Microsoft Releases July 2024 Patch Tuesday Updates

Windows update hero image

Key Takeaways:

  • Microsoft addressed 142 security vulnerabilities in the July 2024 Patch Tuesday updates, including five critical ones.
  • These vulnerabilities impact various components such as Windows Hyper-V, Windows MSHTML platform, .NET version 8.0, Visual Studio 2022, Microsoft SharePoint Server, and Windows Remote Desktop Licensing Service.
  • Windows 11 users received new features and bug fixes, including a Copilot app, support for new file compression formats, a new account manager in the Start menu, enhancements for File Explorer, Windows Share, and the Snipping tool.

Microsoft has released the July 2024 Patch Tuesday updates for all supported versions of Windows 11 and Windows 10. This month, Microsoft fixed 142 security vulnerabilities in Windows, Office, and other components, and users can also expect the usual bug fixes and quality improvements.

Microsoft has rolled out a couple of new features, improvements, and bug fixes for Windows 11 users. The company is also reminding customers that Windows 11 version 22H2 will reach end of support on October 8, 2024. Microsoft advises users to switch to a newer version of Windows to continue receiving updates.

July 2024 Patch Tuesday updates fix over 140 vulnerabilities

As pointed out by the Zero Day Initiative, Microsoft released 142 security patches yesterday, with fixes for five critical vulnerabilities.

  • CVE-2024-38080: This is a privilege escalation flaw in Microsoft’s Windows Hyper-V virtualization technology that affects Windows 11 and Windows Server 2022. It could enable unauthenticated hackers to execute code with system-level privileges on affected systems. This security flaw received a CVSS rating of 7.8 and was rated as “important.”
  • CVE-2024-38112: This is a Windows MSHTML platform spoofing vulnerability that received a 7.5 CVSS severity score. A hacker could exploit this security flaw by tricking the victim to click on a malicious link. Microsoft has confirmed that it affects all versions of Windows, including Windows Server 2008.
  • CVE-2024-35264: This is a remote code execution (RCE) vulnerability that impacts .NET version 8.0 and Visual Studio 2022. Successful exploitation of the flaw requires the attacker to win a race condition in order to gain unauthorized access to sensitive data.
  • CVE-2024-37985: This is an information disclosure vulnerability that affects Arm-based Windows 11 operating systems. It could allow cybercriminals to view heap memory from privileged processes on a targeted server.
  • CVE-2024-38023: This is a remote code execution flaw in Microsoft SharePoint Server with a CVSS rating of 7.2. A hacker with Site Owner permissions could exploit this vulnerability to execute arbitrary code in the context of SharePoint Server.
  • CVE-2024-38074, CVE-2024-38076, and CVE-2024-38077: Microsoft has also patched three critical remote code execution flaws in Windows Remote Desktop Licensing Service with a CVSS score of 9.8. It could let an unauthenticated user execute the code by sending a malicious message to a vulnerable server. Microsoft recommends that organizations that are not using the Remote Desktop Licensing Service should disable it.

Here’s the full list of CVEs Microsoft released this month:

