Tech
VERT Threat Alert: April 2024 Patch Tuesday Analysis
Tag
Number of CVEs
CVE
Microsoft Edge (Chromium-based)
Five
CVE-2024-3156, CVE-2024-3158, CVE-2024-3159, CVE-2024-29981, CVE-2024-29049
Windows Secure Boot
26
CVE-2024-20669, CVE-2024-20688, CVE-2024-20689, CVE-2024-26250, CVE-2024-28920, CVE-2024-28922, CVE-2024-28921, CVE-2024-28919, CVE- 2024-28923, CVE-2024-28896, CVE-2024-28898, CVE-2024-28903, CVE-2024-23594, CVE-2024-26168, CVE-2024-26171, CVE-2024-26175, CVE-2024- 26180, CVE-2024-26189, CVE-2024-26194, CVE-2024-26240, CVE-2024-28924, CVE-2024-28925, CVE-2024-28897, CVE-2024-29061, CVE-2024-29062, CVE-2024-23593
.NET and Visual Studio
1
CVE-2024-21409
Azure Compute Gallery
1
CVE-2024-21424
Windows Internet Connection Sharing (ICS)
2
CVE-2024-26252, CVE-2024-26253
Windows virtual machine bus
1
CVE-2024-26254
Windows Remote Access Connection Manager
9
CVE-2024-26255, CVE-2024-28901, CVE-2024-28902, CVE-2024-26207, CVE-2024-26211, CVE-2024-26217, CVE-2024-26230, CVE-2024-26239, CVE- 2024-28900
Windows compressed folder
1
CVE-2024-26256
Windows DWM Core Library
1
CVE-2024-26172
Windows Routing and Remote Access Service (RRAS)
3
CVE-2024-26179, CVE-2024-26200, CVE-2024-26205
Microsoft installation service
1
CVE-2024-26158
Windows message queue
2
CVE-2024-26232, CVE-2024-26208
Microsoft Brokering File System
Four
CVE-2024-28905, CVE-2024-26213, CVE-2024-28904, CVE-2024-28907
SQL server
38
CVE-2024-28906, CVE-2024-28908, CVE-2024-28909, CVE-2024-28910, CVE-2024-28911, CVE-2024-28912, CVE-2024-28913, CVE-2024-28914, CVE- 2024-28915, CVE-2024-28929, CVE-2024-28931, CVE-2024-28932, CVE-2024-28936, CVE-2024-28939, CVE-2024-28942, CVE-2024-28945, CVE-2024- 29043, CVE-2024-29045, CVE-2024-29047, CVE-2024-28926, CVE-2024-28927, CVE-2024-28930, CVE-2024-28933, CVE-2024-28934, CVE-2024-28935, CVE-2024-28937, CVE-2024-28938, CVE-2024-28940, CVE-2024-28941, CVE-2024-28943, CVE-2024-28944, CVE-2024-29044, CVE-2024-29046, CVE- 2024-29048, CVE-2024-29982, CVE-2024-29983, CVE-2024-29984, CVE-2024-29985
Windows Cryptographic Service
2
CVE-2024-29050, CVE-2024-26228
Azure AI search
1
CVE-2024-29063
Role: Windows Hyper-V
1
CVE-2024-29064
Windows Distributed File System (DFS)
2
CVE-2024-29066, CVE-2024-26226
Azure Private 5G Core
1
CVE-2024-20685
internet shortcut file
1
CVE-2024-29988
Microsoft Azure Kubernetes Service
1
CVE-2024-29990
intel
1
CVE-2024-2201
Windows remote procedure call
1
CVE-2024-20678
Windows BitLocker
1
CVE-2024-20665
Windows kernel
Four
CVE-2024-20693, CVE-2024-26218, CVE-2024-26229, CVE-2024-26245
Microsoft Defender for IoT
6
CVE-2024-21322, CVE-2024-21323, CVE-2024-21324, CVE-2024-29053, CVE-2024-29055, CVE-2024-29054
Windows authentication method
2
CVE-2024-21447, CVE-2024-29056
Azure migration
1
CVE-2024-26193
Windows Kerberos
2
CVE-2024-26183, CVE-2024-26248
Windows DHCP server
Four
CVE-2024-26195, CVE-2024-26202, CVE-2024-26212, CVE-2024-26215
Windows Local Security Authority Subsystem Service (LSASS)
1
CVE-2024-26209
WindowsHTTP.sys
1
CVE-2024-26219
Windows Mobile Hotspot
1
CVE-2024-26220
Role: DNS server
7
CVE-2024-26221, CVE-2024-26222, CVE-2024-26223, CVE-2024-26224, CVE-2024-26227, CVE-2024-26231, CVE-2024-26233
Windows Win32K – ICOMP
1
CVE-2024-26241
Windows USB print driver
1
CVE-2024-26243
Microsoft WDAC OLE DB Provider for SQL
2
CVE-2024-26210, CVE-2024-26244
Windows proxy driver
1
CVE-2024-26234
Windows update stack
2
CVE-2024-26235, CVE-2024-26236
Windows Defender Credential Guard
1
CVE-2024-26237
Windows Telephony Server
1
CVE-2024-26242
Microsoft WDAC ODBC driver
1
CVE-2024-26214
Windows File Server Resource Management Service
1
CVE-2024-26216
Microsoft Office SharePoint
1
CVE-2024-26251
microsoft office excel
1
CVE-2024-26257
Azure Arc
1
CVE-2024-28917
Windows storage
1
CVE-2024-29052
Microsoft Office Outlook
1
CVE-2024-20670
Azure monitor
1
CVE-2024-29989
Azure SDK
1
CVE-2024-29992
azur
1
CVE-2024-29993
mariner
2
CVE-2019-3816, CVE-2019-3833
Sources
https://www.tripwire.com/state-of-security/vert-threat-alert-april-2024-patch-tuesday-analysis
