Microsoft Patch Tuesday update - August 2024

Today part of the August 2024 patch Tuesday, Microsoft released a bunch of security updates for its products and services, to resolve various vulnerabilities and bugs. August 2024 Patch Tuesday update, addressed 90 security vulnerabilities including seven critical vulnerabilities, six actively exploited and three publicly disclosed zero-days. It also addresses a series of other bugs related to performance and usability. These updates are important and install as soon as possible to protect your device from potential attacks and exploits. Let’s look at the highlights of the Microsoft Patch Tuesday update in August 2024 for Windows 11 and Windows 10.

What is Patch Tuesday Update?

Microsoft Patch Tuesday Update, the colloquial term for Microsoft’s Update Tuesday falls on the second Tuesday of every month, and brings security updates to fix vulnerabilities or recent bugs.

A vulnerability is a weakness or flaw in a software or hardware component that an attacker could exploit to gain unauthorized access, execute malicious code, or cause damage or disruption. A bug is an error or defect in a software or hardware component that could cause it to malfunction or behave unexpectedly. A security update is a software patch that fixes or mitigates one or more vulnerabilities or bugs.

A security update can have different ratings depending on the severity and impact of the vulnerability or bug it addresses. Microsoft uses four ratings: critical, important, moderate, and low.

  • The critical update fixes a vulnerability that could allow an attacker to take complete control of a system without user interaction.
  • An Important update fixes a vulnerability that could compromise data or functionality but require user interaction or specific conditions.
  • Moderate update fixes a vulnerability that is unlikely to be exploited, but could still have some impact.
  • A Low update fixes a vulnerability that is very unlikely to be exploited and has minimal impact.

Microsoft Patch Tuesday update August 2024

The August 2024 Patch Tuesday includes 90 security updates, including seven critical Remote Code Execution Vulnerability (As it allows privilege elevation, spoofing, or remote code execution) 81 are rated important, and two are rated moderate. The critical updates affect Windows, Internet Explorer, Edge, Office, SharePoint, Exchange, and Azure DevOps Server.

As per the release notes, the August 2024 Microsoft Patch Tuesday Update fixed 34 Elevation of Privilege security issues, 28 Remote Code Execution bugs, 7 Information Disclosure vulnerabilities, 6 Denial of Service Vulnerabilities, 5 spoofing vulnerabilities, 1 cross-site scripting vulnerability and 4 security feature bypass Vulnerability.

Also, Microsoft discloses around Ten zero-day vulnerabilities patched in part of today’s Patch Tuesday updates.

Six actively exploited zero-day vulnerabilities

  • CVE-2024–38178 — Scripting Engine Memory Corruption Vulnerability
  • CVE-2024–38193 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
  • CVE-2024–38213 — Windows Mark of the Web Security Feature Bypass Vulnerability
  • CVE-2024–38106 — Windows Kernel Elevation of Privilege Vulnerability
  • CVE-2024–38107 — Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
  • CVE-2024–38189 — Microsoft Project Remote Code Execution Vulnerability

Four publicly disclosed vulnerabilities

  • CVE-2024–38199 — Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
  • CVE-2024–21302 — Windows Secure Kernel Mode Elevation of Privilege Vulnerability
  • CVE-2024–38200 — Microsoft Office Spoofing Vulnerability
  • CVE-2024–38202 — Windows Update Stack Elevation of Privilege Vulnerability

Microsoft’s August 2024 Patch Tuesday, which includes security updates for a total of 90 flaws.

Seven Critical Severity Vulnerability Patched

CVE-2024-38159 & CVE-2024-38160: Windows Network Virtualization Remote Code Execution Vulnerability

  • Windows Network Virtualization (CVE-2024-38159 & CVE-2024-38160): An attacker with access to a virtual machine could exploit these vulnerabilities to escape the virtual environment and execute code on the host machine, which could lead to serious security breaches.

CVE-2023-40547: Shim RCE in HTTP boot support may lead to secure boot bypass

  • Windows Secure Boot (CVE-2023-40547): A flaw in the Linux boot process, specifically in the Shim bootloader, could allow attackers to bypass the secure boot feature, compromising the system’s security.

CVE-2024-38063: Windows TCP/IP Remote Code Execution Vulnerability

  • Windows TCP/IP (CVE-2024-38063): By sending specially crafted IPv6 packets repeatedly, an attacker could remotely execute code on a Windows machine, potentially taking control of it.

CVE-2024-38140: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

  • Reliable Multicast Transport Driver (RMCAST) (CVE-2024-38140): Hackers can send harmful data packets to a server without needing any user interaction, potentially executing malicious code on a Windows server.

