Microsoft’s May 2024 Patch Tuesday Updates Fix Two Zero-Day Vulnerabilities

Windows 11 2022 Update

Key Takeaways:

  • Microsoft’s May 2024 Patch Tuesday updates address 59 vulnerabilities, including two zero-day flaws already being exploited by attackers.
  • Microsoft has fixed a high-severity security feature bypass vulnerability in the Windows MSHTML platform and an elevation of privilege flaw in Windows DWM Core Library.
  • Microsoft has introduced minor changes to Widgets icons on the taskbar and enhancements to lock screen widgets on Windows 11.

Microsoft has released the May 2024 Patch Tuesday updates for Windows 11 and Windows 10. This month, Microsoft fixed a total of 59 security vulnerabilities in Windows and other components, and there are two zero-day flaws that are already being exploited by attackers.

On the quality and experience updates front, Microsoft has released some changes to the Widgets icons on the taskbar and widgets cards on the lock screen on Windows 11. The latest update also fixes a known issue that was causing the Settings app to become unresponsive on Windows 11 PCs.

59 vulnerabilities fixed in the May 2024 Patch Tuesday updates

As highlighted by the Zero Day Initiative, Microsoft’s May 2024 Patch Tuesday Updates include fixes for 59 vulnerabilities. Among these, only one is categorized as “Critical,” 57 are deemed “Important,” and one carries a “Moderate” severity rating.

  • CVE-2024-30040: This is a high-severity security feature bypass vulnerability in the Windows MSHTML platform that received an 8.8 CVSS score. The flaw could allow attackers to deceive users into opening a harmful file and then bypass OLE mitigations in Microsoft 365 and Microsoft Office to execute malicious code.
  • CVE-2024-30051: This elevation of privilege flaw in Windows DWM Core Library received a 7.8 CVSS score. The security vulnerability could let local attackers gain system privileges on the target system and take complete ownership of the device.
  • CVE-2024-30044: This is a remote code execution (RCE) vulnerability in SharePoint Server. It could let an unauthenticated hacker with site owner permissions inject and execute arbitrary code in the context of SharePoint Server.
  • CVE-2024-30033: This is an important rated elevation of privileges vulnerability in the Windows Search Service. An attacker could exploit this bug to system-level privileges and perform unauthorized actions.
  • CVE-2024-30018: This is another important-rated elevation of privileges vulnerability in the Windows Kernel with a 7.8 CVSS score. The security flaw enables hackers to bypass security protections and potentially take full control of the target system.

Here’s the complete list of resolved vulnerabilities in the May 2024 Patch Tuesday updates:

