Microsoft Releases Light Security Update for June -- Redmondmag.com

Microsoft Releases Light Security Update for June

By Chris Paoli
06/11/2024

June's monthly security update has arrived and it continues the recent trend of lighter-than-usual totals.

Microsoft's Patch Tuesday arrived with just 51 CVEs and only one bulletin rated "critical." This is the smallest patch total since January's 49-bulletin release.

This month's stand-out item is CVE-2023-50868, a zero-day security vulnerability in the standard DNSSEC protocol. While it does not directly affect a Microsoft product or service, its inclusion in the monthly release is due to the protocol's close relationship with Windows Server. Here's a breakdown of this publicly disclosed flaw.

NSEC3, an enhanced version of NSEC (Next Secure), provides authenticated denial of existence by proving that a record doesn't exist through evidence of the surrounding records. This mechanism helps prevent DNS cache poisoning against non-existent domains. While NSEC allowed for domain name enumeration, NSEC3 prevents this through the introduction of hashing. However, the hashing process at a large scale can be exploited, which could lead to a denial-of-service vulnerability.

While there have not been any attacks targeting this hole seen in the wild, it's only a matter of time, so make it the priority.

Next, IT should turn its attention to the only critical item of the month: CVE-2024-3008. This item addresses a remote code execution vulnerability in Microsoft Message Queuing (MSMQ), which "an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server" to exploit, according to Microsoft.

With Microsoft also recommending users disable MSMQ and designating it a Common Vulnerability Scoring System (CVSS) of 9.8, mass exploitation is very likely, according to Tyler Reguly, Associate Director, Security R&D at global cybersecurity software and services provider Fortra.

"A couple of quick Shodan searches reveal over a million hosts running with port 1801 open and over 3,500 results for 'msmq,'" commented Reguly. "Given this is a remote code execution, I would expect to see this vulnerability included in exploit frameworks in the near future."

The full list of this month's bulletins can be found here.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

Microsoft Teams Unbundling Not Enough, Says EU Antitrust Watchdog

The European Commission, which polices competition practices in the European Union, has issued a "Statement of Objections" to Microsoft over potential antitrust violations related to Microsoft Teams.
BI and Analytics Space Dominated by Microsoft (and Its Copilots)

Microsoft has a commanding lead in the analytics/business intelligence (ABI) space, buoyed by its hyperfocus on AI and the robust development of its Copilot brand.
'Project Natick' Dries Up: Microsoft Shutters Underwater Datacenter

Microsoft has shelved its experimental underwater datacenter despite "promising findings."
A New Type of Backup Strategy

It might be beneficial to "cryogenically" freeze a ransomware-infected hard drive until an encryption method is discovered down the road
White House Bans Kaspersky Sales, Citing 'Unacceptable' Security Risk

The U.S. government has ordered a ban on all sales of Kaspersky Lab software to businesses and private citizens due to concerns about cyber espionage.