Windows 10: CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?

Discus and support CVE-2024-21302 - Any experience applying the opt-in policy, risk too high? in Windows 10 Gaming to solve the problem; Hello,I have reviewed the associated KB article regarding the vulnerability CVE-2024-21302:... Discussion in 'Windows 10 Gaming' started by MatthewFagan, Feb 3, 2025.

  1. MATTHEWFAGAN
    MatthewFagan Win User

    CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?


    Hello,I have reviewed the associated KB article regarding the vulnerability CVE-2024-21302: https://support.microsoft.com/en-us/topic/guidance-for-blocking-rollback-of-virtualization-based-security-vbs-related-security-updates-b2e7ebf4-f64d-4884-a390-38d63171b8d3Was wondering if anyone had any luck with implementing the opt-in policy? Based on the risk listed in the article it seems fairly high of causing disruptions to an organization due to boot loop scenario. The severity also seems low, even though it was used in a proof of concept exploit due to requiring local access and admin privileges

    :)
     
    MatthewFagan, Feb 3, 2025
    #1
  2. GERALD PERREIRA
    Gerald Perreira Win User

    security updates will not download cve-2024-30078

    windows update security will not download update CVE-2024-30078 and logofail update
     
    Gerald Perreira, Feb 3, 2025
    #2
  3. QUINTINMORGAN
    QuintinMorgan Win User
    Microsoft June 2024 Security Updates

    Is there any information on whether Microsoft will publish the following CVEs to the Security Update guide?

    CVE-2024-5830

    CVE-2024-5831

    CVE-2024-5832

    CVE-2024-5833

    CVE-2024-5834

    CVE-2024-5835

    CVE-2024-5836

    CVE-2024-5837

    CVE-2024-5838

    CVE-2024-5839

    CVE-2024-5840

    CVE-2024-5841

    CVE-2024-5842

    CVE-2024-5843

    CVE-2024-5844

    CVE-2024-5845

    CVE-2024-5846

    CVE-2024-5847
     
    QuintinMorgan, Feb 3, 2025
    #3
  4. NICK ADSL UK
    NICK ADSL UK Win User

    CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?

    Microsoft January 2024 Security Updates

    January 2024 Security Updates

    This release consists of the following 48 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

