A bumper Patch Tuesday – get updating now!!!

by Tony Richardson CISSP

We have a record number of patches, 150, released today and an additional 22 released since March’s Patch Tuesday. This brings the total number of patches for the past month to (…drum roll…) 172 vulnerabilities

Welcome to my April Patch Tuesday. Last month wasn’t very active but Microsoft has more than made up for that today. We have a record number of patches, 150, released today and an additional 22 released since March’s Patch Tuesday. This brings the total number of patches for the past month to (…drum roll…) 172 vulnerabilities. I do not believe I have ever seen this many patches in a single month in the past.


The good news is that only one of these vulnerabilities is a zero day: CVE-2024-26234. Microsoft reports that this spoofing vulnerability is both publicly disclosed and also exploited in the wild. The CVSS score is medium at 6.7/5.8. This may be due to the fact that this exploit requires an attacker to have authorized privileges that provide significant control (think admin privileges). Either way my recommendation is to patch/update this ASAP.

Another CVE to look at is CVE-2024-28916. For those of you in corporate evironments that deploy OS’s to your endpoints, lockdown installation images and remove all the bloatware, then this CVE can most likely be ignored since it affects Xbox Gaming Services. I am including it for two reasons: 1. Microsoft included it and 2. I do know of many organizations that don’t use golden images and allow employees to use personal laptops and desktops. As a matter of fact, a close friend was just recently getting nagging popups on his work laptop to update Xbox Gaming Services. He didn’t have a local admin account so he couldn’t unistall it. So I know that many of you may want to get this patch installed immediately. Microsoft reports that this elevation of privilege vulnerability is publicly disclosed and that exploitation is more likely. As of today, it has not been detected in the wild.

Besides the two mentioned above we have three critical updates. They are all remote code executions for MS Defender for IoT. CVE-2024-21322, CVE-2024-21323 and CVE-2024-29053 are all rated by Microsoft as “Exploitation Less Likely”. In my opinion, since these are also rated critical then you should test and update them ASAP.

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Thanks to Randy Franklin Smith as always, from Ultimate Windows Security, for this insightful content.