Skip to content
BLOG

Patch Tuesday June 2024

Brock Bingham candid headshot
Brock Bingham|June 11, 2024
PatchTuesday orange
PatchTuesday orange
Sections

Welcome to the June 2024 Patch Tuesday recap. I just got back from camping over the weekend, and I learned something very important: I enjoy dealing with virtual bugs much more than I enjoy dealing with real bugs. 

With that important note out of the way, let’s take a look at what bugs and vulnerabilities Microsoft squashed this month. 

  • Total exploits patched: 51 

  • Critical patches: 1 

  • Already known or exploited: 1 

Some highlights (or lowlights) 

The main highlight for this month would be that it’s a relatively light month for patches. In fact, our senior SOC analyst described this month’s patches as boring. But, if you’re like me, you like boring. Here are the highlights. 

  • CVE-2024-30080: Our highest-rated and only critical patch this month is CVE-2024-30080, which is a vulnerability affecting the Windows messaging queue. If that all sounds familiar, it’s probably because we’ve been getting these messaging queue vulnerabilities for a while now with no sure end in sight. Luckily, the remediation is simple enough: Install the official patch and you’re good to go … until next time. 

  • CVE-2024-30078: Coming in at a distant second with a base CVSS score of 8.8 is a Windows Wi-Fi driver remote code execution (RCE) vulnerability. While this vulnerability has a low attack complexity, it does require the bad actor to be within the proximity of a target system to send and receive radio transmissions. Not the scariest vulnerability since they have to be on your premises, but maybe look around the office building for any shady figures you don’t recognize. 

  • CVE-2024-30103: Our last highlight for the month is CVE-2024-30103. This vulnerability affects everybody’s favorite email client, Outlook. Under the right conditions, an attacker could create malicious DLL files. Fortunately, this vulnerability requires the attacker to be authenticated using valid Exchange credentials. And if an attacker has valid Exchange credentials, you’ve probably got more than just this issue to worry about. 

Wrapping up

After all the mosquito bites I got over the weekend, I’m definitely pumped to squash some bugs, even if they’re only digital. Thankfully, we’ve got the tools to help. PDQ Detect can help you identify and prioritize vulnerabilities that impact your organization. Meanwhile, PDQ Connect and PDQ Deploy & Inventory can help patch and secure your devices. Sign up for your free trial today.

Now if you’ll excuse me, I’ve got some mosquito bites to scratch.

Loading...

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles

Dog drooling while reading content on laptop

What is remote device management?

GENERAL IT

Illustration of block with Powershell logo

How to use PowerShell switch statements

PRODUCT

Cartoon showing sysadmin fading into the background as AI projects a new, deepfake version of him that is pixelated.

AI and cybersecurity: From deepfakes to data poisoning

SECURITY