Patch Tuesday Support Group July Webinar
Webinar Summary
Jordan Benzing goes over the latest update releases including repeating vulnerability, Windows Remote Desktop Licensing Service Remove Code Execution. Bryan Dam then reviews hot topic articles over the last month including Polyfill supply chain attack, multiple WordPress Plugins ongoing supply-chain attack, TeamViewer Corporate IT compromised environment, and much more.
Watch the Webinar Recording
Webinar Hosts
Bryan Dam
Patch My PC
Software Engineer
Jordan Benzing
Patch My PC
Security Engineer Lead
Patch Tuesday Support Group Webinar Recap
Patch Tuesday July News
Possible Update Issues — support.microsoft.com
The KB5036980 breaks the Windows 11 Enterprise Subscription Activation — call4cloud.nl
Car dealership outages drag on after CDK cyberattacks — techcrunch.com
Polyfill supply chain attack hits 100K+ sites — sansec.io
Toward greater transparency: Unveiling Cloud Service CVEs — msrc.microsoft.com
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack — arstechnica.com
TeamViewer Corporate IT environment is compromised — teamviewer.com
Google Chrome Drops Entrust/AffirmTrust as a Public Certificate Authority — security.googleblog.com
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server — blog.qualys.com
‘RockYou2024’: Nearly 10 billion passwords leaked online — malwarebytes.com
Microsoft bans Android for its China staff, mandates iPhones for work — androidauthority.com
Blast-RADIUS attack breaks 30-year-old protocol — blastradius.fail
Onboarding modern with Autopilot: Magic trick revealed — msendpointmgr.com
Update Microsoft Edge during Windows Autopilot enrollments — inthecloud247.com
Changes to Windows Installer with July CUs for Win10/11 — support.microsoft.com
Retirement of Office 365 connectors within Microsoft Teams — devblogs.microsoft.com
Deprecation of WSUS driver synchronization — techcommunity.microsoft.com
KB5034440: Windows Recovery Environment update for Windows 11, version 21H2: January 9, 2024 — support.microsoft.com
Microsoft Patches of Note
View the full list of Patch Tuesday release notes at Patch Tuesday Blog Home Page – Patch Tuesday Blog
Patches Released: 104
Critical Severity: 48
Important Severity: 48
Moderate Severity: 7
N/A Severity: 0
Third Party Updates from Patch My PC
Total Number of Updates: 2708
Critical: 92
Important: 2062
Moderate: 478
Low: 11
N/A: 65
Browser Patch Specifics
Chrome: 12 Patches
FireFox: 216 Patches (Across supported Languages)
Microsoft Edge: 18 Patches
Opera: 12 Patches
Insight into CVEs
Unique CVEs this Month: 143
Critical: 6
Important: 134
Moderate: 3
N/A: 0
CVE breakdown
14 Denial of Service
26 Elevation of Privilege
9 Information Disclosure
60 Remote Code Executions
24 Security Feature Bypasses
7 Spoofing Opportunities
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability — CVE-2024-38076 Score 9.8
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability — CVE-2024-38074 Score 9.8
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability — CVE-2024-38077 Score 9.8
Windows Hyper-V Elevation of Privilege Vulnerability — CVE-2024-38080 Score 7.8