Category: Unkategorisiert

Posted on by in Unkategorisiert

Application TypeCVESeverityImpactPossible MitigationsVendor Link
Microsoft Operating SystemCVE-2024-38074Critical (CVSS 9.8)Remote code execution in Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; monitor for suspicious activitiesMicrosoft Advisory
CVE-2024-38076Critical (CVSS 9.8)Remote code execution in Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; monitor for suspicious activitiesMicrosoft Advisory
CVE-2024-38077Critical (CVSS 9.8)Remote code execution in Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; monitor for suspicious activitiesMicrosoft Advisory
CVE-2024-38060Critical (CVSS 8.8)Remote code execution in Windows Imaging ComponentApply official patch; restrict access to vulnerable systems; monitor for suspicious file uploadsMicrosoft Advisory
CVE-2024-38080Important (CVSS 7.8)Privilege escalation in Windows Hyper-V (Zero-day, actively exploited)Apply the official patch immediately; monitor for suspicious activities; ensure systems are up-to-dateMicrosoft Advisory
CVE-2024-38112Important (CVSS 7.5)Spoofing vulnerability in Windows MSHTML Platform (Zero-day, actively exploited)Apply the official patch immediately; educate users about the risks of executing unknown filesMicrosoft Advisory
CVE-2024-38073Important (CVSS 7.5)Denial of Service in Windows Remote Desktop Licensing ServiceApply official patch; monitor for unusual network trafficMicrosoft Advisory
CVE-2024-38015Important (CVSS 7.5)Denial of Service in Windows Remote Desktop GatewayApply official patch; implement network segmentationMicrosoft Advisory
CVE-2024-30098Important (CVSS 7.5)Security Feature Bypass in Windows Cryptographic ServicesApply official patch; review and update cryptographic configurationsMicrosoft Advisory
CVE-2024-38061Important (CVSS 7.5)Elevation of Privilege in DCOM Remote Cross-Session ActivationApply official patch; restrict DCOM accessMicrosoft Advisory
Server ApplicationCVE-2024-38023Critical (CVSS 7.2)Remote code execution in Microsoft SharePoint ServerApply security updates; restrict “Site Owner” permissions; monitor for suspicious activitiesMicrosoft Advisory
CVE-2024-38087Critical (CVSS 8.8)Remote code execution in SQL Server Native Client OLE DB ProviderApply security updates; restrict access to SQL Server; monitor for unusual database activitiesMicrosoft Advisory
CVE-2024-38088Critical (CVSS 8.8)Remote code execution in SQL Server Native Client OLE DB ProviderApply security updates; restrict access to SQL Server; monitor for unusual database activitiesMicrosoft Advisory
CVE-2024-38044Important (CVSS 7.2)Remote code execution in DHCP Server ServiceApply official patch; review DHCP server configurationsMicrosoft Advisory
Development ToolsCVE-2024-35264Important (CVSS 8.1)Remote code execution in .NET and Visual StudioApply the official patch; monitor and restrict access to vulnerable systemsMicrosoft Advisory
Office ApplicationsCVE-2024-38021Critical (CVSS 8.8)Remote code execution in Microsoft OfficeApply security updates; ensure users are cautious about clicking on links from untrusted sourcesMicrosoft Advisory
Network ServicesCVE-2024-38031Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possibleMicrosoft Advisory
CVE-2024-38067Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possibleMicrosoft Advisory
CVE-2024-38068Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possibleMicrosoft Advisory
CVE-2024-38091Important (CVSS 7.5)Denial of Service in Microsoft WS-DiscoveryApply official patch; disable WS-Discovery if not neededMicrosoft Advisory
CVE-2024-3596Important (CVSS 7.5)Spoofing vulnerability in RADIUS ProtocolApply official patch; implement additional authentication mechanismsMicrosoft Advisory
System ComponentsCVE-2024-38033Important (CVSS 7.3)Elevation of Privilege in PowerShellApply official patch; restrict PowerShell execution policiesMicrosoft Advisory
CVE-2024-38025Important (CVSS 7.2)Remote code execution in Windows Performance Data Helper LibraryApply official patch; monitor for unusual system performance queriesMicrosoft Advisory
CVE-2024-30081Important (CVSS 7.1)Spoofing vulnerability in Windows NTLMApply official patch; consider disabling NTLM where possibleMicrosoft Advisory
CVE-2024-38065Important (CVSS 6.8)Security Feature Bypass in Secure BootApply official patch; ensure physical security of systemsMicrosoft Advisory