Release dateProductPlatformImpactMax SeverityArticleDownloadBuild NumberDetails
Jul 9, 2024Windows 11 Version 22H2 for x64-based SystemsDenial of ServiceImportant5040442Security Update10.0.22621.3880CVE-2024-38027
Jul 9, 2024Windows 11 Version 22H2 for ARM64-based SystemsDenial of ServiceImportant5040442Security Update10.0.22621.3880CVE-2024-38027
Jul 9, 2024Windows 10 Version 21H2 for x64-based SystemsDenial of ServiceImportant5040427Security Update10.0.19044.4651CVE-2024-38027
Jul 9, 2024Windows 10 Version 21H2 for ARM64-based SystemsDenial of ServiceImportant5040427Security Update10.0.19044.4651CVE-2024-38027
Jul 9, 2024Windows 10 Version 21H2 for 32-bit SystemsDenial of ServiceImportant5040427Security Update10.0.19044.4651CVE-2024-38027
Jul 9, 2024Windows 11 version 21H2 for ARM64-based SystemsDenial of ServiceImportant5040431Security Update10.0.22000.3079CVE-2024-38027
Jul 9, 2024Windows Server 2012 (Server Core installation)Information DisclosureImportant5040485Monthly Rollup6.2.9200.24975CVE-2024-38017
Jul 9, 2024Windows Server 2012Information DisclosureImportant5040485Monthly Rollup6.2.9200.24975CVE-2024-38017
Jul 9, 2024Windows Server 2016Information DisclosureImportant5040434Security Update10.0.14393.7159CVE-2024-38017
Jul 9, 2024Windows 10 Version 1607 for x64-based SystemsInformation DisclosureImportant5040434Security Update10.0.14393.7159CVE-2024-38017
Jul 9, 2024Windows 10 Version 1607 for 32-bit SystemsInformation DisclosureImportant5040434Security Update10.0.14393.7159CVE-2024-38017
Jul 9, 2024Windows 10 for x64-based SystemsInformation DisclosureImportant5040448Security Update10.0.10240.20710CVE-2024-38017
Jul 9, 2024Windows 10 for 32-bit SystemsInformation DisclosureImportant5040448Security Update10.0.10240.20710CVE-2024-38017
Jul 9, 2024Windows Server 2022, 23H2 Edition (Server Core installation)Information DisclosureImportant5040438Security Update10.0.25398.1009CVE-2024-38017
Jul 9, 2024Windows 11 Version 23H2 for x64-based SystemsInformation DisclosureImportant5040442Security Update10.0.22631.3880CVE-2024-38017
Jul 9, 2024Windows 11 Version 23H2 for ARM64-based SystemsInformation DisclosureImportant5040442Security Update10.0.22631.3880CVE-2024-38017
Jul 9, 2024Windows Server 2022Security Feature BypassImportant5040437Security Update10.0.20348.2582CVE-2024-38011
Jul 9, 2024Windows Server 2019 (Server Core installation)Security Feature BypassImportant5040430Security Update10.0.17763.6054CVE-2024-38011
Jul 9, 2024Windows Server 2019Security Feature BypassImportant5040430Security Update10.0.17763.6054CVE-2024-38011
Jul 9, 2024Windows 10 Version 1809 for ARM64-based SystemsSecurity Feature BypassImportant5040430Security Update10.0.17763.6054CVE-2024-38011
Jul 9, 2024Windows 10 Version 1809 for x64-based SystemsSecurity Feature BypassImportant5040430Security Update10.0.17763.6054CVE-2024-38011
Jul 9, 2024Windows 10 Version 22H2 for 32-bit SystemsSecurity Feature BypassImportant5040427Security Update10.0.19045.4651CVE-2024-37989
Jul 9, 2024Windows 11 version 21H2 for x64-based SystemsSecurity Feature BypassImportant5040431Security Update10.0.22000.3079CVE-2024-37989
Jul 9, 2024Windows Server 2022 (Server Core installation)Security Feature BypassImportant5040437Security Update10.0.20348.2582CVE-2024-37989
Jul 9, 2024Windows 10 Version 1809 for 32-bit SystemsSecurity Feature BypassImportant5040430Security Update10.0.17763.6054CVE-2024-37989
Jul 9, 2024Windows Server 2012 R2 (Server Core installation)Security Feature BypassImportant5040456Monthly Rollup6.3.9600.22074CVE-2024-37988
Jul 9, 2024Windows Server 2012 R2Security Feature BypassImportant5040456Monthly Rollup6.3.9600.22074CVE-2024-37988
Jul 9, 2024Windows Server 2016 (Server Core installation)Security Feature BypassImportant5040434Security Update10.0.14393.7159CVE-2024-37988
Jul 9, 2024Windows 10 Version 22H2 for ARM64-based SystemsDenial of ServiceImportant5040427Security Update10.0.19045.4651CVE-2024-38068
Jul 9, 2024Windows 10 Version 22H2 for x64-based SystemsDenial of ServiceImportant5040427Security Update10.0.19045.4651CVE-2024-38068
Jul 9, 2024Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5040497Monthly Rollup6.1.7601.27219CVE-2024-38057
Jul 9, 2024Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5040498Security Only6.1.7601.27219CVE-2024-38057
Jul 9, 2024Windows Server 2008 R2 for x64-based Systems Service Pack 1Elevation of PrivilegeImportant5040497Monthly Rollup6.1.7601.27219CVE-2024-38057
Jul 9, 2024Windows Server 2008 R2 for x64-based Systems Service Pack 1Elevation of PrivilegeImportant5040498Security Only6.1.7601.27219CVE-2024-38057
