Microsoft’s February 2024 Patch Tuesday Updates Fix Two Zero-Day Windows Flaws

Published: Feb 14, 2024

Laptop-Windows-10

SHARE ARTICLE

Key Takeaways:

  • Microsoft addressed two zero-day flaws actively exploited by attackers, underlining the importance of prompt patching to mitigate security risks.
  • The February 2024 Patch Tuesday updates fixed 72 vulnerabilities, with five rated critical and 65 labeled as important.
  • Microsoft fixed a critical Windows SmartScreen security feature bypass flaw that could lead to remote code execution.

Microsoft released yesterday the February 2024 Patch Tuesday updates for Windows 11 and Windows 10. As usual, the company addressed several vulnerabilities across a wide range of its products, including two zero-day flaws that are actively being exploited by attackers.

In addition to the zero-day vulnerabilities, Microsoft advises administrators to patch critical flaws in the Exchange Server and Microsoft Outlook. The company has also addressed an older Windows AppX installer spoofing vulnerability.

February 2024 Patch Tuesday updates fix 72 vulnerabilities

Microsoft has released updates to address 72 vulnerabilities in Windows, Microsoft Office, Exchange Server, Azure Active Directory, and other components. The company says that five security flaws are rated “critical,” and 65 are labeled as “important” in severity.

Here’s a list of the most important vulnerabilities you should know about.

  • CVE-2024-21412: The internet shortcut file security feature bypass vulnerability affects Windows desktop and server machines. It enables threat actors to send a maliciously crafted shortcut file to a target user. The user needs to click the file to trigger the next stage of the attack without causing the security checks to appear on the screen.
  • CVE-2024-21351: This is a Windows SmartScreen security feature bypass vulnerability that earned a 7.6 CVSS score. It enables threat actors to bypass SmartScreen protections in Microsoft Defender and gain remote code execution capabilities. The successful exploitation attempt could lead to system availability issues and limited data exposure.
  • CVE-2024-21410: This is a critical elevation of privilege vulnerability that affects Exchange 2016 and Exchange 2019 systems. It could allow a remote unauthenticated hacker to disclose a Net-New Technology LAN Manager (NTLM) version 2 hash to impersonate the targeted user. Microsoft notes that administrators would need to perform some extra steps to patch the security flaw.
  • CVE-2024-21413: This is a critical remote code execution vulnerability in Microsoft Outlook. It lets the attacker exploit the flaw through the Outlook preview pane and access NTLM credential information on the vulnerable system.
  • CVE-2024-20684: The Windows Hyper-V denial-of-service vulnerability affects Windows 11 and Windows Server 2022 machines. An attacker could successfully exploit the flaw to disrupt the capabilities of the Hyper-V host.
  • CVE-2024-21357: This a remote code execution in Windows Pragmatic General Multicast rated critical with a 7.5 CVSS score. The security flaw lets hackers compromise a corporate network and then move laterally across the environment.

You can find the full list of CVEs below:

