The US enjoyed a long weekend last week as they celebrated Independence Day, marking the beginning of patch week. With the summer vacation season in full swing, many developers were out of the office, resulting in a relatively quiet month of June in terms of software updates. One notable event that took place was the June 2024 Patch Tuesday, which addressed 33 vulnerabilities for Windows 10 and associated servers, as well as 28 for Windows 11.
The critical updates were primarily focused on addressing the CVE-2024-30080 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Additionally, there were important updates for Microsoft Sharepoint Server, Office, and Office 365 product suites. Despite these updates, the main highlight for Microsoft in June was centered around previews.
Last month, the preview for Windows 11 24H2 was released in the Release Preview Channel in late May, only to be pulled on June 7 and re-released on June 15. The introduction of the AI-powered Recall feature alongside Copilot+ sparked conversations due to security and privacy concerns. As a result, the feature was delayed and shifted to the Windows Insider Program for further evaluation and feedback.
Microsoft faced another challenge when they temporarily pulled and re-released the Windows 11 preview update KB5039302 on June 25th, after it caused reboots on systems using virtualization such as Azure Virtual Desktop and VMware. The latest update will be blocked from installation on those devices until the issue is resolved, underscoring the value of the preview program.
One of the significant events in June was the US Department of Commerce’s ban on the sale of all Kaspersky Lab products in the US on June 20th. This decision marked the first implementation of the 2019 Executive Order on Securing the Information and Communications Technology and Services Supply Chain, citing concerns that Kaspersky, being a Russian company, could potentially compromise US security by sharing customer information with the Russian government. Therefore, all Kaspersky products must be removed from US companies and individuals by September 29th.
As a reminder, Microsoft released the final updates for Windows 10 21H2 Education and Enterprise editions last month, urging users to update to the latest version of Windows 10 or Windows 11 if their system requirements permit.
Looking ahead to the July 2024 Patch Tuesday forecast, expectations are high for a significant number of updates. Despite a slower month, updates for .NET framework and potentially a SQL Server update are anticipated. Adobe may release security updates for Acrobat and Reader, while Apple OS, Google Chrome, Mozilla Firefox, and Thunderbird may also receive updates around Patch Tuesday.
In conclusion, as the technology landscape continues to evolve, software updates and security measures play a crucial role in safeguarding systems and data. Stay tuned for the latest updates and developments in the tech industry.