{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-027.pdf"
    },
    "title": "Critical Vulnerabilities in Microsoft Products",
    "serial_number": "2024-027",
    "publish_date": "13-03-2024 15:10:17",
    "description": "On March 12, 2024, Microsoft addressed 60 vulnerabilities in its March 2024 Patch Tuesday update, including 18 remote code execution (RCE) vulnerabilities.<br>\nIt recommended applying updates as soon as possible on affected products.<br>\n",
    "url_title": "2024-027",
    "content_markdown": "---\ntitle: 'Critical Vulnerabilities in\u00a0Microsoft\u00a0Products'\nnumber: '2024-027'\nversion: '1.0'\noriginal_date: 'March 12, 2024'\ndate: 'March 13, 2024'\n---\n\n_History:_\n\n* _13/03/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn March 12, 2024, Microsoft addressed 60 vulnerabilities in its March 2024 Patch Tuesday update [1], including 18 remote code execution (RCE) vulnerabilities.\n\nIt recommended applying updates as soon as possible on affected products.\n\n# Technical Details\n\nAmong the 60 vulnerabilities:\n\n- **CVE-2024-21400**: A notable elevation of privilege flaw in Microsoft Azure Kubernetes Service that could allow credential theft.\n- **CVE-2024-26199**: An elevation of privilege vulnerability in Microsoft Office that permits SYSTEM privileges for authenticated users.\n- **CVE-2024-20671**: A Microsoft Defender security feature bypass vulnerability that prevents Defender from starting, fixed in Antimalware Platform version 4.18.24010.12.\n- **CVE-2024-21411**: A Skype for Consumer RCE vulnerability exploitable via malicious links or images.\n\n# Affected Products\n\nAffected products include, but are not limited to, Microsoft Azure, Office, Defender, Skype for Consumer, and Hyper-V [2].\n\n# Recommendations\n\nIt is recommended applying updates as soon as possible.\n\n# References\n\n[1] <https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2024-patch-tuesday-fixes-60-flaws-18-rce-bugs/>\n\n[2] <https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>13/03/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On March 12, 2024, Microsoft addressed 60 vulnerabilities in its March 2024 Patch Tuesday update [1], including 18 remote code execution (RCE) vulnerabilities.</p><p>It recommended applying updates as soon as possible on affected products.</p><h2 id=\"technical-details\">Technical Details</h2><p>Among the 60 vulnerabilities:</p><ul><li><strong>CVE-2024-21400</strong>: A notable elevation of privilege flaw in Microsoft Azure Kubernetes Service that could allow credential theft.</li><li><strong>CVE-2024-26199</strong>: An elevation of privilege vulnerability in Microsoft Office that permits SYSTEM privileges for authenticated users.</li><li><strong>CVE-2024-20671</strong>: A Microsoft Defender security feature bypass vulnerability that prevents Defender from starting, fixed in Antimalware Platform version 4.18.24010.12.</li><li><strong>CVE-2024-21411</strong>: A Skype for Consumer RCE vulnerability exploitable via malicious links or images.</li></ul><h2 id=\"affected-products\">Affected Products</h2><p>Affected products include, but are not limited to, Microsoft Azure, Office, Defender, Skype for Consumer, and Hyper-V [2].</p><h2 id=\"recommendations\">Recommendations</h2><p>It is recommended applying updates as soon as possible.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2024-patch-tuesday-fixes-60-flaws-18-rce-bugs/\">https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2024-patch-tuesday-fixes-60-flaws-18-rce-bugs/</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar\">https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}