ProductImpactMax SeverityArticleDownloadDetails
Microsoft Edge (Chromium-based)Release NotesSecurity UpdateCVE-2024-0333
Microsoft Edge (Chromium-based) Extended StableElevation of PrivilegeModerateRelease NotesSecurity UpdateCVE-2024-21337
NuGet 17.8.0Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
Nuget 17.6.0Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
NuGet 17.4.0Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
NuGet 5.11.0Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10)Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
3D ViewerRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-20677
PowerShell 7.4Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
PowerShell 7.3Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
PowerShell 7.2Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0057
Remote Desktop client for Windows DesktopRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-21307
Microsoft .NET Framework 2.0 Service Pack 2Security Feature BypassImportant5034280Monthly RollupCVE-2024-0056
Microsoft .NET Framework 2.0 Service Pack 2Security Feature BypassImportant5034270Security OnlyCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8.1Security Feature BypassImportant5033920Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8.1Security Feature BypassImportant5034272Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8.1Security Feature BypassImportant5034275Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8.1Security Feature BypassImportant5034274Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8.1Security Feature BypassImportant5034276Security UpdateCVE-2024-0056
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Security Feature BypassImportant5034279Monthly RollupCVE-2024-0056
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Security Feature BypassImportant5034278Monthly RollupCVE-2024-0056
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Security Feature BypassImportant5034269Security OnlyCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.7.2Security Feature BypassImportant5034119Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.7.2Security Feature BypassImportant5034273Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8Security Feature BypassImportant5034275Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8Security Feature BypassImportant5034274Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8Security Feature BypassImportant5034276Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8Security Feature BypassImportant5034272Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5 AND 4.8Security Feature BypassImportant5034273Security UpdateCVE-2024-0056
Microsoft .NET Framework 4.8Security Feature BypassImportant5034279Monthly RollupCVE-2024-0056
Microsoft .NET Framework 4.8Security Feature BypassImportant5034278Monthly RollupCVE-2024-0056
Microsoft .NET Framework 4.8Security Feature BypassImportant5034277Monthly RollupCVE-2024-0056
Microsoft .NET Framework 4.8Security Feature BypassImportant5034269Security OnlyCVE-2024-0056
Microsoft .NET Framework 4.8Security Feature BypassImportant5033910Security UpdateCVE-2024-0056
Microsoft .NET Framework 3.5Denial of ServiceImportant5034279Monthly RollupCVE-2024-21312
Microsoft .NET Framework 3.5Denial of ServiceImportant5034278Monthly RollupCVE-2024-21312
Microsoft .NET Framework 3.0 Service Pack 2Security Feature BypassImportant5034280Monthly RollupCVE-2024-0057
Microsoft .NET Framework 3.0 Service Pack 2Security Feature BypassImportant5034270Security OnlyCVE-2024-0057
Microsoft Identity Model v5.0.0 for NugetDenial of ServiceImportantRelease NotesSecurity UpdateCVE-2024-21319
Microsoft Identity Model v7.0.0Denial of ServiceImportantRelease NotesSecurity UpdateCVE-2024-21319
Microsoft Identity Model v5.0.0Denial of ServiceImportantRelease NotesSecurity UpdateCVE-2024-21319
Microsoft Identity Model v6.0.0Denial of ServiceImportantRelease NotesSecurity UpdateCVE-2024-21319
Microsoft Identity Model v7.0.0 for NugetDenial of ServiceImportantRelease NotesSecurity UpdateCVE-2024-21319
Microsoft Identity Model v6.0.0 for NugetDenial of ServiceImportantRelease NotesSecurity UpdateCVE-2024-21319
.NET 8.0Denial of ServiceImportant5033741Security UpdateCVE-2024-21319
.NET 7.0Denial of ServiceImportant5033734Security UpdateCVE-2024-21319
Microsoft Office LTSC 2021 for 32-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-20677
Microsoft Office LTSC 2021 for 64-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-20677
Microsoft Office LTSC for Mac 2021Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-20677
Microsoft 365 Apps for Enterprise for 64-bit SystemsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-20677
Microsoft 365 Apps for Enterprise for 32-bit SystemsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-20677
Microsoft Office 2019 for 64-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-20677
Microsoft Office 2019 for 32-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-20677
Microsoft SQL Server 2022 for x64-based Systems (CU 10)Security Feature BypassImportant5033592Security UpdateCVE-2024-0056
Microsoft Visual Studio 2022 version 17.8Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft Visual Studio 2022 version 17.6Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft Visual Studio 2022 version 17.4Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft Visual Studio 2022 version 17.2Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Windows Server 2012 R2 (Server Core installation)SpoofingImportant5034171Monthly RollupCVE-2024-21320
Windows Server 2012 R2SpoofingImportant5034171Monthly RollupCVE-2024-21320
Windows Server 2012 (Server Core installation)SpoofingImportant5034184Monthly RollupCVE-2024-21320
Windows Server 2012SpoofingImportant5034184Monthly RollupCVE-2024-21320
Windows Server 2016 (Server Core installation)SpoofingImportant5034119Security UpdateCVE-2024-21320
Windows Server 2016SpoofingImportant5034119Security UpdateCVE-2024-21320
Windows 10 Version 1607 for x64-based SystemsSpoofingImportant5034119Security UpdateCVE-2024-21320
Windows 10 Version 1607 for 32-bit SystemsSpoofingImportant5034119Security UpdateCVE-2024-21320
Windows 10 for x64-based SystemsSpoofingImportant5034134Security UpdateCVE-2024-21320
Windows 10 for 32-bit SystemsSpoofingImportant5034134Security UpdateCVE-2024-21320