Jul 9, 2024Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5040499Monthly Rollup6.0.6003.22769CVE-2024-38057
Jul 9, 2024Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5040490Security Only6.0.6003.22769CVE-2024-38057
Jul 9, 2024Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5040499Monthly Rollup6.0.6003.22769CVE-2024-38057
Jul 9, 2024Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5040490Security Only6.0.6003.22769CVE-2024-38057
Jul 9, 2024Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5040499Monthly Rollup6.0.6003.22769CVE-2024-38057
Jul 9, 2024Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5040490Security Only6.0.6003.22769CVE-2024-38057
Jul 9, 2024Windows Server 2008 for 32-bit Systems Service Pack 2Elevation of PrivilegeImportant5040499Monthly Rollup6.0.6003.22769CVE-2024-38057
Jul 9, 2024Windows Server 2008 for 32-bit Systems Service Pack 2Elevation of PrivilegeImportant5040490Security Only6.0.6003.22769CVE-2024-38057
Jul 9, 2024Microsoft Visual Studio 2022 version 17.10Denial of ServiceImportantRelease NotesSecurity Update17.10.4CVE-2024-38095
Jul 9, 2024Microsoft Visual Studio 2022 version 17.8Denial of ServiceImportantRelease NotesSecurity Update17.8.12CVE-2024-38095
Jul 9, 2024Microsoft Visual Studio 2022 version 17.6Denial of ServiceImportantRelease NotesSecurity Update17.6.17CVE-2024-38095
Jul 9, 2024Microsoft Visual Studio 2022 version 17.4Denial of ServiceImportantRelease NotesSecurity Update17.4.21CVE-2024-38095
Jul 9, 2024Azure CycleCloud 7.9.5Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.4Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.6Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.2Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.0.1Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.11Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.8Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.10Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Microsoft Defender for IoTElevation of PrivilegeImportantRelease NotesSecurity Update24.1.4CVE-2024-38089
Jul 9, 2024.NET 8.0Elevation of PrivilegeImportant5041081Security Update8.0.7CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.7.2Windows Server 2016Elevation of PrivilegeImportant5040448Security Update10.0.10240.20710CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.7.2Windows 10 Version 1607 for x64-based SystemsElevation of PrivilegeImportant5040434Security Update10.0.14393.7159CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.7.2Windows Server 2019 (Server Core installation)Elevation of PrivilegeImportant5041017Security Update4.7.2.4101.03CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8Windows 11 version 21H2 for x64-based SystemsElevation of PrivilegeImportant5041020Security Update4.8.4739.04CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8Windows Server 2022Elevation of PrivilegeImportant5041016Security Update4.8.4739.04CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8Windows Server 2019 (Server Core installation)Elevation of PrivilegeImportant5041017Security Update4.8.4739.04CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.8Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5041023Monthly Rollup4.8.4739.02CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.8Windows Server 2012 (Server Core installation)Elevation of PrivilegeImportant5041022Monthly Rollup4.8.4739.02CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.8Windows Server 2008 R2 for x64-based Systems Service Pack 1Elevation of PrivilegeImportant5041021Monthly Rollup4.8.4739.02CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.8Windows Server 2008 R2 for x64-based Systems Service Pack 1Elevation of PrivilegeImportant5041026Security Only4.8.4739.03CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.8Windows Server 2016 (Server Core installation)Elevation of PrivilegeImportant5039885Security Update4.8.04739.02CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5.1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5041021Monthly Rollup3.5.30729.8971CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5.1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5041026Security Only3.5.30729.8971CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5041023Monthly Rollup3.5.4101.04CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5Windows Server 2012 R2Elevation of PrivilegeImportant5041022Monthly Rollup3.5.30729.8971CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5041024Monthly Rollup3.5.30729.8972CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5041027Security Only3.5.30729.8972CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Windows Server 2012 