These vulnerabilities should be addressed promptly to minimize

Citations:
[1] https://www.crowdstrike.com/blog/patch-tuesday-analysis-july-2024/
[2] https://www.ivanti.com/blog/july-2024-patch-tuesday
[3] https://www.tenable.com/blog/microsofts-july-2024-patch-tuesday-addresses-138-cves-cve-2024-38080-cve-2024-38112
[4] https://www.tenable.com/blog/oracle-july-2024-critical-patch-update-addresses-175-cves

Posted on by in Unkategorisiert

Based on the search results and analysis, here are the 25 most important and critical new CVEs from last Friday, ranked by severity and grouped by application type:

Application typeCVESeverityEffectsPossible remedies
Microsoft operating system
CVE-2024-38074Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; monitor for suspicious activity
CVE-2024-38076Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; watch out for suspicious activity
CVE-2024-38077Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; watch out for suspicious activity
CVE-2024-38060Critical (CVSS 8.8)Remote code execution in Windows Imaging ComponentApply official patch; restrict access to vulnerable systems; monitor for suspicious file uploads
CVE-2024-38080Important (CVSS 7.8)Privilege escalation in Windows Hyper-V (zero-day, is actively exploited)Apply the official patch immediately; watch out for suspicious activity; make sure systems are up to date
CVE-2024-38112Important (CVSS 7.5)Spoofing vulnerability in Windows MSHTML Platform (zero-day, actively exploited)Apply the official patch immediately; inform users about the risks of running unknown files
CVE-2024-38073Important (CVSS 7.5)Denial of Service in Windows Remote Desktop Licensing ServiceApply official patch; watch out for unusual network traffic
CVE-2024-38015Important (CVSS 7.5)Denial of Service in Windows Remote Desktop GatewayApply official patch; implement network segmentation
CVE-2024-30098Important (CVSS 7.5)Bypassing security features in Windows Cryptographic ServicesApply official patch; check and update cryptographic configurations
CVE-2024-38061Important (CVSS 7.5)Privilege extension in DCOM Remote Cross-Session ActivationApply official patch; restrict DCOM access
Server application
CVE-2024-38023Critical (CVSS 7.2)Remote code execution in Microsoft SharePoint ServerApply security updates; restrict “Site Owner” permissions; monitor for suspicious activity
CVE-2024-38087Critical (CVSS 8.8)Remote code execution in SQL Server Native Client OLE DB ProviderApply security updates; restrict access to SQL Server; monitor for unusual database activity
Critical (CVSS 8.8)Remote code execution in SQL Server Native Client OLE DB ProviderApply security updates; restrict access to SQL Server; watch out for unusual database activityCVE-2024-38088
CVE-2024-38044Important (CVSS 7.2)Remote code execution in the DHCP server serviceApply official patch; check DHCP server configurations
Development tools
CVE-2024-35264Important (CVSS 8.1)Remote code execution in .NET and Visual StudioApply official patch; monitor and restrict access to vulnerable systems
Office applications
CVE-2024-38021Critical (CVSS 8.8)Remote code execution in Microsoft OfficeApply security updates; ensure that users are careful when clicking on links from untrusted sources
Network services
CVE-2024-38031Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possible
CVE-2024-38067Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possible
CVE-2024-38068Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possible
CVE-2024-38091Important (CVSS 7.5)Denial of Service in Microsoft WS-DiscoveryApply official patch; deactivate WS-Discovery if not required
CVE-2024-3596Important (CVSS 7.5)Spoofing vulnerability in the RADIUS protocolApply official patch; implement additional authentication mechanisms
System components
CVE-2024-38033Important (CVSS 7.3)Authorization extension in PowerShellApply official patch; restrict PowerShell execution policies
CVE-2024-38025Important (CVSS 7.2)Remote code execution in the Windows Performance Data Helper LibraryApply official patch; watch out for unusual system performance queries
CVE-2024-30081Important (CVSS 7.1)Spoofing vulnerability in Windows NTLMApply official patch; deactivate NTLM if possible
CVE-2024-38065Important (CVSS 6.8)Bypassing security functions in Secure BootApply official patch; ensure physical security of systems

These vulnerabilities should be rectified immediately to minimize potential security risks. When applying remedies or patches, always follow the guidelines and best practices provided by the manufacturer.