CVE-2024-38166: Microsoft Dynamics 365 Cross-site Scripting Vulnerability

  • Microsoft Dynamics 365 (CVE-2024-38166): Attackers can exploit a vulnerability in Dynamics 365 by tricking users into clicking a malicious link, leading to unauthorized script execution on the web pages generated by the system.

CVE-2024-38206: Microsoft Copilot Studio Information Disclosure Vulnerability

  • Microsoft Copilot Studio (CVE-2024-38206): With valid credentials, an attacker can bypass security protections in Copilot Studio to access sensitive information over the network.

CVE-2024-38109: Azure Health Bot Elevation of Privilege Vulnerability

  • Azure Health Bot (CVE-2024-38109): An attacker with valid access to Azure Health Bot can exploit a flaw in the system to gain higher privileges on the network, potentially controlling more than they should.

Update for Windows client versions

August 2024 (Patch Tuesday) Windows security updates are the following:

  • KB5041585 (OS Build 22631.4037/22621.4037) for the latest Windows 11 version 23H2/22H2
  • KB5041592 (OS Build 22000.3147) for the latest Windows 11 version 21H2
  • KB5041580 (OS Builds 19045.4780) for the latest Windows 10 version 22H2/21H2
  • KB5041578 (OS Build 17763.6189) for the latest Windows 10 version 1809

All these updates only include minor patches and security fixes, rather than any new features.

Note: Windows 11 was released with several new features and improvements as a free upgrade for eligible Windows 10 devices. Here is how to upgrade to Windows 11 for free.

Windows 11 KB5041585 and Windows 10 KB5041580 address security issues for your Windows operating system. Some of the highlights include a fix for an issue causing some Windows devices to boot into BitLocker recovery after installing last month’s Windows security updates.

Also, resolve an issue that breaks multiple Microsoft 365 Defender features using the network data reporting service after installing July’s Windows Server updates.

KB5041585 for Windows 11 introduces a newer version of File Explorer that offers the option to duplicate tabs and fixes crashes and hangs. The Start menu now allows users to drag and pin apps to the Taskbar.

Windows 10 KB5041580 advances to build 19045.4780 and resolves printing problems and updates the Windows Kernel Vulnerable Driver Blocklist file to include a list of drivers at risk for BYOVD attacks.

The KB5041580 update for Windows 10 also resolves the issue where the “Use my Windows user account” checkbox was missing on the Lock screen for Wi-Fi connections. It also removes the “NetJoinLegacyAccountReuse” registry key and implements Secure Boot Advanced Targeting (SBAT) on systems running Windows to block vulnerable Linux EFI (Shim bootloaders) from executing.

Download the Microsoft Security Update

To download and install the updates, users can use Windows Update, Microsoft Update Catalog, or other tools such as Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM). Users should also check for updates from other vendors that August be affected by the same vulnerabilities or use components from Microsoft.

Usually, security updates are automatically downloaded and installed via Windows update. Or you can force Windows update from settings, Windows update, and check for updates to download and install the latest patch updates immediately.

Download KB5041585 for Windows 11

Microsoft has published download links for Windows update offline installers if you prefer manual installation over Windows Update.

Windows 10 KB5041578 (for version 1809) Offline Download links

If you are Looking for Windows 10 version 22H2 ISO image, click here.

Or Check How to Upgrade to Windows 10 version 23H2 Using the media creation tool.

If you face any difficulty while installing these updates, Check the Windows 10 Update troubleshooting guide to fix the Windows 10 update KB5040427 stuck downloading, failed to install with different errors, etc.

FAQ on Patch Tuesday update

What is Patch Tuesday?

  • Patch Tuesday is the colloquial term for Microsoft’s Update Tuesday which falls on the second Tuesday of every month.

When is Patch Tuesday?

  • Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on September 10, 2024.

What is patching and why is it important?

  • Patches are nothing but pieces of software code that are written to fix a bug in a software application that might lead to a vulnerability.

What kind of patch updates are released during Patch Tuesday?

  • Predominantly security patch updates of varying severity like Critical, Important, Moderate and low are labelled and released.

What are CVE IDs?

  • CVE ID – Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and catalogued in the National Vulnerability Database (NVD).

Also Read

Steve Ballmer
With over 7 years of experience in the IT industry, I have experience in IT support, helpdesk, sysadmin, network admin, and cloud computing. Certified in Microsoft Technologies (MCTS and MCSA) and also Cisco Certified Professional in Routing and Switching.