Resources

/

Podcasts

/

Patch Tuesday

May 2024 [April showers bring May Privilege Escalation Vulns]

Episode 07   Published May 14, 2024 21 minute watch

Patch Tuesday

Get the latest Patch Tuesday releases, mitigation tips, and learn about custom automations that can help you with CVE remediations.

Jason Kikta is the CTO of Automox

Host

Jason Kikta

Guest

Mat Lee

RECENT EPISODES

Best-In-Class Remote Control

CISA's BOD 26-04 Directive Explained

[Nothing Weaponized, Everything Exposed]

[AI Hits the Hat Trick], Ep. 32

View all episodes

Available wherever you get your podcasts

Youtube

Apple Podcasts

Spotify

Overcast

Pocket Casts

Amazon Music

Castro

Goodpods

Castbox

Podcast Addict

Player FM

Deezer

Summary

May 2024 Patch Tuesday landed light at 61 fixes, weighted toward privilege escalation rather than remote code execution. That mix matters because most compromises now start with a phished user. Flaws like CVE-2024-30033 (Windows Search Service) and CVE-2024-30018 (Windows kernel) are the second link in an exploit chain that turns a single user into full system or server control. Mat Lee and Jason Kikta also flagged CVE-2024-4671, a known-exploited Chrome use-after-free that can chain into a sandbox escape, and macOS Sonoma 14.5 memory and code-signing fixes that signal Apple is drawing more research scrutiny.

Takeaways

  1. May 2024 Patch Tuesday was a quiet month at 61 fixes, weighted toward elevation-of-privilege vulnerabilities rather than remote code execution.

  2. CVE-2024-30033, a Windows Search Service elevation-of-privilege bug, is notable because the search service indexes the entire system, giving it broad access an attacker can abuse to escalate.

  3. CVE-2024-30018 targets the Windows kernel itself, showing Windows is as exposed to low-level privilege escalation as Linux.

  4. CVE-2024-4671 is a Chrome use-after-free zero-day with a known exploit in the wild that can lead to a sandbox escape and remote code execution from a crafted web page. Update Chrome on every endpoint.

  5. macOS Sonoma 14.5 shipped heavy memory-handling fixes, including a Print Center flaw allowing code execution outside its sandbox and three Apple Mobile File Integrity fixes (two were downgrade issues needing added code-signing restrictions).

Topics

Patch Tuesday

See for yourself how policy-driven IT Automation saves time and eliminates risk.

Dive deeper into this topic

[Nothing Weaponized, Everything Exposed]

Podcast

Patch [Fix] Tuesday: June 2026

Breadth over severity, a developer toolchain under fire, and a...

[AI Hits the Hat Trick], Ep. 32

Podcast

Patch [Fix] Tuesday: May 2026

May 2026 Patch Tuesday covers two pre-auth network RCEs in core...