Webinar Library
Welcome to my July Patch Tuesday newsletter. This month we have four zero days to talk about.
Besides these four, it's a fairly normal month. If you have SQL Server running in the environment please check the chart below since various flavors of SQL Server received patches this month. Browse the chart below and make sure that any products in your environment don't get missed this month.
Patch data provided by:
Technology
Products Affected
Severity
Reference
Workaround/ Exploited / Publicly Disclosed
Vulnerability Info
Windows
Windows 10, 11
Server 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations
Critical
CVE-2024-21417 CVE-2024-26184 CVE-2024-28899 CVE-2024-30013 CVE-2024-30071 CVE-2024-30079 CVE-2024-30081 CVE-2024-30098 CVE-2024-35270 CVE-2024-3596 CVE-2024-37969 CVE-2024-37970 CVE-2024-37971 CVE-2024-37972 CVE-2024-37973 CVE-2024-37974 CVE-2024-37975 CVE-2024-37977 CVE-2024-37978 CVE-2024-37981 CVE-2024-37984 CVE-2024-37985* CVE-2024-37986 CVE-2024-37987 CVE-2024-37988 CVE-2024-37989 CVE-2024-38010 CVE-2024-38011 CVE-2024-38013 CVE-2024-38015 CVE-2024-38017 CVE-2024-38019 CVE-2024-38022 CVE-2024-38025 CVE-2024-38027 CVE-2024-38028 CVE-2024-38030 CVE-2024-38031 CVE-2024-38032 CVE-2024-38033 CVE-2024-38034 CVE-2024-38041 CVE-2024-38043 CVE-2024-38044 CVE-2024-38047 CVE-2024-38048 CVE-2024-38049 CVE-2024-38050 CVE-2024-38051 CVE-2024-38052 CVE-2024-38053 CVE-2024-38054 CVE-2024-38055 CVE-2024-38056 CVE-2024-38057 CVE-2024-38058 CVE-2024-38059 CVE-2024-38060 CVE-2024-38061 CVE-2024-38062 CVE-2024-38064 CVE-2024-38065 CVE-2024-38066 CVE-2024-38067 CVE-2024-38068 CVE-2024-38069 CVE-2024-38070 CVE-2024-38071 CVE-2024-38072 CVE-2024-38073 CVE-2024-38074 CVE-2024-38076 CVE-2024-38077 CVE-2024-38078 CVE-2024-38079 CVE-2024-38080 CVE-2024-38085 CVE-2024-38091 CVE-2024-38099 CVE-2024-38100 CVE-2024-38101 CVE-2024-38102 CVE-2024-38104 CVE-2024-38105 CVE-2024-38112 CVE-2024-38517 CVE-2024-39684
Denial of Service
Elevation of Privilege
Information Disclosure
Remote Code Execution Security Feature Bypass Spoofing
Edge
Chromium-based For Android & iOS
Moderate
CVE-2024-30057 CVE-2024-30058 CVE-2024-34122 CVE-2024-38082 CVE-2024-38083 CVE-2024-38093 CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845 CVE-2024-5846 CVE-2024-5847 CVE-2024-6100 CVE-2024-6101 CVE-2024-6102 CVE-2024-6103 CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293
Workaround: No Exploited: No Public: No
Remote Code Execution Spoofing
Office and SharePoint
365 Apps for Enterprise Office 2016, 2019, LTSC 2021 Outlook 2016 SharePoint Enterprise Server 2016 SharePoint Server 2019 SharePoint Server Subscription Edition
CVE-2024-32987 CVE-2024-38020 CVE-2024-38021 CVE-2024-38023 CVE-2024-38024 CVE-2024-38094
Information Disclosure Remote Code Execution Spoofing
Dynamics
365 On-Prem version 9.1 Power Platform
CVE-2024-35260 CVE-2024-30061
Information Disclosure Remote Code Execution
Visual Studio
2022 17.4, 17.6, 17.8, 17.10
Important
CVE-2024-30105 CVE-2024-35264* CVE-2024-38081 CVE-2024-38095
Workaround: No Exploited: No Public: Yes*
.NET
Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.6, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1 .NET 8.0
CVE-2024-30105 CVE-2024-35264 CVE-2024-38081 CVE-2024-38095
Azure
CycleCloud 7.9.0 -8.6.0 DevOps Server 2022.1 Kinect SDK Network Watcher VM Extension for Windows
CVE-2024-35261 CVE-2024-35266 CVE-2024-35267 CVE-2024-38086 CVE-2024-38092
Elevation of Privilege Remote Code Execution Spoofing
SQL Server
OLE DB Driver 18/19 2016 SP3 GDR/Azure Connect Feature Pack 2017 CU31/GDR 2019 CU27/GDR 2022 CU13/GDR
CVE-2024-20701 CVE-2024-21303 CVE-2024-21308 CVE-2024-21317 CVE-2024-21331 CVE-2024-21332 CVE-2024-21333 CVE-2024-21335 CVE-2024-21373 CVE-2024-21398 CVE-2024-21414 CVE-2024-21415 CVE-2024-21425 CVE-2024-21428 CVE-2024-21449 CVE-2024-28928 CVE-2024-35256 CVE-2024-35271 CVE-2024-35272 CVE-2024-37318 CVE-2024-37319 CVE-2024-37320 CVE-2024-37321 CVE-2024-37322 CVE-2024-37323 CVE-2024-37324 CVE-2024-37326 CVE-2024-37327 CVE-2024-37328 CVE-2024-37329 CVE-2024-37330 CVE-2024-37331 CVE-2024-37332 CVE-2024-37333 CVE-2024-37334 CVE-2024-37336 CVE-2024-38087 CVE-2024-38088
Remote Code Execution
System Center
Microsoft Defender for IoT
CVE-2024-38089