Summary
July 2024 Patch Tuesday delivered 138 Microsoft vulnerabilities, nearly triple June's 49, with the volume climbing ahead of Black Hat and DEF CON as researchers push patches out before presenting. The standouts include a run of anonymously reported Microsoft SQL Server CVEs many rated 8.8, three Remote Desktop Licensing Service RCEs that could expose as many as two million endpoints, and a Windows Codecs Library RCE triggered by a malicious .TIFF file. Several flaws trace back to old, non-memory-safe code that researchers found by fuzzing legacy Windows: a Layer 2 Bridge Network RCE, three PowerShell privilege-escalation flaws, an OpenSSH 8.5 regression, and an RCE in the Xbox wireless adapter that puts work-from-home networks in scope.
)
)
)
)
)