April 2024 Patch Tuesday Updates Fix SmartScreen Security Bypass Vulnerability

Published: Apr 10, 2024

Windows 11 approved hero 1

SHARE ARTICLE

Key Takeaways:

  • Microsoft addressed 149 security vulnerabilities in Windows, Microsoft Office, and other components, with seven of them being rated as “Critical” and 90 rated as “Important” in severity.
  • Microsoft fixed a security feature bypass vulnerability in Windows SmartScreen and remote code execution flaws in Microsoft Defender for IoT and Windows DNS Server.
  • The “Moment 5” update is now available for all Windows 11 users with accessibility features, intelligent snap suggestions, and voice access improvements.

Microsoft released yesterday the April Patch Tuesday updates for Windows 11 and Windows 10. This month, the company addressed 149 security vulnerabilities in Windows, Microsoft Office, and other components, with one already being exploited.

On the quality and experience updates front, Microsoft released the KB5036893 update that enables the “Moment 5” features for all Windows 11 users. These include new accessibility features, intelligent snap suggestions, voice access improvements, and more.

149 vulnerabilities fixed in the April Patch Tuesday updates

Microsoft has released new security patches to fix 149 security flaws. Among these, seven have been deemed ‘Critical’ and 90 are rated as ‘Important’ in severity. The Zero Day Initiative also pointed out that none of the bugs disclosed over Teams during Pwn2Own Vancouver are being addressed with the April Patch Tuesday updates.

Here’s a list of the most important patches you should know about this month:

  • CVE-2024-29988: This is a security feature bypass vulnerability in Windows SmartScreen with a CVSS score of 8.8. Microsoft says this security flaw hasn’t been actively exploited or publicly disclosed.
  • CVE-2024-20678: This is a high-severity vulnerability that allows an unauthenticated attacker to send a specially crafted Remote Procedure Call to an RPC host. It received a CVSS score of 8.8.
  • CVE-2024-21323: This is a privilege escalation flaw that could be exploited by sending a .tar file to a Defender for IoT sensor.
  • CVE-2024-29053: This remote code execution vulnerability in Microsoft Defender for IoT could be triggered by an unauthenticated hacker with access to the file upload feature.
  • CVE-2024-20670: This spoofing vulnerability in Outlook for Windows lets attackers steal NTLM hashes and authenticate as the victim.
  • CVE-2024-26221: This max severity flaw could enable cybercriminals to execute code remotely on the target Windows DNS Server.

Here’s the full list of patches Microsoft released this month:

