Service Notices
Microsoft Releases March 2024 Security Updates
Mar 14, 2024 GMT+08:00
I. Overview
Microsoft has released its March 2024 Security Updates. A total of 59 security vulnerabilities have been disclosed, among which 2 are marked as important vulnerabilities. Attackers can exploit these vulnerabilities to implement remote code execution, privilege escalation, and security feature bypass. The affected applications include Microsoft Windows, Microsoft Office, Azure and .NET.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar
6 vulnerabilities (such as CVE-2024-21437, CVE-2024-26170, and CVE-2024-26182) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Azure, .NET, and other products.
IV. Vulnerability Details
CVE No. |
Vulnerability |
Severity |
Description |
CVE-2024-21407 |
Windows Hyper-V Remote Code Execution Vulnerability |
Important |
An authenticated attacker on a guest VM could exploit the vulnerability by sending specially crafted file operation requests to hardware resources on the VM. Successful exploitation of the vulnerability can cause remote code execution on the target system. |
CVE-2024-21408 |
Windows Hyper-V Denial of Service Vulnerability |
Important |
Successful exploitation of this vulnerability will allow attackers to perform denial of service (DoS) attacks on Hyper-V hosts. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.