As part of its commitment to transparency and security, Microsoft has released its April 2024 security updates addressing a total of 155 vulnerabilities across various products and services. Let’s delve into the key points:
Critical Vulnerabilities: Microsoft addressed three critical vulnerabilities in this month’s updates.
Important Severity: The majority of the vulnerabilities (145 out of 155) fall under the important severitycategory.
Description: A use-after-free vulnerability exists in WPF (Windows Presentation Foundation). If exploited, it could lead to elevation of privilege when viewing untrusted documents.
Affected Versions: .NET 6.0, .NET 7.0, and .NET 8.0.
Action for Developers: Developers are advised to update their applications promptly to remove this vulnerability.
Ensure compatibility with Visual Studio by referring to the release notes for .NET 8.0, .NET 7.0, and .NET 6.0.
Notably, Microsoft did not address any zero-day vulnerabilities known to be exploited in the wild in this month’s updates.
If you haven’t already, deploy the latest .NET updates to secure your applications.
Available versions: 8.0.4, 7.0.18, and 6.0.29 for Windows, macOS, and Linux (x86, x64, Arm32, and Arm64).
Windows 10 version 22H2: 68 vulnerabilities (0 critical, 68 important).
Windows 11 version 22H2: 69 vulnerabilities (0 critical, 69 important).
Windows 11 version 23H2: 69 vulnerabilities (0 critical, 69 important).
Microsoft’s commitment to security remains steadfast, and these updates reflect their ongoing efforts to protect users and systems. As always, stay vigilant, keep your systems up to date, and follow best practices to safeguard your digital environment.
This article was prepared by TetherView’s security team. We appreciate Microsoft’s dedication to transparency and encourage users to apply updates promptly.
For more details, you can refer to the official Microsoft blog post on the April 2024 Updates and the Patch Tuesday review.
Subscribe to our Newsletter
Register for a Workshop
Follow us on LinkedIn