CVE-2024-21334 and CVE-2024-21407 Headline Microsoft’s March 2024 Patch Tuesday

Share :

On March 12, 2024, Microsoft published their March 2024 security update with patches for 61 vulnerabilities. Among these, Arctic Wolf has highlighted 2 vulnerabilities in this bulletin that were categorized as critical and high severity. 

Impacted Product: Microsoft Open Management Infrastructure 

CVE-2024-21334  CVSS: 9.8 – Critical 

MS Severity: Important 

No Exploitation Detected 
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability – A remote, unauthenticated threat actor could potentially exploit this use-after-free vulnerability by accessing the OMI instance from the Internet and sending carefully crafted requests. 

Impacted Product: Microsoft Windows Hyper-V 

CVE-2024-21407  CVSS: 8.1 – High 

MS Severity: Critical 

No Exploitation Detected 
Windows Hyper-V Remote Code Execution (RCE) Vulnerability – Exploitation can occur if a threat actor gains authenticated access to a guest virtual machine (VM). The threat actor would then send specifically crafted file operation requests from the VM to the hardware resources of that VM. This could potentially lead RCE on the host server from which the VM is running. 

Recommendations for CVE-2024-21334 and CVE-2024-21407 

Recommendation: Apply Security Updates to Impacted Products 

Arctic Wolf strongly recommends applying the available security updates to all impacted products to prevent potential exploitation of these vulnerabilities. 

Affected and Fixed Products/Versions 

Product  Vulnerability  Reference Article  Update 
Open Management Infrastructure  CVE-2024-21334  Release Notes  Security Update 
System Center Operations Manager (SCOM) 2022  CVE-2024-21334  Release Notes  Security Update 
System Center Operations Manager (SCOM) 2019  CVE-2024-21334  Release Notes  Security Update 
Windows 10 for x64-based Systems  CVE-2024-21407  5035858  Security Update 
Windows 10 Version 1607 for x64-based Systems  CVE-2024-21407  5035855  Security Update 
Windows 10 Version 1809 for x64-based Systems  CVE-2024-21407  5035849  Security Update 
Windows 10 Version 21H2 for x64-based Systems  CVE-2024-21407  5035845  Security Update 
Windows 10 Version 22H2 for x64-based Systems  CVE-2024-21407  5035845  Security Update 
Windows 11 version 21H2 for ARM64-based Systems  CVE-2024-21407  5035854  Security Update 
Windows 11 version 21H2 for x64-based Systems  CVE-2024-21407  5035854  Security Update 
Windows 11 Version 22H2 for ARM64-based Systems  CVE-2024-21407  5035853  Security Update 
Windows 11 Version 22H2 for x64-based Systems  CVE-2024-21407  5035853  Security Update 
Windows 11 Version 23H2 for ARM64-based Systems  CVE-2024-21407  5035853  Security Update 
Windows 11 Version 23H2 for x64-based Systems  CVE-2024-21407  5035853  Security Update 
Windows Server 2012   CVE-2024-21407  5035930  Monthly Rollup 
Windows Server 2012 R2  CVE-2024-21407  5035885  Monthly Rollup 
Windows Server 2016  CVE-2024-21407  5035855  Security Update 
Windows Server 2019  CVE-2024-21407  5035849  Security Update 
Windows Server 2022  CVE-2024-21407  5035857 , 

5035959 

Security Update 
Windows Server 2022 23H2 Edition  CVE-2024-21407  5035856  Security Update 

 

Note: Please follow your organization’s patching and testing guidelines to avoid any operational impact. 

References 

See other important security bulletins from Arctic Wolf.

Andres Ramos

Andres Ramos

Andres Ramos is a Threat Intelligence Researcher at Arctic Wolf with a strong background in tracking emerging threats and producing actionable intelligence for both technical and non-technical stakeholders. He has a diverse background encompassing various domains of cyber security, holds a degree in Cybersecurity Engineering, and is a CISSP.
Share :
Table of Contents
Categories
Subscribe to our Monthly Newsletter