Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. September 2024 Monthly Patch
Monthly Patch

September 2024 Monthly Patch

11 September 2024

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2024-Sep

Critical Vulnerabilities

CVE Number

CVE Name

Base Score

Reference

CVE-2024-43491

Microsoft Windows Update Remote Code Execution Vulnerability

9.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-43491

CVE-2024-38220

Azure Stack Hub Elevation of Privilege Vulnerability

9.0

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-38220

CVE-2024-38018

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-38018

CVE-2024-38194

Azure Web Apps Elevation of Privilege Vulnerability

8.4

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-38194

CVE-2024-38216

Azure Stack Hub Elevation of Privilege Vulnerability

8.2

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-38216

CVE-2024-38119

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability

7.5

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-38119

CVE-2024-43464

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-43464

Back to top