    SQL Server CVE-2024-0056

    .NET and Visual Studio CVE-2024-0057

    Windows Scripting CVE-2024-20652

    Windows Common Log File System Driver CVE-2024-20653

    Windows ODBC Driver CVE-2024-20654

    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20655

    Visual Studio CVE-2024-20656

    Windows Group Policy CVE-2024-20657

    Microsoft Virtual Hard Drive CVE-2024-20658

    Windows Message Queuing CVE-2024-20660

    Windows Message Queuing CVE-2024-20661

    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20662

    Windows Message Queuing CVE-2024-20663

    Windows Message Queuing CVE-2024-20664

    Windows BitLocker CVE-2024-20666

    .NET Core & Visual Studio CVE-2024-20672

    Windows Authentication Methods CVE-2024-20674

    Azure Storage Mover CVE-2024-20676

    Microsoft Office CVE-2024-20677

    Windows Message Queuing CVE-2024-20680

    Windows Subsystem for Linux CVE-2024-20681

    Windows Cryptographic Services CVE-2024-20682

    Windows Win32K CVE-2024-20683

    Windows Win32 Kernel Subsystem CVE-2024-20686

    Windows AllJoyn API CVE-2024-20687

    Windows Nearby Sharing CVE-2024-20690

    Windows Themes CVE-2024-20691

    Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-20692

    Windows Collaborative Translation Framework CVE-2024-20694

    Windows Libarchive CVE-2024-20696

    Windows Libarchive CVE-2024-20697

    Windows Kernel CVE-2024-20698

    Windows Hyper-V CVE-2024-20699

    Windows Hyper-V CVE-2024-20700

    Unified Extensible Firmware Interface CVE-2024-21305

    Microsoft Bluetooth Driver CVE-2024-21306

    Remote Desktop Client CVE-2024-21307

    Windows Kernel-Mode Drivers CVE-2024-21309

    Windows Cloud Files Mini Filter Driver CVE-2024-21310

    Windows Cryptographic Services CVE-2024-21311

    .NET Framework CVE-2024-21312

    Windows TCP/IP CVE-2024-21313

    Windows Message Queuing CVE-2024-21314

    Windows Server Key Distribution Service CVE-2024-21316

    Microsoft Office SharePoint CVE-2024-21318

    Microsoft Identity Services CVE-2024-21319

    Windows Themes CVE-2024-21320

    Microsoft Devices CVE-2024-21325

    We are republishing 5 non-Microsoft CVEs:

    CNA Tag CVE FAQs? Workarounds? Mitigations?

    MITRE Corporation SQLite CVE-2022-35737

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0222

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0223

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0224

    Chrome Microsoft Edge (Chromium-based) CVE-2024-0225

    Security Update Guide Blog Posts

    Date Blog Post

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To

    nstalls KB Article Title

    5034121 Windows 11, version 21H2

    5034122 Windows 10, version 21H2, Windows 10, version 22H2

    5034123 Windows 11, version 22H2, Windows 11, version 23H2

    5034127 Windows 10, version 1809, Windows Server 2019

    5034167 Windows Server 2008 R2 (Security-only update)

    5034169 Windows Server 2008 R2 (Monthly Rollup)

    5034173 Windows Server 2008 (Monthly Rollup)

    5034176 Windows Server 2008 (Security-only update)

    Released: Jan 9, 2024

    January 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Feb 3, 2025
    #4
Thema:

CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?

Loading...

  1. CVE-2024-21302 - Any experience applying the opt-in policy, risk too high? - Similar Threads - CVE 2024 21302

  2. When will CVE-2024-7264 be remediated?

    in Windows 10 Gaming
    When will CVE-2024-7264 be remediated?: This is affecting Windows 2019 server and no fix has been put out for months. What is the timeline on this?libcurl's ASN1 parser code has the `GTime2str` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might...

  3. When will CVE-2024-7264 be remediated?

    in Windows 10 Software and Apps
    When will CVE-2024-7264 be remediated?: This is affecting Windows 2019 server and no fix has been put out for months. What is the timeline on this?libcurl's ASN1 parser code has the `GTime2str` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might...

  4. CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?

    in Windows 10 Software and Apps
    CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?: Hello,I have reviewed the associated KB article regarding the vulnerability CVE-2024-21302: https://support.microsoft.com/en-us/topic/guidance-for-blocking-rollback-of-virtualization-based-security-vbs-related-security-updates-b2e7ebf4-f64d-4884-a390-38d63171b8d3Was wondering...

  5. security updates will not download cve-2024-30078

    in Windows 10 Software and Apps
    security updates will not download cve-2024-30078: windows update security will not download update CVE-2024-30078 and logofail update https://answers.microsoft.com/en-us/windows/forum/all/security-updates-will-not-download-cve-2024-30078/9dc409d8-c112-40e5-a279-c9cd6cb682f0

  6. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in Windows 10 Software and Apps
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  7. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in AntiVirus, Firewalls and System Security
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  8. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in Windows 10 Gaming
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  9. Applocker policy applied but not working

    in AntiVirus, Firewalls and System Security
    Applocker policy applied but not working: Hi,I created an applocker policy using default rules to test before applying to production. Enforcement is set to Enforce Rules. Application Identity service is also enabled from the policy.On windows 10 client GPRESULT shows the policy was applied and the Application...

  10. applying local group policy

    in Windows 10 Performance & Maintenance
    applying local group policy: Hi ive no experience applying group policy settings. What I'm hoping for is that I can have certain registry configurations applied cross all users. If I downloaded a registry.pol configuration, how do I apply this actually? So I've copied the file to...