Windows 11 Version 23H2 for x64-based SystemsSpoofingImportant5034123Security UpdateCVE-2024-21320
Windows 11 Version 23H2 for ARM64-based SystemsSpoofingImportant5034123Security UpdateCVE-2024-21320
Windows 10 Version 22H2 for 32-bit SystemsSpoofingImportant5034122Security UpdateCVE-2024-21320
Windows 10 Version 22H2 for ARM64-based SystemsSpoofingImportant5034122Security UpdateCVE-2024-21320
Windows 10 Version 22H2 for x64-based SystemsSpoofingImportant5034122Security UpdateCVE-2024-21320
Windows 11 Version 22H2 for x64-based SystemsSpoofingImportant5034123Security UpdateCVE-2024-21320
Windows 11 Version 22H2 for ARM64-based SystemsSpoofingImportant5034123Security UpdateCVE-2024-21320
Windows 10 Version 21H2 for x64-based SystemsSpoofingImportant5034122Security UpdateCVE-2024-21320
Windows 10 Version 21H2 for ARM64-based SystemsSpoofingImportant5034122Security UpdateCVE-2024-21320
Windows 10 Version 21H2 for 32-bit SystemsSpoofingImportant5034122Security UpdateCVE-2024-21320
Windows 11 version 21H2 for ARM64-based SystemsSpoofingImportant5034121Security UpdateCVE-2024-21320
Windows 11 version 21H2 for x64-based SystemsSpoofingImportant5034121Security UpdateCVE-2024-21320
Windows Server 2022 (Server Core installation)SpoofingImportant5034129Security UpdateCVE-2024-21320
Windows Server 2022SpoofingImportant5034129Security UpdateCVE-2024-21320
Windows Server 2019 (Server Core installation)SpoofingImportant5034127Security UpdateCVE-2024-21320
Windows Server 2019SpoofingImportant5034127Security UpdateCVE-2024-21320
Windows 10 Version 1809 for ARM64-based SystemsSpoofingImportant5034127Security UpdateCVE-2024-21320
Windows 10 Version 1809 for x64-based SystemsSpoofingImportant5034127Security UpdateCVE-2024-21320
Windows 10 Version 1809 for 32-bit SystemsSpoofingImportant5034127Security UpdateCVE-2024-21320
Microsoft SharePoint Server Subscription EditionRemote Code ExecutionImportant5002540Security UpdateCVE-2024-21318
Microsoft SharePoint Server 2019Remote Code ExecutionImportant5002539Security UpdateCVE-2024-21318
Microsoft SharePoint Enterprise Server 2016Remote Code ExecutionImportant5002541Security UpdateCVE-2024-21318
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Remote Code ExecutionImportant5034169Monthly RollupCVE-2024-21307
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Remote Code ExecutionImportant5034167Security OnlyCVE-2024-21307
Windows Server 2008 R2 for x64-based Systems Service Pack 1Remote Code ExecutionImportant5034169Monthly RollupCVE-2024-21307
Windows Server 2008 R2 for x64-based Systems Service Pack 1Remote Code ExecutionImportant5034167Security OnlyCVE-2024-21307
Windows Server 2022, 23H2 Edition (Server Core installation)SpoofingImportant5034130Security UpdateCVE-2024-21306
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5034173Monthly RollupCVE-2024-20692
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5034176Security OnlyCVE-2024-20692
Windows Server 2008 for x64-based Systems Service Pack 2Information DisclosureImportant5034173Monthly RollupCVE-2024-20692
Windows Server 2008 for x64-based Systems Service Pack 2Information DisclosureImportant5034176Security OnlyCVE-2024-20692
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5034173Monthly RollupCVE-2024-20692
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Information DisclosureImportant5034176Security OnlyCVE-2024-20692
Windows Server 2008 for 32-bit Systems Service Pack 2Information DisclosureImportant5034173Monthly RollupCVE-2024-20692
Windows Server 2008 for 32-bit Systems Service Pack 2Information DisclosureImportant5034176Security OnlyCVE-2024-20692
Microsoft Visual Studio 2015 Update 3Elevation of PrivilegeImportant5030979Security UpdateCVE-2024-20656
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 – 15.8)Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2024-20656
Windows Server 2012 R2 (Server Core installation)Security Feature BypassImportant5034120IE CumulativeCVE-2024-20652
Windows Server 2012 R2Security Feature BypassImportant5034120IE CumulativeCVE-2024-20652
Windows Server 2012 (Server Core installation)Security Feature BypassImportant5034120IE CumulativeCVE-2024-20652
Windows Server 2012Security Feature BypassImportant5034120IE CumulativeCVE-2024-20652
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Security Feature BypassImportant5034120IE CumulativeCVE-2024-20652
Windows Server 2008 R2 for x64-based Systems Service Pack 1Security Feature BypassImportant5034120IE CumulativeCVE-2024-20652
.NET 6.0Denial of ServiceImportant5033733Security UpdateCVE-2024-20672
CBL Mariner 2.0 x64sqliteCBL-MarinerCVE-2022-35737
CBL Mariner 2.0 ARMsqliteCBL-MarinerCVE-2022-35737
CBL Mariner 1.0 x64sqliteCBL-MarinerCVE-2022-35737
CBL Mariner 1.0 ARMsqliteCBL-MarinerCVE-2022-35737
System.Data.SqlClientSecurity Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft.Data.SqlClient 5.1Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft.Data.SqlClient 4.0Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft.Data.SqlClient 3.1Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft.Data.SqlClient 2.1Security Feature BypassImportantRelease NotesSecurity UpdateCVE-2024-0056
Microsoft Printer Metadata Troubleshooter ToolRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-21325
Azure Storage Mover AgentRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-20676
Microsoft SQL Server 2022 for x64-based Systems (GDR)Security Feature BypassImportant5032968Security UpdateCVE-2024-0056

Quality and experience updates

Microsoft released the KB5034765 patch for Windows 11 versions 23H2 and 22H2, which moves the Copilot shortcut in the taskbar to the right side of the system tray. Moreover, the latest update has disabled the ‘Show desktop’ option at the rightmost corner of the taskbar by default. Microsoft has also fixed a bug that was previously causing the announcements to slow down for people who use the new Natural Voices in Narrator.

Microsoft has also started rolling out a richer weather experience for users running Windows 10 version 22H2. This new feature allows users to view interactive weather updates on a bigger card on their lock screens. They can also choose to click or tap the weather card to open the MSN weather forecast in Microsoft Edge.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.

SHARE ARTICLE