CVE-2024-30091
published 2024-06-11CVE-2024-30091: Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
4.26%
89.8th percentile
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20680 | 10.0.10240.20680 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.7070 | 10.0.14393.7070 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.5936 | 10.0.17763.5936 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.5936 | 10.0.17763.5936 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.4529 | 10.0.19044.4529 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.4529 | 10.0.19045.4529 |
| microsoft | windows_11_version_21h2 | >= 10.0.22000.0 < 10.0.22000.3019 | 10.0.22000.3019 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.3737 | 10.0.22621.3737 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.3737 | 10.0.22631.3737 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.3737 | 10.0.22631.3737 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27170 | 6.1.7601.27170 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.22720 | 6.0.6003.22720 |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.24919 | 6.2.9200.24919 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22023 | 6.3.9600.22023 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.7070 | 10.0.14393.7070 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.5936 | 10.0.17763.5936 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.2527 | 10.0.20348.2527 |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_21h2 | — | — |
| msrc | windows_10_version_22h2 | — | — |
| msrc | windows_11_version_21h2 | — | — |
| msrc | windows_11_version_22h2 | — | — |
| msrc | windows_11_version_23h2 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvelistv57.8HIGH
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CVEList
Win32k Elevation of Privilege Vulnerability
cvelistv5·2024-06-11·CVSS 7.8
CVE-2024-30091 [HIGH] CWE-122 Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Microsoft
Win32k Elevation of Privilege Vulnerability
vendor_msrc·2024-06-11·CVSS 7.8
CVE-2024-30091 [HIGH] CWE-122 Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability?
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Windows Win32K - GRFX: Windows Win32K - GRFX
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5039217
Reference: https://support.microsoft.com/help/5039217
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5039227
Reference: https://support.microsoft.com/help/5039227
Reference: https://catalog.update.microsoft.com/v7/site/Search.
No detection rules found.
No public exploits indexed.
Tenable
Microsoft’s June 2024 Patch Tuesday Addresses 49 CVEs
blogs_tenable·2024-06-11
Microsoft’s June 2024 Patch Tuesday Addresses 49 CVEs
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Trendmicro
The June 2024 Security Update Review
blogs_trendmicro·2024-06-11
The June 2024 Security Update Review
# The June 2024 Security Update Review
Get the June 2024 security update and review.
By: Dustin Childs
2024/06/11
Read time: ( words)
Save to Folio
Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for June 2024
For June, Adobe released 10 patches addressing 165(!) CVEs in Adobe Cold Fusion, Photoshop, Experience Manager, Audition, Media Encoder, FrameMaker Publishing Server, Adobe Commerce, Substance 3D Stager, Creative Cloud Desktop, and Acrobat Android. The fix for Experience Ma
Qualys
Microsoft & Adobe June 2024 Patch Tuesday: Critical Updates & Fixes | Qualys
blogs_qualys·2024-06-11
Microsoft & Adobe June 2024 Patch Tuesday: Critical Updates & Fixes | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for June 2024
- Adobe Patches for June 2024
- Zero-day Vulnerability Patched in June Patch Tuesday Edition
- Critical Severity Vulnerability Patched in June Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
- Rapid Response withPatch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
- Qualys Monthly Webinar Series
Microsoft’s June Patch Tuesday is here, bringing fixes for vulnerabilities impacting its multiple products. This month’s release highlights the ongoing battle against cybersecurity threats, from critical updates to important fixes. Let’s dive into the crucial
Qualys
Microsoft and Adobe Patch Tuesday, June 2024 Security Update Review
blogs_qualys·2024-06-11
Microsoft and Adobe Patch Tuesday, June 2024 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for June 2024
Adobe Patches for June 2024
Zero-day Vulnerability Patched in June Patch Tuesday Edition
Critical Severity Vulnerability Patched in June Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
Rapid Response withPatch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
Qualys Monthly Webinar Series
Microsoft’s June Patch Tuesday is here, bringing fixes for vulnerabilities impacting its multiple products. This month’s release highlights the ongoing battle against cybersecurity threats, from critical updates to important fixes. Let’s dive into the crucial insights fro
Talos
Only one critical issue disclosed as part of Microsoft Patch Tuesday
blogs_talos·2024-06-11·CVSS 8.0
CVE-2024-30080 [HIGH] Only one critical issue disclosed as part of Microsoft Patch Tuesday
Microsoft released its monthly security update Tuesday, disclosing 49 vulnerabilities across its suite of products and software.
Of those there is only one critical vulnerability. Every other security issues disclosed this month is considered "important."
The lone critical security issue is CVE-2024-30080, a remote code execution vulnerability due to a use-after-free (UAF) issue in the HTTP handling function of Microsoft Message Queuing (MSMQ) messages.
An adversary can send a specially crafted malicious MSMQ packet to an MSMQ server, potentially allowing them to perform remote code execution on the server side. Microsoft considers this vulnerability “more likely” to be exploited.
There is also a remote code execution vulnerability in Microsoft Outlook, CVE-2024-30103. By successfully
Trendmicro
The June 2024 Security Update Review
blogs_trendmicro·2024-06-11
The June 2024 Security Update Review
## The June 2024 Security Update Review
Get the June 2024 security update and review.
By: Dustin Childs 2024/06/11 Read time: ( words)
Save to Folio
Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for June 2024
For June, Adobe released 10 patches addressing 165(!) CVEs in Adobe Cold Fusion, Photoshop, Experience Manager, Audition, Media Encoder, FrameMaker Publishing Server, Adobe Commerce, Substance 3D Stager, Creative Cloud Desktop, and Acrobat Android. The fix for Experience Ma
Talos
Only one critical issue disclosed as part of Microsoft Patch Tuesday
blogs_talos·2024-06-11·CVSS 8.0
CVE-2024-30080 [HIGH] Only one critical issue disclosed as part of Microsoft Patch Tuesday
## Only one critical issue disclosed as part of Microsoft Patch Tuesday
Microsoft released its monthly security update Tuesday, disclosing 49 vulnerabilities across its suite of products and software.
Of those there is only one critical vulnerability. Every other security issues disclosed this month is considered "important."
The lone critical security issue is CVE-2024-30080 , a remote code execution vulnerability due to a use-after-free (UAF) issue in the HTTP handling function of Microsoft Message Queuing (MSMQ) messages.
An adversary can send a specially crafted malicious MSMQ packet to an MSMQ server, potentially allowing them to perform remote code execution on the server side. Microsoft considers this vulnerability “more likely” to be exploited.
There is also a remote code exec
Zscaler
Zscaler protects against 5 new vulnerabilities | 06-11-2024
blogs_zscaler·CVSS 7.8
[HIGH] Zscaler protects against 5 new vulnerabilities | 06-11-2024
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2024-06-11
Published