Security 10816 Published by

Microsoft has announced the security updates for August 2024.





August 2024 Security Updates

This release consists of the following 90 Microsoft CVEs:

TagCVEBase ScoreExploitabilityFAQs?Workarounds?Mitigations?
Windows Secure Kernel Mode CVE-2024-213026.7Exploitation Less LikelyYesNoNo
Windows Kerberos CVE-2024-299958.1Exploitation Less LikelyYesNoNo
Microsoft Windows DNS CVE-2024-379687.5Exploitation Less LikelyNoNoNo
Windows TCP/IP CVE-2024-380639.8Exploitation More LikelyYesNoYes
Microsoft Office CVE-2024-380847.8Exploitation Less LikelyYesNoNo
Azure Connected Machine Agent CVE-2024-380987.8Exploitation UnlikelyYesNoNo
Windows Kernel CVE-2024-381067.0Exploitation DetectedYesNoNo
Windows Power Dependency Coordinator CVE-2024-381077.8Exploitation DetectedYesNoNo
Azure Stack CVE-2024-381089.3Exploitation Less LikelyYesNoNo
Azure Health Bot CVE-2024-381099.1Exploitation Less LikelyYesNoNo
Windows IP Routing Management Snapin CVE-2024-381148.8Exploitation Less LikelyYesNoNo
Windows IP Routing Management Snapin CVE-2024-381158.8Exploitation Less LikelyYesNoNo
Windows IP Routing Management Snapin CVE-2024-381168.8Exploitation Less LikelyYesNoNo
Windows NTFS CVE-2024-381177.8Exploitation Less LikelyYesNoNo
Microsoft Local Security Authority Server (lsasrv) CVE-2024-381185.5Exploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-381208.8Exploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-381218.8Exploitation Less LikelyYesNoNo
Microsoft Local Security Authority Server (lsasrv) CVE-2024-381225.5Exploitation Less LikelyYesNoNo
Microsoft Bluetooth Driver CVE-2024-381234.4Exploitation Less LikelyYesNoNo
Microsoft Streaming Service CVE-2024-381257.8Exploitation More LikelyYesNoNo
Windows Network Address Translation (NAT) CVE-2024-381267.5Exploitation Less LikelyYesNoNo
Windows Kernel CVE-2024-381277.8Exploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-381288.8Exploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-381308.8Exploitation Less LikelyYesNoNo
Windows Clipboard Virtual Channel Extension CVE-2024-381318.8Exploitation Less LikelyYesNoNo
Windows Network Address Translation (NAT) CVE-2024-381327.5Exploitation Less LikelyYesNoNo
Windows Kernel CVE-2024-381337.8Exploitation More LikelyYesNoNo
Microsoft Streaming Service CVE-2024-381347.8Exploitation Less LikelyYesNoNo
Windows NT OS Kernel CVE-2024-381357.8Exploitation Less LikelyYesNoNo
Windows Resource Manager CVE-2024-381367.0Exploitation Less LikelyYesNoNo
Windows Resource Manager CVE-2024-381377.0Exploitation Less LikelyYesNoNo
Windows Deployment Services CVE-2024-381387.5Exploitation Less LikelyYesNoNo
Reliable Multicast Transport Driver (RMCAST) CVE-2024-381409.8Exploitation Less LikelyYesNoYes
Windows Ancillary Function Driver for WinSock CVE-2024-381417.8Exploitation More LikelyYesNoNo
Windows Secure Kernel Mode CVE-2024-381427.8Exploitation Less LikelyYesNoNo
Windows WLAN Auto Config Service CVE-2024-381434.2Exploitation Less LikelyYesNoNo
Microsoft Streaming Service CVE-2024-381448.8Exploitation More LikelyYesNoNo
Windows Layer-2 Bridge Network Driver CVE-2024-381457.5Exploitation Less LikelyYesNoNo
Windows Layer-2 Bridge Network Driver CVE-2024-381467.5Exploitation Less LikelyYesNoNo
Windows DWM Core Library CVE-2024-381477.8Exploitation More LikelyYesNoNo
Windows Transport Security Layer (TLS) CVE-2024-381487.5Exploitation More LikelyYesNoNo
Windows DWM Core Library CVE-2024-381507.8Exploitation More LikelyYesNoNo
Windows Kernel CVE-2024-381515.5Exploitation Less LikelyYesNoNo
Microsoft WDAC OLE DB provider for SQL CVE-2024-381527.8Exploitation Less LikelyYesNoNo
Windows Kernel CVE-2024-381537.8Exploitation Less LikelyYesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-381548.8Exploitation Less LikelyYesNoNo
Windows Security Center CVE-2024-381555.5Exploitation Less LikelyYesNoNo
Azure IoT SDK CVE-2024-381577.0Exploitation Less LikelyYesNoNo
Azure IoT SDK CVE-2024-381587.0Exploitation Less LikelyYesNoNo
Windows Network Virtualization CVE-2024-381599.1Exploitation Less LikelyYesNoYes
Windows Network Virtualization CVE-2024-381609.1Exploitation Less LikelyYesNoYes
Windows Mobile Broadband CVE-2024-381616.8Exploitation Less LikelyYesNoNo
Azure Connected Machine Agent CVE-2024-381627.8Exploitation Less LikelyYesNoNo
Windows Update Stack CVE-2024-381637.8Exploitation More LikelyYesNoNo
Windows Compressed Folder CVE-2024-381656.5Exploitation Less LikelyYesNoNo
Microsoft Dynamics CVE-2024-381668.2Exploitation Less LikelyYesNoNo
.NET and Visual Studio CVE-2024-381676.5Exploitation Less LikelyYesNoNo
.NET and Visual Studio CVE-2024-381687.5Exploitation Less LikelyNoNoNo
Microsoft Office Visio CVE-2024-381697.8Exploitation Less LikelyYesNoNo
Microsoft Office Excel CVE-2024-381707.1Exploitation Less LikelyYesNoNo
Microsoft Office PowerPoint CVE-2024-381717.8Exploitation Less LikelyYesNoNo
Microsoft Office Excel CVE-2024-381727.8Exploitation Less LikelyYesNoNo
Microsoft Office Outlook CVE-2024-381736.7Exploitation Less LikelyYesNoNo
Windows App Installer CVE-2024-381777.8Exploitation Less LikelyYesNoNo
Windows Scripting CVE-2024-381787.5Exploitation DetectedYesNoNo
Windows SmartScreen CVE-2024-381808.8Exploitation Less LikelyYesNoNo
Windows Kernel-Mode Drivers CVE-2024-381847.8Exploitation Less LikelyYesNoNo
Windows Kernel-Mode Drivers CVE-2024-381857.8Exploitation Less LikelyYesNoNo
Windows Kernel-Mode Drivers CVE-2024-381867.8Exploitation Less LikelyYesNoNo
Windows Kernel-Mode Drivers CVE-2024-381877.8Exploitation Less LikelyYesNoNo
Microsoft Office Project CVE-2024-381898.8Exploitation DetectedYesNoYes
Windows Kernel-Mode Drivers CVE-2024-381917.8Exploitation Less LikelyYesNoNo
Windows Ancillary Function Driver for WinSock CVE-2024-381937.8Exploitation DetectedYesNoNo
Azure CycleCloud CVE-2024-381957.8Exploitation Less LikelyYesNoNo
Windows Common Log File System Driver CVE-2024-381967.8Exploitation More LikelyYesNoNo
Microsoft Teams CVE-2024-381976.5Exploitation Less LikelyYesNoNo
Windows Print Spooler Components CVE-2024-381987.5Exploitation More LikelyYesNoNo
Line Printer Daemon Service (LPD) CVE-2024-381999.8Exploitation Less LikelyYesNoYes
Microsoft Office CVE-2024-382006.5Exploitation Less LikelyYesNoYes
Azure Stack CVE-2024-382017.0Exploitation Less LikelyYesNoNo
Windows Update Stack CVE-2024-382027.3Exploitation Less LikelyYesNoNo
Microsoft Copilot Studio CVE-2024-382068.5Exploitation Less LikelyYesNoNo
Microsoft Dynamics CVE-2024-382118.2Exploitation Less LikelyYesNoNo
Windows Mark of the Web (MOTW) CVE-2024-382136.5Exploitation DetectedYesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-382146.5Exploitation Less LikelyYesNoNo
Windows Cloud Files Mini Filter Driver CVE-2024-382157.8Exploitation Less LikelyYesNoNo
Microsoft Edge (Chromium-based) CVE-2024-382188.4Exploitation Less LikelyYesNoNo
Microsoft Edge (Chromium-based) CVE-2024-382196.5Exploitation Less LikelyYesNoNo
Microsoft Edge (Chromium-based) CVE-2024-38222Exploitation Less LikelyYesNoNo
Windows Initial Machine Configuration CVE-2024-382236.8Exploitation Less LikelyYesNoNo

