Serial number: AV24-458
Date: August 13, 2024
On August 13, 2024, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Azure Connected Machine Agent
- Azure Health Bot
- Azure Stack Hub
- Azure CycleCloud – multiple versions and platforms
- Microsoft 365 Apps for Enterprise – multiple platforms
- Microsoft Copilot Studio
- Microsoft Dynamics 365 (on-premises) – version 9.1
- Microsoft Office – multiple versions and platforms
- Microsoft Outlook 2016
- Microsoft Project 2016 – multiple platforms
- Microsoft Teams
- Microsoft Visual Studio – multiple versions and platforms
- .NET – version 8.0
- Remote Desktop client for Windows Desktop
- Windows 10 – multiple versions and platforms
- Windows 11 – multiple versions and platforms
- Windows Server – multiple versions and platforms
Microsoft has indicated that CVE-2024-38189, CVE-2024-38107, CVE-2024-38106, CVE-2024-38213, CVE-2024-38193 and CVE-2024-38178 have been exploited.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
This alert was originated From: Canadian Centre for Cyber Security
https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-august-2024-monthly-rollup-av24-458