Quotes: [1] https://www.ivanti.com/blog/july-2024-patch-tuesday [2] https://socradar.io/microsoft-fixes-cve-2024-38112-after-over-a-year-of-exploitation-zero-click-threat-of-cve-2024-38021/ [3] https://www.crowdstrike.com/blog/patch-tuesday-analysis-july-2024/ [4] https://www.tenable.com/blog/oracle-july-2024-critical-patch-update-addresses-175-cves [5] https://www.tenable.com/blog/microsofts-july-2024-patch-tuesday-addresses-138-cves-cve-2024-38080-cve-2024-38112 [6] https://www.rapid7.com/blog/post/2024/07/09/patch-tuesday-july-2024/ [7] https://www.spiceworks.com/it-security/vulnerability-management/articles/july-2024-patch-tuesday/

Posted on by in Unkategorisiert

Based on the search results and analysis, here are the 25 most important and critical new CVEs from last Friday, ranked by severity and grouped by application type:

Application typeCVESeverityEffectsPossible remedies
Microsoft operating system
CVE-2024-38074Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; monitor for suspicious activity
CVE-2024-38076Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; watch out for suspicious activity
CVE-2024-38077Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing ServiceApply official patch; disable the service if not needed; watch out for suspicious activity
CVE-2024-38060Critical (CVSS 8.8)Remote code execution in Windows Imaging ComponentApply official patch; restrict access to vulnerable systems; monitor for suspicious file uploads
CVE-2024-38080Important (CVSS 7.8)Privilege escalation in Windows Hyper-V (zero-day, is actively exploited)Apply the official patch immediately; watch out for suspicious activity; make sure systems are up to date
CVE-2024-38112Important (CVSS 7.5)Spoofing vulnerability in Windows MSHTML Platform (zero-day, actively exploited)Apply the official patch immediately; inform users about the risks of running unknown files
CVE-2024-38073Important (CVSS 7.5)Denial of Service in Windows Remote Desktop Licensing ServiceApply official patch; watch out for unusual network traffic
CVE-2024-38015Important (CVSS 7.5)Denial of Service in Windows Remote Desktop GatewayApply official patch; implement network segmentation
CVE-2024-30098Important (CVSS 7.5)Bypassing security features in Windows Cryptographic ServicesApply official patch; check and update cryptographic configurations
CVE-2024-38061Important (CVSS 7.5)Privilege extension in DCOM Remote Cross-Session ActivationApply official patch; restrict DCOM access
Server application
CVE-2024-38023Critical (CVSS 7.2)Remote code execution in Microsoft SharePoint ServerApply security updates; restrict “Site Owner” permissions; monitor for suspicious activity
CVE-2024-38087Critical (CVSS 8.8)Remote code execution in SQL Server Native Client OLE DB ProviderApply security updates; restrict access to SQL Server; monitor for unusual database activity
Critical (CVSS 8.8)Remote code execution in SQL Server Native Client OLE DB ProviderApply security updates; restrict access to SQL Server; watch out for unusual database activityCVE-2024-38088
CVE-2024-38044Important (CVSS 7.2)Remote code execution in the DHCP server serviceApply official patch; check DHCP server configurations
Development tools
CVE-2024-35264Important (CVSS 8.1)Remote code execution in .NET and Visual StudioApply official patch; monitor and restrict access to vulnerable systems
Office applications
CVE-2024-38021Critical (CVSS 8.8)Remote code execution in Microsoft OfficeApply security updates; ensure that users are careful when clicking on links from untrusted sources
Network services
CVE-2024-38031Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possible
CVE-2024-38067Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possible
CVE-2024-38068Important (CVSS 7.5)Denial of Service in Windows Online Certificate Status Protocol (OCSP) ServerApply official patch; implement OCSP stapling if possible
CVE-2024-38091Important (CVSS 7.5)Denial of Service in Microsoft WS-DiscoveryApply official patch; deactivate WS-Discovery if not required
CVE-2024-3596Important (CVSS 7.5)Spoofing vulnerability in the RADIUS protocolApply official patch; implement additional authentication mechanisms
System components
CVE-2024-38033Important (CVSS 7.3)Authorization extension in PowerShellApply official patch; restrict PowerShell execution policies
CVE-2024-38025Important (CVSS 7.2)Remote code execution in the Windows Performance Data Helper LibraryApply official patch; watch out for unusual system performance queries
CVE-2024-30081Important (CVSS 7.1)Spoofing vulnerability in Windows NTLMApply official patch; deactivate NTLM if possible
CVE-2024-38065Important (CVSS 6.8)Bypassing security functions in Secure BootApply official patch; ensure physical security of systems