R2Elevation of PrivilegeImportant5041023Monthly Rollup4.7.4101.02CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.0 Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2Elevation of PrivilegeImportant5041024Monthly Rollup2.0.50727.8977CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.0 Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2Elevation of PrivilegeImportant5041027Security Only2.0.50727.8977CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 2.0 Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5041024Monthly Rollup2.0.50727.8977CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 2.0 Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5041027Security Only2.0.50727.8977CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.6/4.6.2Windows 10 for x64-based SystemsElevation of PrivilegeImportant5040448Security Update10.0.10240.20710CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.6.2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5041024Monthly Rollup4.7.4101.01CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.6.2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5041027Security Only4.7.4101.01CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8.1Windows 11 Version 23H2 for x64-based SystemsElevation of PrivilegeImportant5039895Security Update4.8.1.9256.03CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8.1Windows 10 Version 22H2 for 32-bit SystemsElevation of PrivilegeImportant5041019Security Update4.8.1.9256.03CVE-2024-38081
Jul 9, 2024Microsoft 365 Apps for Enterprise for 64-bit SystemsSpoofingModerateClick to RunSecurity Updatehttps://aka.ms/OfficeSecurityReleasesCVE-2024-38020
Jul 9, 2024Microsoft 365 Apps for Enterprise for 32-bit SystemsSpoofingModerateClick to RunSecurity Updatehttps://aka.ms/OfficeSecurityReleasesCVE-2024-38020
Jul 9, 2024Microsoft Office 2019 for 64-bit editionsSpoofingModerateClick to RunSecurity Updatehttps://aka.ms/OfficeSecurityReleasesCVE-2024-38020
Jul 9, 2024Microsoft Office 2019 for 32-bit editionsSpoofingModerateClick to RunSecurity Updatehttps://aka.ms/OfficeSecurityReleasesCVE-2024-38020
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8.1Windows 10 Version 21H2 for x64-based SystemsElevation of PrivilegeImportant5041018Security Update4.8.1.9256.03CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8.1Windows 11 version 21H2 for ARM64-based SystemsElevation of PrivilegeImportant5041020Security Update4.8.9256.03CVE-2024-38081
Jul 9, 2024Microsoft SharePoint Server Subscription EditionRemote Code ExecutionImportant5002606Security Update16.0.17328.20424CVE-2024-38094
Jul 9, 2024Microsoft SharePoint Server 2019Remote Code ExecutionImportant5002615Security Update16.0.10412.20001CVE-2024-38094
Jul 9, 2024Microsoft SharePoint Enterprise Server 2016Remote Code ExecutionImportant5002618Security Update16.0.5456.1000CVE-2024-38094
Jul 9, 2024Azure CycleCloud 8.5.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.4.2Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.4.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.4.1Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.3.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.2.2Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.1.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.2.1Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.1.1Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.0.2Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.7Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5041021Monthly Rollup4.7.4101.02CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5041026Security Only4.7.4101.01CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8.1Windows Server 2022 (Server Core installation)Elevation of PrivilegeImportant5041016Security Update4.8.1.9256.03CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Windows Server 2012Elevation of PrivilegeImportant5041022Monthly Rollup4.7.4101.02CVE-2024-38081
Jul 9, 2024Microsoft Office 2016 (64-bit edition)Remote Code ExecutionImportant5002620Security Update16.0.5456.1000CVE-2024-38021
Jul 9, 2024Microsoft Office 2016 (32-bit edition)Remote Code ExecutionImportant5002620Security Update16.0.5456.1000CVE-2024-38021
Jul 9, 2024Microsoft Office LTSC 2021 for 32-bit editionsRemote Code ExecutionImportantClick to RunSecurity Updatehttps://aka.ms/OfficeSecurityReleasesCVE-2024-38021
Jul 9, 2024Microsoft Office LTSC 2021 for 64-bit editionsRemote Code ExecutionImportantClick to RunSecurity Updatehttps://aka.ms/OfficeSecurityReleasesCVE-2024-38021
