July 2024 Patch Tuesday overview
This Patch Tuesday, Microsoft has dramatically ramped up its security efforts, addressing a record 142 vulnerabilities for the year—nearly triple last month’s count. Of these, only five are critical. Additionally, this month is notable for the presence of two zero-day vulnerabilities (CVE-2024-38112 and CVE-2024-38080). Two other vulnerabilities have also been publicly disclosed (CVE-2024-37985 and CVE-2024-35264).
In today’s Vulnerability Digest, we cover both Microsoft and third-party apps, including Google Chrome, Android, OpenSSH, Splunk, CocoaPods for Swift, Cisco, Juniper, GitLab, FileCatalyst, Siemens, MOVEit Transfer, and VMware.
EXPLORE VULNERABILITY DIGEST BLOG POST WATCH VULNERABILITY DIGEST WEBINAR RECORDING
Next Patch Tuesday webinar – August 14
Don’t miss the next “Vulnerability Digest from Action1” webinar on August 14 at 12 PM EDT / 6 PM CEST to be among the first to get all the updates and strategies to protect your systems from potential cyber threats and ensure the smooth functioning of your servers and workstations.
Recent Updates
June 2024
Microsoft patched 51 vulnerabilities, one critical, no zero-days. Third-party vulnerabilities covered: Google Chrome, Mozilla Firefox, PHP, Azure, Check Point, GitHub, Rockwell, Veeam, Fluent Bit, and QNAP.
May 2024
61 vulnerabilities addressed by Microsoft, two zero-days, one of which has a proof of concept (PoC) available. Also inside: issues found in Intel, AMD Processors, Aruba, WordPress, Artificial Intelligence, Cisco, Ivanti, Putty, Palo Alto, and LG WebOS, web browsers, etc.
April 2024
Fixes for 151 vulnerabilities were announced, no zero-days, three critical. Also inside: issues found in HTTP 2.0, Flowmon, Ivanti, Linux, Splunk, Anyscale Ray AI, Apple, GLPI, Fortinet, Atlassian, Fortra, Cisco, Kubernetes, web browsers, etc.
March 2024
Microsoft has fixed a total of 60 vulnerabilities, no zero-days, two critical. Also inside: issues found in Jet Brains Team City, Zeek, VMware, Apple, Smart Toys, ConnectWise ScreenConnect, Joomla, SolarWinds, ESET, Linux, and Node.js., web browsers, etc.
February 2024
Microsoft has addressed a total of 73 vulnerabilities, two zero-days, five critical. Also inside: issues found in GitLab, Jenkins, Android, Vinchin Backup & Recovery, ModSecurity, WhatsApp, Apple, JetBrains, Cisco, VMware, Linux, Fortinet, Ivanti, web browsers, etc.
January 2024
Microsoft has addressed a total of 48 vulnerabilities, two critical vulnerabilities. Also inside: issues found in Google Chrome, Google Web Toolkit, Mozilla Firefox, Apache solutions, Barracuda, ESG, Apple, Linux, ESET, Ivanti, OpenSSH, Perforce Helix Core Server, and Dell.
December 2023
Microsoft patched 34 vulnerabilities, no zero-days, and four critical. Also inside: issues found in Chrome, Firefox, WordPress, Web Password Managers, Atlassian, Cisco, Bluetooth, VMware, Zyxel, Apple, Qlik Sense, ownCloud, CrushFTP, FortiSIEM, AMD, and Intel.
November 2023
Microsoft patched 63 vulnerabilities, three zero-days, and three critical. Also inside: issues found in Google Chrome, Mozilla, Firefox, Veeam ONE, Apache ActiveMQ, Atlassian, Kubernetes ingress-nginx, Cisco, Citrix, VMware, SolarWinds, Oracle, Exim, and SysAid.
October 2023
Microsoft released patches for 103 vulnerabilities, including three zero-days, 16 considered critical. Also inside: issues found in Google Chrome, Firefox, Apple, Linux, Atlassian, Progress Software WS_FTP, Jet Brains Team City, Exim, Cisco, Nagios, and Kubernetes.
September 2023
Microsoft has addressed 61 vulnerabilities, including two zero-days and five critical. Also inside: issues found in Android, Google Chrome, Firefox, Ivanti, SCADA, Citrix, Splunk, Notepad++, Juniper, Apple, Skype, WinRAR, Intel, AMD, and Siemens.
August 2023
Microsoft has addressed 74 vulnerabilities, including one zero-day and six critical. Also inside: issues found in Azure, Chrome, Firefox, Ivanti, Canon, Ubuntu Linux, AMD, MikroTik, Atlassian, Apple, and Adobe ColdFusion.
July 2023
Microsoft has resolved a record-breaking number of 142 vulnerabilities, including six zero-days and 9 critical. You will find inside: issues found in MOVEit, Firefox, Android, Cisco, Microsoft Teams, Linux, ChatGPT, FortiGate, VMware and Apple.
June 2023
Microsoft has resolved 86 vulnerabilities, fixes for new and existing issues. Also: updates for Windows Protected Process Light, Google Chrome, Firefox, Gitlab, Mikrotik RouterOS, Mobile Devices Fingerprint, Barracuda Email Gateway, Libre Office, Linux, and Apple.
May 2023
This Patch Tuesday, Microsoft has resolved 39 vulnerabilities, two zero-days and six critical vulnerabilities. In this issue you’ll also find updates about fixes for Google Chrome, Mozilla Firefox, Apache, Service Location Protocol, VMware, Apple, Intel and Linux.
April 2023
In this Patch Tuesday release, Microsoft has addressed a total of 102 vulnerabilities, two zero-days and seven critical. In this issue you’ll also find updates about fixes for Microsoft Snipping Tool, Google Chrome, Firefox, Android, Bing, IEEE 802.11 Wi-Fi protocol, and Apple.
March 2023
This Patch Tuesday, Microsoft fixed a total of 74 vulnerabilities, nine critical fixes, and two zero-days. Explore this issue also for updates about fixes for Microsoft Office and Intel Processors in Windows OS fixes, TPM 2.0, Google Chrome, Jenkins, Veeam and Android.
February 2023
The February Patch Tuesday brought 75 fixed vulnerabilities, six critical updates and three zero-day vulnerabilities. Zoom in for details about fixes for Google Chrome, Mozilla Firefox, OpenSSL, Jira, Oracle and Apple.
January 2023
The first Patch Tuesday of 2023 brings us 98 fixed vulnerabilities from Microsoft, 11 critical fixes, and one zero-day. In this issue, you’ll also find updates about fixes for Google Chrome, Mozilla Firefox, Citrix, Linux, WordPress, Foxit Reader, and VMware.
December 2022
December Patch Tuesday brings us 52 fixes from Microsoft. There are seven critical updates, including one zero-day. In this issue, you’ll also find updates about fixes for Internet Explorer, Google Chrome, Mozilla Firefox, Avast, Foxit Reader, VLC Media Player and Zoom.
November 2022
68 vulnerabilities were fixed by Microsoft in November, ten critical updates and six fixed zero-days. In this issue, you’ll also find updates about fixes for Google Chrome, Mozilla Firefox, Oracle, Zoom and Cisco.