CVE-2024-38131
Sensitive Data Storage in Improperly Locked Memory (CWE-591)
Published: Aug 13, 2024
010
CVSS 8.8EPSS 0.09%High
CVE info copied to clipboard
Summary
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability. This is a network-based vulnerability with a low attack complexity that requires user interaction. It has high impacts on confidentiality, integrity, and availability. The vulnerability has a CVSS base score of 8.8, indicating it is of high severity.
Impact
If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code remotely on the affected system. The high impact on confidentiality, integrity, and availability suggests that an attacker could potentially gain full control of the compromised system, access sensitive information, modify data, or disrupt system operations.
Exploitation
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patch
A patch is available. Microsoft has released an official fix for this vulnerability on August 13, 2024.
Mitigation
1. Apply the official patch released by Microsoft as soon as possible. 2. Implement network segmentation and restrict network access to minimize the attack surface. 3. Educate users about the risks of interacting with untrusted sources, as this vulnerability requires user interaction. 4. Monitor systems for unusual activities that might indicate exploitation attempts. 5. Keep all systems and software up-to-date with the latest security patches.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Timeline
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Qualys (92160)
Aug 13, 2024 at 7:53 AM
CVSS
A CVSS base score of 8.8 has been assigned.
Aug 13, 2024 at 5:35 PM / microsoft
First Article
Feedly found the first article mentioning CVE-2024-38131. See article
Aug 13, 2024 at 5:37 PM / Microsoft Security Advisories - MSRC
CVE Assignment
NVD published the first details for CVE-2024-38131
Aug 13, 2024 at 6:15 PM
EPSS
EPSS Score was set to: 0.15% (Percentile: 52.3%)
Nov 19, 2024 at 4:07 PM
Affected Systems
Microsoft/windows_server_2012
+null more
Patches
Microsoft
+null more
References
Microsoft August 2024 Security Updates
Classification: Critical, Solution: Official Fix, Exploit Maturity: High, CVSSv3.1: 9.8, CVEs: CVE-2024-21302, CVE-2024-29995, CVE-2024-37968, CVE-2024-38063, CVE-2024-38084, CVE-2024-38098, CVE-2024-38106, CVE-2024-38107, CVE-2024-38108, CVE-2024-38109, CVE-2024-38114, CVE-2024-38115, CVE-2024-38116, CVE-2024-38117, CVE-2024-38118, CVE-2024-38120, CVE-2024-38121, CVE-2024-38122, CVE-2024-38123, CVE-2024-38125 (+82 other associated CVEs), Summary: https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2024-patch-tuesday-fixes-9-zero-days-6-exploited/ Today is Microsoft's August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day. This Patch Tuesday fixed eight critical vulnerabilities, which were a mixture of elevation of privileges, remote code execution, and information disclosure. The number of bugs in each vulnerability category is listed below:
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
VERT Threat Alert: August 2024 Patch Tuesday Analysis
While updates for CVE-2024-38200 were released as part of the August Patch Tuesday drop, Microsoft had already enabled a fix for this issue on July 30, meaning that all users of supported versions of Office were protected. This vulnerability, a privilege escalation in the Windows Kernel, requires that the attacker win a race condition to successfully exploit it.
News
Update Sun Sep 15 22:27:34 UTC 2024
Update Sun Sep 15 22:27:34 UTC 2024
Microsoft’s September 2024 Patch Tuesday Update Fixes 79 Vulnerabilities
Microsoft addressed 79 vulnerabilities in September 2024 Patch Tuesday, with 7 critical flaws in components like Windows, Office, and SharePoint. Microsoft released yesterday the September 2024 Patch Tuesday updates for all supported versions of Windows 10 and Windows 11.