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.7.2Windows 10 Version 1809 for 32-bit SystemsElevation of PrivilegeImportant5041023Monthly Rollup4.7.4101.02CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8Windows 10 Version 22H2 for 32-bit SystemsElevation of PrivilegeImportant5041019Security Update4.8.4739.04CVE-2024-38081
Jul 9, 2024Microsoft .NET Framework 3.5 AND 4.8Windows 10 Version 21H2 for x64-based SystemsElevation of PrivilegeImportant5041018Security Update4.8.4739.04CVE-2024-38081
Jul 9, 2024Azure CycleCloud 7.9.9Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.1Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.3Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 7.9.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.6.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.0.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Azure CycleCloud 8.2.0Elevation of PrivilegeImportantRelease NotesSecurity Update8.6.2CVE-2024-38092
Jul 9, 2024Microsoft Outlook 2016 (64-bit edition)SpoofingModerate5002621Security Update16.0.5456.1000CVE-2024-38020
Jul 9, 2024Microsoft Outlook 2016 (32-bit edition)SpoofingModerate5002621Security Update16.0.5456.1000CVE-2024-38020
Jul 9, 2024Microsoft SQL Server 2019 for x64-based Systems (CU 27)Remote Code ExecutionImportant5040948Security Update15.0.4382.1CVE-2024-35256
Jul 9, 2024Microsoft SQL Server 2022 for x64-based Systems (CU 13)Remote Code ExecutionImportant5040939Security Update16.0.4131.2CVE-2024-35256
Jul 9, 2024Microsoft SQL Server 2022 for x64-based Systems (GDR)Remote Code ExecutionImportant5040936Security Update16.0.1121.4CVE-2024-35256
Jul 9, 2024Microsoft SQL Server 2017 for x64-based Systems (CU 31)Remote Code ExecutionImportant5040940Security Update14.0.3471.2CVE-2024-35256
Jul 9, 2024Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature PackRemote Code ExecutionImportant5040944Security Update13.0.7037.1CVE-2024-35256
Jul 9, 2024Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR)Remote Code ExecutionImportant5040946Security Update13.0.6441.1CVE-2024-35256
Jul 9, 2024Microsoft SQL Server 2019 for x64-based Systems (GDR)Remote Code ExecutionImportant5040986Security Update15.0.2116.2CVE-2024-35256
Jul 9, 2024Microsoft SQL Server 2017 for x64-based Systems (GDR)Remote Code ExecutionImportant5040942Security Update14.0.2056.2CVE-2024-35256
Jul 9, 2024Microsoft OLE DB Driver 18 for SQL ServerRemote Code ExecutionImportant5040711Security Update18.7.0004.0CVE-2024-37334
Jul 9, 2024Microsoft OLE DB Driver 19 for SQL ServerRemote Code ExecutionImportant5040712Security Update19.3.0005.0CVE-2024-37334
Jul 9, 2024Azure DevOps Server 2022.1SpoofingImportantRelease NotesSecurity Update20240702.1CVE-2024-35267
Jul 9, 2024Azure Network Watcher VM Extension for WindowsElevation of PrivilegeImportantRelease NotesSecurity Update1.4.3320.1CVE-2024-35261
Jul 9, 2024Windows Server 2012 R2 (Server Core installation)SpoofingImportant5040426IE Cumulative1.001CVE-2024-38112
Jul 9, 2024Windows Server 2012 R2SpoofingImportant5040426IE Cumulative1.001CVE-2024-38112
Jul 9, 2024Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)SpoofingImportant5040426IE Cumulative1.001CVE-2024-38112
Jul 9, 2024Windows Server 2008 for x64-based Systems Service Pack 2SpoofingImportant5040426IE Cumulative1.001CVE-2024-38112
Jul 9, 2024Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)SpoofingImportant5040426IE Cumulative1.001CVE-2024-38112
Jul 9, 2024Windows Server 2008 for 32-bit Systems Service Pack 2SpoofingImportant5040426IE Cumulative1.001CVE-2024-38112
Jul 9, 2024Azure Kinect SDKRemote Code ExecutionImportantRelease NotesSecurity Update1.4.2CVE-2024-38086
Jul 9, 2024Microsoft Dynamics 365 (on-premises) version 9.1Information DisclosureImportant5037940Security Update9.1.28.09CVE-2024-30061

Quality and experience updates

Microsoft has released the KB5040435 patch for users running Windows 11 version 24H2. This update addresses a couple of issues, including a bug that was previously preventing the User Account Control (UAC) from prompting for the user’s credentials.

For Windows 11 versions 23H2 and 22H2, the KB5040442 patch brings several new features that are gradually rolling out to all users. These improvements include a new Copilot app, support for new file compression formats, and a new account manager in the Start menu. There are also enhancements for the File Explorer, Windows Share, as well as the Snipping tool.

Lastly, the KB5040427 update is also available for Windows 10 version 22H2. This release also brings the new Copilot app to Windows 10 PCs. Microsoft has also fixed an issue that was preventing actions from an app’s jump list on the taskbar from completing.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.