{"id":55957,"date":"2024-07-10T10:30:20","date_gmt":"2024-07-10T09:30:20","guid":{"rendered":"https:\/\/www.n-able.com\/?p=55957"},"modified":"2024-07-11T11:01:41","modified_gmt":"2024-07-11T10:01:41","slug":"patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications","title":{"rendered":"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications"},"content":{"rendered":"

It\u2019s not only the summer heat that\u2019s causing system administrators to sweat this month. July sees Microsoft releasing fixes to address 142 vulnerabilities! Alongside the increased number of vulnerabilities versus the previous month, there are also two vulnerabilities Under Active Exploitation that have the potential to keep security and operation teams busy. One of these zero days vulnerabilities Under Exploit has a huge footprint as if affects all versions since Windows 2008 R2, and the second affects Windows Hyper-V so it has the potential to affect mission critical assets.<\/span><\/p>\n

However, of perhaps even greater importance is an issue highlighted by Kevin Beaumont in a LinkedIn post<\/span><\/a> that highlights data breach notifications from Microsoft concerning Microsoft 365 customer data. In short, if you use Microsoft 365 you should be searching for any emails from mbsupport@microsoft.com<\/span><\/a> across all tenants.<\/span><\/p>\n

Microsoft Vulnerabilities<\/span><\/h2>\n

For the 142 vulnerabilities that have received fixes this month four of them are previously undisclosed zero day vulnerabilities, with two of them Under Active Exploitation. The five critical vulnerabilities addressed this month are all RCEs. While none of these vulnerabilities carry any catchy celebrity names, they all represent significant risks that should make them priority items.<\/span><\/p>\n

The two Actively Exploited zero-days\u2014CVE-2024-38080<\/span><\/a> Windows Hyper-V Elevation of Privilege Vulnerability and CVE-2024-38112<\/span><\/a> Windows MSHTML Platform Spoofing Vulnerability\u2014should be trivial to deal with as they can both be addressed by applying either CUs or Security Updates for affected systems.<\/span><\/p>\n

CVE-2024-38080 only affects Windows Server 2022 and Windows 11 and the effort to address this vulnerability boils down to applying KB5040438<\/span><\/a>, KB5040442<\/span><\/a>, KB5040431<\/span><\/a>, or KB5040437<\/span><\/a>, which should make this vulnerability easy for teams to address.<\/span><\/p>\n

CVE-2024-38112 affects a much larger install base of Windows systems. All Windows systems from Windows Server 2008 and forward are affected by this vulnerability. Information about this vulnerability is currently sparse. Microsoft only mentions that the vulnerability requires an attacker to take pre-stage actions on a system before the vulnerability can be leveraged, but once a system is prepped the vulnerability can be exploited with a malicious file that would be executed on the endpoint. Since details are so sparce this could also mean that some systems have already been configured in such a way that they are susceptible to the vulnerability. The lack of details and the fact that this vulnerability is currently being exploited should make any defenders a little uneasy, however the good news is that the fix is only a patch away.<\/span><\/p>\n

The other two zero-days that are not currently under exploitation are CVE-2024-35264<\/span><\/a> .NET and Visual Studio Remote Code Execution and CVE-2024-37985<\/span><\/a> which affects Windows 11 ARM based systems. The much smaller deployment base than the two actively exploited zero-days means these two may not get much initial attention, but as with any vulnerability you will still need to perform appropriate risk evaluations and apply fixes in a timely manner.<\/span><\/p>\n

Did You Check Your Email? No, the Other Email.<\/span><\/h2>\n

It is super important to know how any vendors you interact with will provide notifications of data breaches. Will it be a phone call, an email, or certified letter? Knowing where to look for these notifications is just part of having your processes and procedures figured out and documented. But those channels of communication aren\u2019t always one hundred percent reliable. \u00a0<\/span><\/p>\n

The notification process for alerting M365 customers that they were subject to the Midnight Blizzard data breach ran into some issues this June and July. The apparent issue failure was due to Microsoft not providing notifications in the portal and relying only on sending notification emails to tenant admins, which don\u2019t always have mailboxes setup and are often unmonitored.<\/span><\/p>\n

It\u2019s recommended you search your incoming mail archive or any catch-all addresses for any emails from mbsuppport@microsoft.com<\/span><\/a> since Microsoft initial disclosed the Midnight Blizzard breach in March.<\/span><\/p>\n

Microsoft Patch Tuesday Vulnerability Prioritization<\/h2>\n

Addressing vulnerabilities effectively requires a mix of adhering to established best practices and leveraging informed judgment. While it\u2019s a natural instinct to rank vulnerabilities with critical severity ratings higher on the list of things that need to be addressed, relying on severity ratings alone can be limiting. An often-overlooked component is temporal metrics, which provide a measure of the window of vulnerability\u2014the time from initial vulnerability discovery to the availability and application of the patch. This is essential as the longer a vulnerability exists without a fix, the greater the potential for exploitation. By integrating temporal metrics into the risk evaluation process, organizations can gain a more comprehensive understanding of the threat landscape and potential attack vectors, ensuring that they don\u2019t leave themselves open to unnecessary risks.<\/p>\n

Table Key:\u00a0Severity:\u00a0C = Critical, I = Important, M = Moderate, R = Re-issue;\u00a0Status: EML = Exploitation More Likely, ELL = Exploitation Less Likely, ED = Exploitation Detected,\u00a0EU = Exploitation Unlikely, N\/A = Not Available<\/em><\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
\n

