August 2024 Patch Tuesday - Microsoft Recommends Installing ASAP

Back to Giveaway of the Day

Giveaway of the Day Forums » Technical notes

August 2024 Patch Tuesday - Microsoft Recommends Installing ASAP

(3 posts) (1 voice)

Started 3 months ago by mikiem2
Latest reply from mikiem2

mikiem2
Moderator

The reason for the urgency is a "Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled".

bleepingcomputer[.]com/news/microsoft/zero-click-windows-tcp-ip-rce-impacts-all-systems-with-ipv6-enabled-patch-now/

Otherwise...

bleepingcomputer[.]com/news/microsoft/microsoft-august-2024-patch-tuesday-fixes-9-zero-days-6-exploited/

bleepingcomputer[.]com/news/microsoft/windows-11-kb5041585-cumulative-update-released-with-fixes-new-features/

bleepingcomputer[.]com/news/microsoft/windows-10-kb5041580-update-released-with-14-fixes-security-updates/

... includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day.

This Patch Tuesday fixed eight critical vulnerabilities, which were a mixture of elevation of privileges, remote code execution, and information disclosure.

The number of bugs in each vulnerability category is listed below:

36 Elevation of Privilege Vulnerabilities
4 Security Feature Bypass Vulnerabilities
28 Remote Code Execution Vulnerabilities
8 Information Disclosure Vulnerabilities
6 Denial of Service Vulnerabilities
7 Spoofing Vulnerabilities

The number of bugs listed above do not include Microsoft Edge flaws that were disclosed earlier this month.

Microsoft also killed the update that kept showing error messages in Win10 if/when the recovery partition was nonexistent or too small.

neowin[.]net/news/microsoft-kills-unfixable-kb5034440kb5034441-updates-replaces-with-kb5042321kb5042320/

From time to time I've been posting about Microsoft's plans to better secure Windows boot loader by revoking old, insecure Secure Boot signatures to mitigate attacks like Black Lotus. Rather than changing the data stored in the BIOS, the BIOS is supposed to use newer lists on the boot [EFI] partition. And they've had problems with BIOS incompatibility. They've been very slowly rolling out changes to get ready for the switchover -- part of the July updates included some of that, which was incompatible with some [I assume additional] BIOS. They've turned that fix off as part of the August updates.

bleepingcomputer[.]com/news/microsoft/microsoft-disables-bitlocker-security-fix-advises-manual-mitigation/

Posted 3 months ago #
mikiem2
Moderator

bleepingcomputer[.]com/news/microsoft/august-windows-security-update-breaks-dual-boot-on-linux-systems/

The August update may break Linux on dual boot systems -- PCs/laptops that can boot either Windows or Linux. Microsoft patched Windows boot loader to guard against attacks exploiting the GRUB2 boot loader used for Linux. That patch was Not supposed to be applied to systems that dual boot Linux, but in at least some cases it was, causing Linux to no longer boot or start. A possible fix is here [I have not / cannot verify it works:

zdnet[.]com/article/windows-update-breaks-linux-dual-boot-but-there-is-a-fix-for-some-users

Posted 3 months ago #
mikiem2
Moderator

neowin[.]net/news/microsoft-shares-more-info-on-fixing-broken-dual-boot-after-august-patch-tuesday-updates/

Microsoft published their own info on how to get Linux working again.

Posted 3 months ago #

RSS feed for this topic

Reply

You must log in to post.