Serial number: AV24-574
Date: October 8, 2024
On October 8, 2024, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- .NET 6.0
- .NET 8.0
- Azure CLI
- Azure Monitor Agent
- Azure Service Connector
- Azure Service Fabric
- Azure Stack HCI 22H2
- Azure Stack HCI 23H2
- DeepSpeed
- Microsoft .NET Framework – multiple versions
- Microsoft .NET Framework
- Microsoft 365 Apps for Enterprise
- Microsoft Configuration Manager – multiple versions
- Microsoft Defender
- Microsoft Excel 2016
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC
- Microsoft Outlook for Android
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server
- Microsoft Visual Studio 2015
- Microsoft Visual Studio 2017
- Microsoft Visual Studio 2019
- Microsoft Visual Studio 2022 – multiple versions
- Power BI Report Server
- Remote Desktop client for Windows Desktop
- Visual C++ Redistributable Installer
- Visual Studio Code
- Windows 10 – multiple versions
- Windows 11 – multiple versions
- Windows Server 2008 – multiple versions
- Windows Server 2012 – multiple versions
- Windows Server 2016 – multiple versions
- Windows Server 2019 – multiple versions
- Windows Server 2022 – multiple versions
Microsoft has indicated that CVE-2024-43572 and CVE-2024-43573 have been exploited.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
This alert was originated From: Canadian Centre for Cyber Security
https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-october-2024-monthly-rollup-av24-574