| Application type | CVE | Severity | Impact | Possible remediation |
|---|---|---|---|---|
| Microsoft operating system | ||||
| CVE-2024-38074 | Critical (CVSS 9.8) | Remote code execution in Windows Remote Desktop Licensing Service | Apply official patch; disable the service if not needed; monitor for suspicious activity | |
| CVE-2024-38076 | Critical (CVSS 9.8) | Remote code execution in Windows Remote Desktop Licensing Service | Apply official patch; disable the service if not needed; watch for suspicious activity | |
| CVE-2024-38077 | Critical (CVSS 9.8) | Remote code execution in Windows Remote Desktop Licensing Service | Apply official patch; disable the service if not needed; watch for suspicious activity | |
| CVE-2024-38060 | Critical (CVSS 8.8) | Remote code execution in Windows Imaging Component | Apply official patch; restrict access to vulnerable systems; monitor for suspicious file uploads | |
| CVE-2024-38080 | Important (CVSS 7.8) | Privilege escalation in Windows Hyper-V (zero-day, actively exploited) | Apply the official patch immediately; watch for suspicious activity; ensure systems are up to date | |
| CVE-2024-38112 | Important (CVSS 7.5) | Spoofing vulnerability in Windows MSHTML Platform (zero-day, actively exploited) | Apply the official patch immediately; inform users about the risks of executing unknown files | |
| CVE-2024-38073 | Important (CVSS 7.5) | Denial of Service in Windows Remote Desktop Licensing Service | Apply official patch; watch out for unusual network traffic | |
| CVE-2024-38015 | Important (CVSS 7.5) | Denial of Service in Windows Remote Desktop Gateway | Apply official patch; implement network segmentation | |
| CVE-2024-30098 | Important (CVSS 7.5) | Security feature bypass in Windows Cryptographic Services | Apply official patch; check and update cryptographic configurations | |
| CVE-2024-38061 | Important (CVSS 7.5) | Privilege escalation in DCOM Remote Cross-Session Activation | Apply official patch; restrict DCOM access | |
| Server application | ||||
| CVE-2024-38023 | Critical (CVSS 7.2) | Remote code execution in Microsoft SharePoint Server | Apply security updates; restrict “Site Owner” permissions; monitor for suspicious activity | |
| CVE-2024-38087 | Critical (CVSS 8.8) | Remote code execution in SQL Server Native Client OLE DB Provider | Apply security updates; restrict access to SQL Server; monitor for unusual database activity | |
| Critical (CVSS 8.8) | Remote code execution in SQL Server Native Client OLE DB Provider | Apply security updates; restrict access to SQL Server; watch for unusual database activity | CVE-2024-38088 | |
| CVE-2024-38044 | Important (CVSS 7.2) | Remote code execution in DHCP server service | Apply official patch; check DHCP server configurations | |
| Development tools | ||||
| CVE-2024-35264 | Important (CVSS 8.1) | Remote code execution in .NET and Visual Studio | Apply official patch; monitor and restrict access to vulnerable systems | |
| Office applications | ||||
| CVE-2024-38021 | Critical (CVSS 8.8) | Remote code execution in Microsoft Office | Apply security updates; ensure users are careful when clicking on links from untrusted sources | |
| Network services | ||||
| CVE-2024-38031 | Important (CVSS 7.5) | Denial of Service in Windows Online Certificate Status Protocol (OCSP) Server | Apply official patch; implement OCSP stapling if possible | |
| CVE-2024-38067 | Important (CVSS 7.5) | Denial of Service in Windows Online Certificate Status Protocol (OCSP) Server | Apply official patch; implement OCSP stapling if possible | |
| CVE-2024-38068 | Important (CVSS 7.5) | Denial of Service in Windows Online Certificate Status Protocol (OCSP) Server | Apply official patch; implement OCSP stapling if possible | |
| CVE-2024-38091 | Important (CVSS 7.5) | Denial of Service in Microsoft WS-Discovery | Apply official patch; disable WS-Discovery if not needed | |
| CVE-2024-3596 | Important (CVSS 7.5) | Spoofing vulnerability in the RADIUS protocol | Apply official patch; implement additional authentication mechanisms | |
| System components | ||||
| CVE-2024-38033 | Important (CVSS 7.3) | Privilege escalation in PowerShell | Apply official patch; restrict PowerShell execution policies | |
| CVE-2024-38025 | Important (CVSS 7.2) | Remote code execution in the Windows Performance Data Helper Library | Apply official patch; watch out for unusual system performance queries | |
| CVE-2024-30081 | Important (CVSS 7.1) | Spoofing vulnerability in Windows NTLM | Apply official patch; disable NTLM if possible | |
| CVE-2024-38065 | Important (CVSS 6.8) | Bypassing security functions in Secure Boot | Apply official patch; ensure physical security of systems |
These vulnerabilities should be rectified immediately to minimize potential security risks. When applying remedies or patches, always follow the guidelines and best practices provided by the manufacturer.
Quotes: [1] https://www.ivanti.com/blog/july-2024-patch-tuesday [2] https://socradar.io/microsoft-fixes-cve-2024-38112-after-over-a-year-of-exploitation-zero-click-threat-of-cve-2024-38021/ [3] https://www.crowdstrike.com/blog/patch-tuesday-analysis-july-2024/ [4] https://www.tenable.com/blog/oracle-july-2024-critical-patch-update-addresses-175-cves [5] https://www.tenable.com/blog/microsofts-july-2024-patch-tuesday-addresses-138-cves-cve-2024-38080-cve-2024-38112 [6] https://www.rapid7.com/blog/post/2024/07/09/patch-tuesday-july-2024/ [7] https://www.spiceworks.com/it-security/vulnerability-management/articles/july-2024-patch-tuesday/