We are republishing 12 non-Microsoft CVEs:

CNATagCVEFAQs?Workarounds?Mitigations?
Red Hat, Inc.Windows Secure Boot CVE-2022-2601YesNoNo
Red Hat, Inc.Windows Secure Boot CVE-2022-3775YesNoNo
Red Hat, Inc.Windows Secure Boot CVE-2023-40547YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6990YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7255YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7256YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7532YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7533YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7534YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7535YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7536YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7550YesNoNo

Security Update Guide Blog Posts

DateBlog Post
June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Resources

  • The new Hotpatching feature is now generally available. Please see  Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
  • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the  Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see  Windows Lifecycle Facts Sheet.
  • Microsoft is improving Windows Release Notes. For more information, please see  What's next for Windows release notes.
  • A list of the latest servicing stack updates for each operating system can be found in  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See  4522133 for more information.

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see  Windows message center (links to currently-supported versions of Windows are in the left pane).

KB ArticleApplies To
5041160Windows Server 2022
5041571Windows 11 version 24H2
5041578Windows 10, version 1809, Windows Server 2019
5041580Windows 10, version 21H2, Windows 10, version 22H2
5041592Windows 11, version 21H2
5041773Windows 10, version 1607, Windows Server 2016
5041828Windows Server 2012 R2 (Monthly Rollup)
5041847Windows Server 2008 (Security-only update)
5041850Windows Server 2008 (Monthly Rollup)
5041851Windows Server 2012 (Monthly Rollup)

Win10