Third-Party Software Update Catalog Release History – August 2024
Third-Party Software Update Catalog Release History – August 2024 In August 2024, our third-party software update catalog for Microsoft SCCM contained 1039 bug, feature, and security-related updates. Below you will find a full list of relevant updates and new products for August 2024. 1039 Total Updates 179 Security Updates 131 of the 179 security updates include CVE-IDs 110 New Products New Products: AbaClient 3.2.996.0 (MSI-x86) ACE Service Installer 3.6.16.0 (MSI-x86) All-in-One Messenger 2.5.0.0 (User-x64) Anywhere365 Integrator 1.0.0.1 (MSI-x86) Appeee 1.83.0.0 (User-x64) ApSIC Xbench 3.0.0.1593 (EXE-x64) Autodesk AutoCAD 2025 25.0.116.0 (EXE-x64) Autodesk AutoCAD Architecture 2024 8.6.62.0 (EXE-x64) Autodesk AutoCAD Electrical 2022 19.0.81.0 (EXE-x64) Autodesk AutoCAD Electrical 2023 20.0.73.0 (EXE-x64) Autodesk AutoCAD Electrical 2024 21.0.73.0 (EXE-x64) Autodesk AutoCAD Electrical 2025 22.0.71.0 (EXE-x64) Autodesk AutoCAD LT 2025 25.0.116.0 (EXE-x64) Autodesk Civil 3D 2025 13.7.161.0 (EXE-x64) Autodesk Single Sign On Component 13.8.6.1806 (MSI-x64) Axure RP 10.0.0.3924 (EXE-x86) Azure Connected Machine Agent 1.45.02769.1796 (MSI-x64) BelfiusConnector 3.7.15.0 (MSI-x64) BelfiusConnector 3.7.15.0 (MSI-x86) Bitwarden 2024.7.1.0 (User-x64) BlackBull Markets cBroker Live 9.1.2.58572 (User-x64) BlueBird Connector 3.0.0.0 (MSI-x64) Bria 67.12.4830.0 (MSI-x86) Bria Enterprise 64.10.7302.0 (MSI-x86) Brinno Connect 1.1.9810.0 (EXE-x86) Brother iPrint and Scan 12.0.2.3 (EXE-x86) BrowserStackLocal 3.6.4.0 (MSI-x86) Bytello Share 5.8.0.3788 (EXE-x86) CalDavSynchronizer 4.4.1.0 (MSI-x86) Caption.Ed 2.6.3.0 (User-x64) ClickShare Extension Pack 1.2.0.6 (MSI-x86) Clockify 1.7.92.0 (MSI-x64) Coligo DESKTOP 1.34.10.0 (MSI-x64) Coligo DESKTOP 1.34.10.0 (User-x64) Contour Pointing Devices 3.1.0.0 (MSI-x64) Contour Shuttle 2.13.5.0 (MSI) CSViewer 2.4.0.0 (User-x64) Dalux 3.0.9000.25264 (MSI-x64) Dell Power Manager Service 3.15.0.0 Digiexam 15.0.20.0 (User-x64) DNSFilter Agent 1.13.2.0 (MSI-x64) Docusign Edit 2.7.0.0 (EXE-x64) Docusign Edit 2.7.0.0 (User-x64) DuctZone 1.4.9.0 (EXE-x86) EasyMorph Desktop 5.8.0.6 (User-x64) EasyMorph Server 5.8.0.6 (EXE-x64) FBX Game Recorder 3.20.0.2301 (EXE) Ferdium 6.7.6.0 (EXE-x64) Ferdium 6.7.6.0 (User-x64) Filius 2.6.1.0 (EXE-x64) Fing Desktop 3.7.0.0 (EXE-x64) Franz 5.10.0.0 (User-x64) Fundels 3.2.6.0 (EXE-x86) Google Web Designer 14.0.1.0 (EXE-x64) Google Web Designer 14.0.1.0 (EXE-x86) Hash Tool 1.2.1.0 (EXE-x86) IAP Desktop 2.42.1564.0 (MSI-x64) IAP Desktop 2.42.1564.0 (MSI-x86) Inno Setup 6.3.3.0 (EXE-x86) Inno Setup 6.3.3.0 (User-x86) IVPN Client 3.14.16.0 (EXE-x64) JamLogic 3.139.0.0 (User-x64) JPEGView 