Serial number: AV24-376
Date: July 9, 2024
On July 9, 2024, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Azure Network Watcher VM Extension for Windows
- Azure Kinect SDK
- Azure CycleCloud – multiple versions and platforms
- Azure DevOps Server 2022.1
- Microsoft 365 Apps for Enterprise – multiple platforms
- Microsoft .NET Framework – multiple versions and platforms
- Microsoft Defender for IoT
- Microsoft Dynamics 365 (on-premise) – version 9.1
- Microsoft OLE DB Driver for SQL Server – versions 18 and 19
- Microsoft Office – multiple versions and platforms
- Microsoft Outlook 2016
- Microsoft SQL Server – multiple versions and platforms
- Microsoft SharePoint Server – multiple versions and platforms
- Microsoft Visual Studio – multiple versions and platforms
- .NET – version 8.0
- Windows 10 – multiple versions and platforms
- Windows 11 – multiple versions and platforms
- Windows Server – multiple versions and platforms
Microsoft has indicated that CVE-2024-38112 and CVE-2024-38080 have been exploited.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.