Microsoft Security Advisory (16th August 2024)  

Ref# ADV2024_283 | Date: Aug 16th 2024

Microsoft has published a security advisory to address vulnerabilities affecting the following products on August 13, 2024. It is recommended that you take the necessary precautions to ensure your products are always protected.  

   

  • Azure Connected Machine Agent 
  • Azure Health Bot 
  • Azure Stack Hub 
  • Azure CycleCloud – multiple versions and platforms 
  • Microsoft 365 Apps for Enterprise – multiple platforms 
  • Microsoft Copilot Studio 
  • Microsoft Dynamics 365 (on-premises) – version 9.1 
  • Microsoft Office – multiple versions and platforms 
  • Microsoft Outlook 2016 
  • Microsoft Project 2016 – multiple platforms 
  • Microsoft Teams 
  • Microsoft Visual Studio – multiple versions and platforms 
  • .NET – version 8.0 
  • Remote Desktop client for Windows Desktop 
  • Windows 10 – multiple versions and platforms 
  • Windows 11 – multiple versions and platforms 
  • Windows Server – multiple versions and platforms 

 

Microsoft has indicated that CVE-2024-38189, CVE-2024-38107, CVE-2024-38106, CVE-2024-38213, CVE-2024-38193 and CVE-2024-38178 have been exploited. 

 For more information on these updates and CVEs, you can follow these URLs: 

  1. https://msrc.microsoft.com/update-guide/releaseNote/2024-Aug  
  1. https://msrc.microsoft.com/update-guide/en-us  

 The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download:  Microsoft Security Advisory

References