1.3.46.0 (MSI-x64) JPEGView 1.3.46.0 (MSI-x86) KNIME Analytics Platform 5.3.0.0 (EXE-x64) KNIME Analytics Platform 5.3.0.0 (User-x64) Kofax Power PDF 5.1 Advanced 5.1.0.3 Macabacus 9.7.1.0 (MSI-x86) ManicTime 24.2.0.6 (MSI-x64) ManicTime 24.2.0.6 (MSI-x86) MirrorOp 2.5.4.70 (MSI-x86) NETworkManager 24.6.15.0 (MSI-x64) NXLog Community Edition 3.2.2329.0 (MSI) OpenBoard 1.7.1.240 (EXE) pCon.planner ME 8.10.0.104 (EXE-x64) pCon.planner PRO 8.10.0.104 (EXE-x64) pCon.planner STD 8.10.0.104 (EXE-x64) PDF Studio 2024 2024.0.1.0 (EXE-x64) PDF Studio 2024 2024.0.1.0 (EXE-x86) PDF Studio Latest 2024.0.1.0 (EXE-x64) PDF Studio Latest 2024.0.1.0 (EXE-x86) PDF Studio Viewer 2024.0.1.0 (EXE-x64) PDF Studio Viewer 2024.0.1.0 (EXE-x86) PDF Studio Viewer Latest 2024.0.1.0 (EXE-x64) PDF Studio Viewer Latest 2024.0.1.0 (EXE-x86) Profit Communication Center 2.9.1400.103 (EXE) QAWeb Enterprise Agent 2.15.0.0 (EXE-x64) QTextPad 1.11.0.0 (EXE-x64) RenderDoc 1.34.0.0 (MSI-x64) RenderDoc 1.34.0.0 (MSI-x86) Splunk ACS CLI 2.14.0.0 (EXE-x64) Splunk Universal Forwarder 9.3 9.3.0.0 (MSI-x64) Splunk Universal Forwarder 9.3 9.3.0.0 (MSI-x86) Sweet Home 3D 7.5.0 (EXE-x64) Tableau Reader Latest 24.2.801.0 (EXE-x64) TalkType 3.1.0 (User-x64) Todoist 9.7.2.0 (User-x64) TurboVNC 3.1.2.0 (EXE-x64) TurboVNC 3.1.2.0 (EXE-x86) Vagrant 2.4.1 (MSI-x64) Vagrant 2.4.1 (MSI-x86) Vagrant VMware Utility 1.0.22.0 (MSI-x64) Visual Paradigm Project Viewer 17.2.0.0 (EXE-x64) Windows Subsystem for Linux 2.2.4.0 (MSI-x64) Write 3.0.1489.0 (MSI-x64) Zotero 7.0.1.0 (EXE-x64) Zscaler Client Connector 4.5 v4.5.0.286 (MSI-x64) Zscaler Client Connector 4.5 v4.5.0.286 (MSI-x86) Zulu JRE 21.36.17.0 (MSI-x64) Zulu JRE Latest 21.36.17.0 (MSI-x64) Updates Added: (Oldest to Newest) 8×8 Work 8.15.2.7 (MSI-x64) Release Notes for 8×8 Work 8.15.2.7 (MSI-x64) Release Type: ⬤ ⬤ Scan Detection Ratio 0/61 VirusTotal Latest Scan Results (MSI-x64) AWS Command Line Interface v2 2.17.21.0 (x64) Release Notes for AWS Command Line Interface v2 2.17.21.0 (x64) Release Type: ⬤ ⬤ Scan Detection Ratio 0/52
Weekly Newsletter – 17th of August to 23rd of August 2024
Windows App: what’s new and what’s next | Windows in the Cloud Windows in the Cloud returns with a new season!
Microsoft Remote Desktop for AVD and Windows 365 1.2.5620
Hi All, Today i was notified, that a new Version of the Microsoft Remote Desktop Client is available Release Notes: What’s new in the Remote Desktop client for Windows CVE-2024-38131 When you start the Microsoft Remote Desktop Client, it checks for Updates and you can see a green arrow, that indicates an Update Installing the Update You can check the Versions by selecting the three dots on top right and select “About”
See 36 more articles and social media posts