CVE Number<\/b><\/span><\/p>\n<\/td>\n

\n

CVE Title<\/b><\/span><\/p>\n<\/td>\n

\n

Severity<\/b><\/span><\/p>\n<\/td>\n

\n

Status<\/b><\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38112<\/a><\/span><\/p>\n<\/td>\n

\n

Windows MSHTML Platform Spoofing Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

ED<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38080<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Hyper-V Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

ED<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-24932<\/a><\/span><\/p>\n<\/td>\n

\n

Secure Boot Security Feature Bypass Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

ED<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38076<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38074<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38077<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38060<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Imaging Component Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38023<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft SharePoint Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38099<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Remote Desktop Licensing Service Denial of Service Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38094<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft SharePoint Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38079<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Graphics Component Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38066<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38052<\/a><\/span><\/p>\n<\/td>\n

\n

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38021<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Outlook Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38100<\/a><\/span><\/p>\n<\/td>\n

\n

Windows File Explorer Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38085<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Graphics Component Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38059<\/a><\/span><\/p>\n<\/td>\n

\n

Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38054<\/a><\/span><\/p>\n<\/td>\n

\n

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-38024<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft SharePoint Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2024-39684<\/a><\/span><\/p>\n<\/td>\n

\n

Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

M<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Summary<\/h2>\n

As always make sure you have established patching processes for evaluation, testing and pushing into production. If you have traditionally only dealt with patches by applying them based on their severity consider including prioritization of patches for Zero-Days, Exploitation Detected and Exploitation More Likely vulnerabilities in your\u00a0Patch Management\u00a0routines.<\/p>\n

Looking for more blogs on patching, or looking for previous Microsoft Patch Tuesday Reviews, then check out\u00a0the <\/b>Patch Management section of our blog<\/b><\/span><\/a>.<\/b><\/span><\/p>\n

Lewis Pope is the Head Security Nerd at N\u2011able. You can follow him on Twitter:\u00a0<\/i>@cybersec_nerd<\/i><\/span><\/a><\/span><\/p>\n

LinkedIn:\u00a0<\/i>thesecuritypope<\/i><\/span><\/a><\/span><\/p>\n

Twitch:\u00a0<\/i>cybersec_nerd<\/i><\/span><\/a>\u00a0<\/i><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

May\u2019s Microsoft Patch Tuesday addresses 142 vulnerabilities, with two known to be in active use. Plus notifications of a major Exchange breach. Lewis Pope investigates.<\/p>\n","protected":false},"author":62,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-55957","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"\nPatch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications - N-able<\/title>\n<meta name=\"description\" content=\"July\u2019s Microsoft Patch Tuesday addresses 142 vulnerabilities, with two known to be in active use. Plus a details of a major Exchange breach.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications - N-able\" \/>\n<meta property=\"og:description\" content=\"July\u2019s Microsoft Patch Tuesday addresses 142 vulnerabilities, with two known to be in active use. Plus a details of a major Exchange breach.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-10T09:30:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-11T10:01:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2501\" \/>\n\t<meta property=\"og:image:height\" content=\"1309\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Lewis Pope\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lewis Pope\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"5\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications\"},\"author\":{\"name\":\"Lewis Pope\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\"},\"headline\":\"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications\",\"datePublished\":\"2024-07-10T10:30:20+01:00\",\"dateModified\":\"2024-07-11T10:01:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications\"},\"wordCount\":1147,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications\",\"name\":\"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"datePublished\":\"2024-07-10T10:30:20+01:00\",\"dateModified\":\"2024-07-11T10:01:41+00:00\",\"description\":\"July\u2019s Microsoft Patch Tuesday addresses 142 vulnerabilities, with two known to be in active use. Plus a details of a major Exchange breach.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Head Nerds\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/head-nerds-de\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\",\"name\":\"Lewis Pope\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"caption\":\"Lewis Pope\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications - N-able","description":"July\u2019s Microsoft Patch Tuesday addresses 142 vulnerabilities, with two known to be in active use. Plus a details of a major Exchange breach.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications","og_locale":"de_DE","og_type":"article","og_title":"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications - N-able","og_description":"July\u2019s Microsoft Patch Tuesday addresses 142 vulnerabilities, with two known to be in active use. Plus a details of a major Exchange breach.","og_url":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2024-07-10T09:30:20+00:00","article_modified_time":"2024-07-11T10:01:41+00:00","og_image":[{"width":2501,"height":1309,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png","type":"image\/png"}],"author":"Lewis Pope","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"Lewis Pope","Gesch\u00e4tzte Lesezeit":"5\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications"},"author":{"name":"Lewis Pope","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae"},"headline":"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications","datePublished":"2024-07-10T10:30:20+01:00","dateModified":"2024-07-11T10:01:41+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications"},"wordCount":1147,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications","url":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications","name":"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"datePublished":"2024-07-10T10:30:20+01:00","dateModified":"2024-07-11T10:01:41+00:00","description":"July\u2019s Microsoft Patch Tuesday addresses 142 vulnerabilities, with two known to be in active use. Plus a details of a major Exchange breach.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/patch-tuesday-july-2024-two-active-exploitations-and-exchange-data-breach-notifications#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Head Nerds","item":"https:\/\/www.n-able.com\/de\/blog\/category\/head-nerds-de"},{"@type":"ListItem","position":2,"name":"Patch Tuesday July 2024: Two Active Exploitations and Exchange Data Breach Notifications"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae","name":"Lewis Pope","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","caption":"Lewis Pope"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/55957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=55957"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/55957\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=55957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}