Microsoft April 2024 Security Updates: A Comprehensive Overview

Jouke Nijnens
Apr 12, 2024 9:22:44 AM

As part of its commitment to transparency and security, Microsoft has released its April 2024 security updates addressing a total of 155 vulnerabilities across various products and services. Let’s delve into the key points:

TetherView-Cybersecurity-Assessment

1. Vulnerability Breakdown

Critical Vulnerabilities: Microsoft addressed three critical vulnerabilities in this month’s updates.

Important Severity: The majority of the vulnerabilities (145 out of 155) fall under the important severitycategory.

2. Notable Vulnerabilities

a. .NET Vulnerability (CVE-2024-21409)

Description: A use-after-free vulnerability exists in WPF (Windows Presentation Foundation). If exploited, it could lead to elevation of privilege when viewing untrusted documents.

Affected Versions: .NET 6.0, .NET 7.0, and .NET 8.0.

Action for Developers: Developers are advised to update their applications promptly to remove this vulnerability.

b. Visual Studio Compatibility

Ensure compatibility with Visual Studio by referring to the release notes for .NET 8.0, .NET 7.0, and .NET 6.0.

3. Zero-Day Vulnerabilities

Notably, Microsoft did not address any zero-day vulnerabilities known to be exploited in the wild in this month’s updates.

4. Deployment Recommendations

If you haven’t already, deploy the latest .NET updates to secure your applications.

Available versions: 8.0.4, 7.0.18, and 6.0.29 for Windows, macOS, and Linux (x86, x64, Arm32, and Arm64).

5. Windows Security Updates

Here’s a summary of critical vulnerabilities for supported Windows versions:

Windows 10 version 22H2: 68 vulnerabilities (0 critical, 68 important).
Windows 11 version 22H2: 69 vulnerabilities (0 critical, 69 important).
Windows 11 version 23H2: 69 vulnerabilities (0 critical, 69 important).

Conclusion

Microsoft’s commitment to security remains steadfast, and these updates reflect their ongoing efforts to protect users and systems. As always, stay vigilant, keep your systems up to date, and follow best practices to safeguard your digital environment.

This article was prepared by TetherView’s security team. We appreciate Microsoft’s dedication to transparency and encourage users to apply updates promptly.

For more details, you can refer to the official Microsoft blog post on the April 2024 Updates and the Patch Tuesday review.

Get more insights from the TetherView team and join in on the conversation:

Subscribe to our Newsletter
Register for a Workshop
Follow us on LinkedIn

Read On

Security and IT in Healthcare Sector is Vital but Daunting - TetherView

Virtual Desktops | An IT solution for Healthcare Providers

The healthcare industry can be...

Why Financial Service Companies Should Prioritize Microsoft 365 Assessments

In the rapidly evolving landscape of financial services, where data security, regulatory...

How VDI Enhances Security in Healthcare Settings

In the rapidly evolving digital landscape of healthcare, where patient data privacy and security...