These vulnerabilities should be rectified immediately to minimize potential security risks. When applying remedies or patches, always follow the guidelines and best practices provided by the manufacturer.

Quotes: [1] https://www.ivanti.com/blog/july-2024-patch-tuesday [2] https://socradar.io/microsoft-fixes-cve-2024-38112-after-over-a-year-of-exploitation-zero-click-threat-of-cve-2024-38021/ [3] https://www.crowdstrike.com/blog/patch-tuesday-analysis-july-2024/ [4] https://www.tenable.com/blog/oracle-july-2024-critical-patch-update-addresses-175-cves [5] https://www.tenable.com/blog/microsofts-july-2024-patch-tuesday-addresses-138-cves-cve-2024-38080-cve-2024-38112 [6] https://www.rapid7.com/blog/post/2024/07/09/patch-tuesday-july-2024/ [7] https://www.spiceworks.com/it-security/vulnerability-management/articles/july-2024-patch-tuesday/

Posted on by in Unkategorisiert

Application type
CVESeverityEffects
Windows OSCVE-2024-38074Critical (CVSS 9.8)
Remote code execution in the Windows Remote Desktop Licensing Service
CVE-2024-38076Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing Service
CVE-2024-38077Critical (CVSS 9.8)Remote code execution in the Windows Remote Desktop Licensing Service
CVE-2024-38060Remote code execution in the Windows Remote Desktop Licensing Service

SPSA Features

Posted on by in Unkategorisiert

Secure & proven software based on Apache GuacamoleTM

  • A secure system with Lowest Privileged Access
  • A secure update and patching infrastructure that keeps your compliance up-to-date
  • Simple admin interface for managing the appliance
  • Integrated option to create and store backups of critical data
  • Integrated performance monitoring with the option of uploading the monitoring data to Skillplan GmbH for evaluation
  • Support for RDP, SSH, telnet and VNC connections
  • Integrated user database with MFA support for standard authentication apps such as Microsoft or Google Authenticator
  • The option to limit user logins in terms of time
  • Active Directory Single Sign-on (Pro Version)
  • Azure Active Directory (SAML) Single Sign-on with integration of Conditional Access (Pro Version)
  • Portal with up to 4 separate SPSA proxies at up to four locations (Pro version
  • Recording and replay of RDP and SSH sessions via video recording (Pro version)

SPSA Next Steps

Would you like an SPSA performance?
Then please contact sales@skill-plan.com to arrange a demo appointment.

Would you like to try out SPSA during a 30-day trial period?
Then please contact sales@skill-plan.com to register for a test position

Do you have further questions and need individual answers?

Describe your questions to sales@skill-plan.com so that we can prepare for an appointment via Teams or Zoom.

Skillplan Secure Access – Fyler Download German

DE-SPSA-Flyer-2024-01-V1.1Download flyer

Skillplan Secure Access – Flyer Download English

EN-SPSA-Flyer-2024-01-V1.1Download the flyer

Master the KRITIS challenge: a quiz on the BSI regulation

Posted on by in Unkategorisiert
IT security quiz

IT security quiz

Which security objective is particularly important in relation to critical infrastructures?