Ref# ADV2024_283 | Date: Aug 16th 2024

---

Microsoft has published a security advisory to address vulnerabilities affecting the following products on August 13, 2024. It is recommended that you take the necessary precautions to ensure your products are always protected.  

   

• Azure Connected Machine Agent 

• Azure Health Bot 

• Azure Stack Hub 

• Azure CycleCloud – multiple versions and platforms 

• Microsoft 365 Apps for Enterprise – multiple platforms 

• Microsoft Copilot Studio 

• Microsoft Dynamics 365 (on-premises) – version 9.1 

• Microsoft Office – multiple versions and platforms 

• Microsoft Outlook 2016 

• Microsoft Project 2016 – multiple platforms 

• Microsoft Teams 

• Microsoft Visual Studio – multiple versions and platforms 

• .NET – version 8.0 

• Remote Desktop client for Windows Desktop 

• Windows 10 – multiple versions and platforms 

• Windows 11 – multiple versions and platforms 

• Windows Server – multiple versions and platforms 

 

Microsoft has indicated that CVE-2024-38189, CVE-2024-38107, CVE-2024-38106, CVE-2024-38213, CVE-2024-38193 and CVE-2024-38178 have been exploited. 

 For more information on these updates and CVEs, you can follow these URLs: 

1. https://msrc.microsoft.com/update-guide/releaseNote/2024-Aug  

1. https://msrc.microsoft.com/update-guide/en-us  

 The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download:  Microsoft Security Advisory

References 

• Microsoft Security Update Guide. (2024, August 13). Retrieved from Microsoft. https://msrc.microsoft.com/update-guide/en-us  

• Microsoft security advisory. (2024, August 13). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-august-2024-monthly-rollup-av24-458