity Measures Under Review
• Critical Vulnerability in Fortinet Systems Could Affect 150,000 Devices