ProductImpactMax SeverityArticleDownloadDetails
Microsoft Edge (Chromium-based)Release NotesSecurity UpdateCVE-2024-4761
Windows 10 Version 1607 for 32-bit SystemsSecurity Feature BypassImportant5037763Security UpdateCVE-2024-30040
Windows 10 for x64-based SystemsSecurity Feature BypassImportant5037788Security UpdateCVE-2024-30040
Windows 10 for 32-bit SystemsSecurity Feature BypassImportant5037788Security UpdateCVE-2024-30040
Windows Server 2022, 23H2 Edition (Server Core installation)Security Feature BypassImportant5037781Security UpdateCVE-2024-30040
Windows 11 Version 23H2 for x64-based SystemsSecurity Feature BypassImportant5037771Security UpdateCVE-2024-30040
Windows 11 Version 23H2 for ARM64-based SystemsSecurity Feature BypassImportant5037771Security UpdateCVE-2024-30040
Windows 10 Version 22H2 for 32-bit SystemsSecurity Feature BypassImportant5037768Security UpdateCVE-2024-30040
Windows 10 Version 22H2 for ARM64-based SystemsSecurity Feature BypassImportant5037768Security UpdateCVE-2024-30040
Windows 10 Version 22H2 for x64-based SystemsSecurity Feature BypassImportant5037768Security UpdateCVE-2024-30040
Windows 11 Version 22H2 for x64-based SystemsSecurity Feature BypassImportant5037771Security UpdateCVE-2024-30040
Windows 11 Version 22H2 for ARM64-based SystemsSecurity Feature BypassImportant5037771Security UpdateCVE-2024-30040
Windows 10 Version 21H2 for x64-based SystemsSecurity Feature BypassImportant5037768Security UpdateCVE-2024-30040
Windows 10 Version 21H2 for ARM64-based SystemsSecurity Feature BypassImportant5037768Security UpdateCVE-2024-30040
Windows 10 Version 21H2 for 32-bit SystemsSecurity Feature BypassImportant5037768Security UpdateCVE-2024-30040
Windows 11 version 21H2 for ARM64-based SystemsSecurity Feature BypassImportant5037770Security UpdateCVE-2024-30040
Windows 11 version 21H2 for x64-based SystemsSecurity Feature BypassImportant5037770Security UpdateCVE-2024-30040
Windows Server 2022 (Server Core installation)Security Feature BypassImportant5037782Security UpdateCVE-2024-30040
Windows Server 2022 (Server Core installation)Security Feature BypassImportant5037848SecurityHotpatchUpdateCVE-2024-30040
Windows Server 2022Security Feature BypassImportant5037782Security UpdateCVE-2024-30040
Windows Server 2022Security Feature BypassImportant5037848SecurityHotpatchUpdateCVE-2024-30040
Windows Server 2019 (Server Core installation)Security Feature BypassImportant5037765Security UpdateCVE-2024-30040
Windows Server 2019Security Feature BypassImportant5037765Security UpdateCVE-2024-30040
Windows 10 Version 1809 for ARM64-based SystemsSecurity Feature BypassImportant5037765Security UpdateCVE-2024-30040
Windows 10 Version 1809 for x64-based SystemsSecurity Feature BypassImportant5037765Security UpdateCVE-2024-30040
Windows 10 Version 1809 for 32-bit SystemsSecurity Feature BypassImportant5037765Security UpdateCVE-2024-30040
Windows Server 2012 R2 (Server Core installation)Information DisclosureImportant5037823Monthly RollupCVE-2024-30039
Windows Server 2012 R2Information DisclosureImportant5037823Monthly RollupCVE-2024-30039
Windows Server 2012 (Server Core installation)Information DisclosureImportant5037778Monthly RollupCVE-2024-30039
Windows Server 2012Information DisclosureImportant5037778Monthly RollupCVE-2024-30039
Windows Server 2016 (Server Core installation)Elevation of PrivilegeImportant5037763Security UpdateCVE-2024-30038
Windows Server 2016Elevation of PrivilegeImportant5037763Security UpdateCVE-2024-30038
Windows 10 Version 1607 for x64-based SystemsElevation of PrivilegeImportant5037763Security UpdateCVE-2024-30038
PowerBI-client JS SDKInformation DisclosureImportantRelease NotesSecurity UpdateCVE-2024-30054
Microsoft Visual Studio 2022 version 17.8Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-32004
Microsoft Visual Studio 2022 version 17.6Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-32004
Microsoft Visual Studio 2022 version 17.4Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-32004
Microsoft Visual Studio 2022 version 17.9Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-32004
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10)Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-32004
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 – 15.8)Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-32004
Dynamics 365 Customer InsightsSpoofingImportantRelease NotesSecurity UpdateCVE-2024-30048
.NET 7.0Remote Code ExecutionImportant5038351Security UpdateCVE-2024-30045
.NET 8.0Remote Code ExecutionImportant5038352Security UpdateCVE-2024-30045
Microsoft SharePoint Server Subscription EditionInformation DisclosureImportant5002599Security UpdateCVE-2024-30043
Microsoft SharePoint Server 2019Information DisclosureImportant5002596Security UpdateCVE-2024-30043
Microsoft Office 2019 for 64-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-30042
Microsoft Office 2019 for 32-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-30042
Office Online ServerRemote Code ExecutionImportant5002503Security UpdateCVE-2024-30042
Microsoft Bing Search for iOSSpoofingImportantRelease NotesSecurity UpdateCVE-2024-30041
Microsoft SharePoint Enterprise Server 2016Information DisclosureImportant5002598Security UpdateCVE-2024-30043
Microsoft Excel 2016 (64-bit edition)Remote Code ExecutionImportant5002587Security UpdateCVE-2024-30042
Microsoft Excel 2016 (32-bit edition)Remote Code ExecutionImportant5002587Security UpdateCVE-2024-30042
Microsoft Office LTSC 2021 for 32-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-30042
Microsoft Office LTSC 2021 for 64-bit editionsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-30042
Microsoft Office LTSC for Mac 2021Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2024-30042
Microsoft 365 Apps for Enterprise for 64-bit SystemsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-30042
Microsoft 365 Apps for Enterprise for 32-bit SystemsRemote Code ExecutionImportantClick to RunSecurity UpdateCVE-2024-30042
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5037780Monthly RollupCVE-2024-30049
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Elevation of PrivilegeImportant5037803Security OnlyCVE-2024-30049
Windows Server 2008 R2 for x64-based Systems Service Pack 1Elevation of PrivilegeImportant5037780Monthly RollupCVE-2024-30049
Windows Server 2008 R2 for x64-based Systems Service Pack 1Elevation of PrivilegeImportant5037803Security OnlyCVE-2024-30049
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5037800Monthly RollupCVE-2024-30049
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5037836Security OnlyCVE-2024-30049
Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5037800Monthly RollupCVE-2024-30049
Windows Server 2008 for x64-based Systems Service Pack 2Elevation of PrivilegeImportant5037836Security OnlyCVE-2024-30049
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5037800Monthly RollupCVE-2024-30049
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Elevation of PrivilegeImportant5037836Security OnlyCVE-2024-30049
Windows Server 2008 for 32-bit Systems Service Pack 2Elevation of PrivilegeImportant5037800Monthly RollupCVE-2024-30049
Windows Server 2008 for 32-bit Systems Service Pack 2Elevation of PrivilegeImportant5037836Security OnlyCVE-2024-30049
Microsoft Intune Mobile Application Management for AndroidTamperingImportantRelease NotesSecurity UpdateCVE-2024-30059
Azure MigrateSpoofingImportantRelease NotesSecurity UpdateCVE-2024-30053

Quality and experience updates

If you’re running Windows 11 versions 23H2 and 22H2, Microsoft has introduced new larger widget icons on the taskbar. The company has also added more customization options and visuals to improve the lock screen widgets for sports, weather, and finance news. Windows 11 users will also start seeing ads for some Microsoft Store apps and frequently used apps in the Recommended section of the Start menu.

For Windows 10, this month’s Patch Tuesday Update brings the same minor changes to widgets cards on the lock screen. The KB5037768 patch brings a new personalized app search experience and reliability improvements for Windows Search. Microsoft has also added support for account-related notifications for Microsoft accounts in Settings.

Microsoft has also addressed an issue that was previously causing VPN connections to fail on Windows 11 and Windows 10 devices. The company has also fixed Bluetooth connection problems with some wireless earbuds.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.