ProductImpactMax SeverityArticleDownloadDetails
Windows Server 2012 R2 (Server Core installation)Information DisclosureImportant5036960Monthly RollupCVE-2022-0001
Windows Server 2012 R2Information DisclosureImportant5036960Monthly RollupCVE-2022-0001
Windows Server 2012 (Server Core installation)Information DisclosureImportant5036969Monthly RollupCVE-2022-0001
Windows Server 2012Information DisclosureImportant5036969Monthly RollupCVE-2022-0001
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Information DisclosureImportant5036967Monthly RollupCVE-2022-0001
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Information DisclosureImportant5036922Security OnlyCVE-2022-0001
Windows Server 2008 R2 for x64-based Systems Service Pack 1Information DisclosureImportant5036967Monthly RollupCVE-2022-0001
Windows Server 2008 R2 for x64-based Systems Service Pack 1Information DisclosureImportant5036922Security OnlyCVE-2022-0001
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5036932Monthly RollupCVE-2022-0001
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5036950Security OnlyCVE-2022-0001
Windows Server 2008 for x64-based Systems Service Pack 2Information DisclosureImportant5036932Monthly RollupCVE-2022-0001
Windows Server 2008 for x64-based Systems Service Pack 2Information DisclosureImportant5036950Security OnlyCVE-2022-0001
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5036932Monthly RollupCVE-2022-0001
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5036950Security OnlyCVE-2022-0001
Windows Server 2008 for 32-bit Systems Service Pack 2Information DisclosureImportant5036932Monthly RollupCVE-2022-0001
Windows Server 2008 for 32-bit Systems Service Pack 2Information DisclosureImportant5036950Security OnlyCVE-2022-0001
Windows Server 2016 (Server Core installation)Information DisclosureImportant5036899Security UpdateCVE-2022-0001
Windows Server 2016Information DisclosureImportant5036899Security UpdateCVE-2022-0001
Windows 10 Version 1607 for x64-based SystemsInformation DisclosureImportant5036899Security UpdateCVE-2022-0001
Windows 10 Version 1607 for 32-bit SystemsInformation DisclosureImportant5036899Security UpdateCVE-2022-0001
Windows 10 for x64-based SystemsInformation DisclosureImportant5036925Security UpdateCVE-2022-0001
Windows 10 for 32-bit SystemsInformation DisclosureImportant5036925Security UpdateCVE-2022-0001
Windows Server 2022, 23H2 Edition (Server Core installation)Information DisclosureImportant5036910Security UpdateCVE-2022-0001
Windows 11 Version 23H2 for x64-based SystemsInformation DisclosureImportant5036893Security UpdateCVE-2022-0001
Windows 11 Version 23H2 for ARM64-based SystemsInformation DisclosureImportant5036893Security UpdateCVE-2022-0001
Windows 10 Version 22H2 for 32-bit SystemsInformation DisclosureImportant5036892Security UpdateCVE-2022-0001
Windows 10 Version 22H2 for ARM64-based SystemsInformation DisclosureImportant5036892Security UpdateCVE-2022-0001
Windows 10 Version 22H2 for x64-based SystemsInformation DisclosureImportant5036892Security UpdateCVE-2022-0001
Windows 11 Version 22H2 for x64-based SystemsInformation DisclosureImportant5036893Security UpdateCVE-2022-0001
Windows 11 Version 22H2 for ARM64-based SystemsInformation DisclosureImportant5036893Security UpdateCVE-2022-0001
Windows 10 Version 21H2 for x64-based SystemsInformation DisclosureImportant5036892Security UpdateCVE-2022-0001
Windows 10 Version 21H2 for ARM64-based SystemsInformation DisclosureImportant5036892Security UpdateCVE-2022-0001
Windows 10 Version 21H2 for 32-bit SystemsInformation DisclosureImportant5036892Security UpdateCVE-2022-0001
Windows 11 version 21H2 for ARM64-based SystemsInformation DisclosureImportant5036894Security UpdateCVE-2022-0001
Windows 11 version 21H2 for x64-based SystemsInformation DisclosureImportant5036894Security UpdateCVE-2022-0001
Windows Server 2022 (Server Core installation)Information DisclosureImportant5036909Security UpdateCVE-2022-0001
Windows Server 2022Information DisclosureImportant5036909Security UpdateCVE-2022-0001
Windows Server 2019 (Server Core installation)Information DisclosureImportant5036896Security UpdateCVE-2022-0001
Windows Server 2019Information DisclosureImportant5036896Security UpdateCVE-2022-0001
Windows 10 Version 1809 for ARM64-based SystemsInformation DisclosureImportant5036896Security UpdateCVE-2022-0001
Windows 10 Version 1809 for x64-based SystemsInformation DisclosureImportant5036896Security UpdateCVE-2022-0001
Windows 10 Version 1809 for 32-bit SystemsInformation DisclosureImportant5036896Security UpdateCVE-2022-0001
Azure MigrateRemote Code ExecutionImportantMore InformationSecurity UpdateCVE-2024-26193
Azure Compute GalleryElevation of PrivilegeImportantMore InformationSecurity UpdateCVE-2024-21424
Microsoft SQL Server 2022 for x64-based Systems (CU 12)Remote Code ExecutionImportant5036343Security UpdateCVE-2024-29044
Azure Arc Cluster microsoft.azure.hybridnetwork ExtensionElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-28917
Azure Arc Cluster microsoft.openservicemesh ExtensionElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-28917
Microsoft Visual Studio 2022 version 17.8Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-21409
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10)Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28933
Microsoft Visual Studio 2022 version 17.9Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28935
Microsoft Visual Studio 2022 version 17.6Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28930
Microsoft Visual Studio 2022 version 17.4Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28930
Microsoft OLE DB Driver 18 for SQL ServerRemote Code ExecutionImportant5037572Security UpdateCVE-2024-28939
Microsoft OLE DB Driver 19 for SQL ServerRemote Code ExecutionImportant5037573Security UpdateCVE-2024-28939
Microsoft SQL Server 2022 for x64-based Systems (GDR)Remote Code ExecutionImportant5035432Security UpdateCVE-2024-28939
Microsoft SQL Server 2019 for x64-based Systems (GDR)Remote Code ExecutionImportant5035434Security UpdateCVE-2024-28939
Microsoft ODBC Driver 18 for SQL Server on MacOSRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28938
Microsoft ODBC Driver 18 for SQL Server on LinuxRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28938
Microsoft ODBC Driver 18 for SQL Server on WindowsRemote Code ExecutionImportant5037571Security UpdateCVE-2024-28938
Microsoft ODBC Driver 17 for SQL Server on MacOSRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28938
Microsoft ODBC Driver 17 for SQL Server on LinuxRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-28938
Microsoft ODBC Driver 17 for SQL Server on WindowsRemote Code ExecutionImportant5037570Security UpdateCVE-2024-28932
Microsoft .NET Framework 3.5 AND 4.7.2Remote Code ExecutionImportant5037034Security UpdateCVE-2024-21409
Microsoft .NET Framework 4.8Remote Code ExecutionImportant5037040Monthly RollupCVE-2024-21409
Microsoft .NET Framework 4.8Remote Code ExecutionImportant5037039Monthly RollupCVE-2024-21409
Azure AI SearchInformation DisclosureImportantRelease NotesSecurity UpdateCVE-2024-29063
Microsoft SQL Server 2019 for x64-based Systems (CU 25)Remote Code ExecutionImportant5036335Security UpdateCVE-2024-29044
Microsoft .NET Framework 4.8Remote Code ExecutionImportant5037127Security OnlyCVE-2024-21409
Azure Kubernetes Service Confidential ContainersElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-29990
Azure Monitor AgentElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-29989
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Remote Code ExecutionImportant5037038Monthly RollupCVE-2024-21409
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Remote Code ExecutionImportant5037127Security OnlyCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.7.2Remote Code ExecutionImportant5036899Security UpdateCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8.1Remote Code ExecutionImportant5037033Security UpdateCVE-2024-21409
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Remote Code ExecutionImportant5037040Monthly RollupCVE-2024-21409
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Remote Code ExecutionImportant5037039Monthly RollupCVE-2024-21409
Microsoft Defender for IoTElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-21324
Microsoft .NET Framework 3.5 AND 4.8Remote Code ExecutionImportant5036609Security UpdateCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8Remote Code ExecutionImportant5037036Security UpdateCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8Remote Code ExecutionImportant5037035Security UpdateCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8Remote Code ExecutionImportant5037037Security UpdateCVE-2024-21409
Microsoft SharePoint Server 2016SpoofingImportant5002583Security UpdateCVE-2024-26251
Microsoft SharePoint Server Subscription EditionSpoofingImportant5002581Security UpdateCVE-2024-26251
Microsoft SharePoint Server 2019SpoofingImportant5002580Security UpdateCVE-2024-26251
Azure Arc Cluster microsoft.azurekeyvaultsecretsprovider ExtensionElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-28917
Azure Arc Cluster microsoft.videoindexer ExtensionElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-28917
Azure Arc Cluster microsoft.azstackhci.operator ExtensionElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-28917
Azure Arc Cluster microsoft.networkfabricserviceextension ExtensionElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-28917
Azure Arc Cluster microsoft.iotoperations.mq ExtensionElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-28917
Microsoft .NET Framework 3.5 AND 4.8.1Remote Code ExecutionImportant5037037Security UpdateCVE-2024-21409
Microsoft .NET Framework 4.6.2Remote Code ExecutionImportant5037041Monthly RollupCVE-2024-21409
Microsoft .NET Framework 4.6.2Remote Code ExecutionImportant5037128Security OnlyCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8.1Remote Code ExecutionImportant5037035Security UpdateCVE-2024-21409
Outlook for WindowsSpoofingImportantRelease NotesSecurity UpdateCVE-2024-20670
Microsoft .NET Framework 3.5 AND 4.8Remote Code ExecutionImportant5037033Security UpdateCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8Remote Code ExecutionImportant5037034Security UpdateCVE-2024-21409
Azure Private 5G CoreDenial of ServiceModerateRelease NotesSecurity UpdateCVE-2024-20685
.NET 8.0Remote Code ExecutionImportant5037338Security UpdateCVE-2024-21409
.NET 7.0Remote Code ExecutionImportant5037337Security UpdateCVE-2024-21409
.NET 6.0Remote Code ExecutionImportant5037336Security UpdateCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8.1Remote Code ExecutionImportant5037036Security UpdateCVE-2024-21409
Microsoft .NET Framework 3.5 AND 4.8.1Remote Code ExecutionImportant5036620Security UpdateCVE-2024-21409
Azure Identity Library for .NETInformation DisclosureModerateRelease NotesSecurity UpdateCVE-2024-29992
Azure CycleCloud 8.6.0Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-29993
Microsoft Office LTSC for Mac 2021Remote Code ExecutionImportantCVE-2024-26257
Microsoft 365 Apps for Enterprise for 64-bit SystemsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-26257
Microsoft 365 Apps for Enterprise for 32-bit SystemsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-26257

Quality and experience updates

Microsoft has announced that the “Moment 5” update is now available for all users running Windows 11 versions 23H2 and 22H2. This release brings several new features and enhancements, including Snap layout suggestions. Windows 11 will now provide intelligent suggestions when users try to snap multiple app windows together. Moreover, the Voice Access feature now works across multiple displays and supports French, German, and Spanish.

Windows 365 Switch lets users disconnect from their Cloud PC directly from a local PC. Users will also see new “Cloud PC” and “Local PC” desktop indicators when switching between them. Additionally, Windows 365 Boot is getting a new dedicated mode that allows users to sign into their Cloud PCs on startup. The dedicated mode also provides a fast account switcher experience that lets users switch profiles and personalize the display picture on the lock screen. You can find the full list of the new “Moment 5” features in our previous article.

Microsoft has also released the KB5036892 update for Windows 10 versions 22H2 and 21H2. The latest update brings a new option to use Windows Spotlight as desktop wallpaper on Windows 10 devices. Microsoft has also added sports, traffic, and finance content on the lock screen.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.

SHARE ARTICLE