Application Management and Patching

June 2024 Third-Party Patches

Topics: Application Management and Patching

Welcome to our monthly third-party patching roundup. This June, we’ve seen significant updates across various applications that play a crucial role in many IT environments. Here’s a comprehensive overview of June 2024 Third-Party Patches to help you stay on top of critical updates and ensure your systems remain secure.

Summary of June 2024 Third-Party Software Patches

According to Liquit Setup Store data, June 2024 brought 95 updates for vulnerable applications, addressing 101 vulnerabilities across 62 different applications. Timely application of these patches is vital for mitigating potential security risks.

Browser Security Updates

The majority of updates this month targeted popular open-source Chromium-based browsers, emphasizing their critical role in everyday operations.

  • Microsoft Edge for Business: Released four security patches, addressing 46 vulnerabilities with a peak CVSS score of 8.8.
  • Google Chrome for Business: Three updates resolving 26 vulnerabilities.
  • Opera One: One update that remediated seven vulnerabilities.
  • Mozilla Firefox and Firefox ESR: Updates addressing eight and 14 vulnerabilities respectively, both with a CVSS score of 8.8.
  • Brave Browser: Four updates fixing a total of 26 vulnerabilities, maintaining parity with other Chromium-based browsers.

Notable CVEs

CVE-2024-4671: This zero-day vulnerability impacts Google Chrome, Microsoft Edge, and potentially other Chromium-based browsers. If exploited, it could enable a remote attacker to execute arbitrary code on the affected system. Given the prevalence of zero-day vulnerabilities in popular browsers, it’s crucial to stay updated with security notifications from browser vendors. Often, there are mitigations or workarounds available before a patch is released, underscoring the importance of prompt action to maintain security.

Microsoft Security Updates

Significant patches were also rolled out for Microsoft applications, enhancing security across various tools:

  • Visual Studio (2017, 2019, 2022): A single update for all versions, addressing three security issues, with the most critical being CVE-2024-29187 (CVSS 7.3).
  • Microsoft 365 Apps: Updates across Current, Monthly Enterprise, and Semi-Annual Enterprise channels, resolving four vulnerabilities including the high-risk CVE-2024-30103 (CVSS 8.8).
  • Microsoft .NET SDK 8.0: Version 8.3.224.28002 addressed one security concern.

Third-Party Line-of-Business Application Patches

Several business-critical applications received important updates this month, including a notable vulnerability identified as CVE-2024-37051.

CVE-2024-37051: This vulnerability impacts the JetBrains GitHub plugin. Malicious content in a pull request to a GitHub project, handled by IntelliJ-based IDEs, could expose access tokens to a third-party host. While there is no confirmed evidence of active exploitation before its discovery and disclosure, it is crucial to follow JetBrains’ recommended actions to mitigate potential risks. For more details on recommended actions, please refer to JetBrains’ security update here.

  • Autodesk AutoCAD 2024: An update addressing 14 high-severity vulnerabilities.
  • OpenSSL and OpenSSL Light: Multiple updates across different versions (3.0 LTS, 3.1, 3.2, 3.3) addressing three vulnerabilities each.

Detailed Security Patch List

Here’s a detailed breakdown of updates for other significant software titles:

Product Branch Version Vulnerabilitiesremediated 
Apache Tomcat 9 Tomcat 9 0,376041667 
Autodesk AutoCAD 2024 AutoCAD 2024 update 2024.01.05 14 
Brave Browser Brave Browser  1.67.123 
Brave Browser Brave Browser  1.67.119 
Brave Browser Brave Browser  1.67.115 18 
CLion CLion 2023.1  2023.01.07 
CLion CLion 2023.2  2023.02.04 
CLion CLion 2023.3  2023.03.05 
CLion CLion 2024.1  2024.01.03 
DataGrip 2024.1 DataGrip 2024.1  2024.01.04 
DataSpell DataSpell 2023.3 2023.03.06 
DataSpell DataSpell 2024.1 2024.01.02 
Devolutions Remote Desktop Manager Remote Desktop Manager 2024.2.12.0 
Docker Desktop Docker Desktop  4.31.0.153195 
EnterpriseDB Corporation PostgreSQL 14 PostgreSQL 14  14.12.02 
EnterpriseDB Corporation PostgreSQL 15 PostgreSQL 15  15.07.02 
EnterpriseDB Corporation PostgreSQL 16 PostgreSQL 16  16.03.02 
GoLand 2023.1 GoLand 2023.1 2023.01.06 
GoLand 2023.2 GoLand 2023.2 2023.02.07 
GoLand 2023.3 GoLand 2023.3 2023.03.07 
GoLand 2024.1 GoLand 2024.1 2024.01.03 
Google Chrome for Business Chrome for Business  126.0.6478.127 
Google Chrome for Business Chrome for Business  126.0.6478.115 
Google Chrome for Business Chrome for Business  126.0.6478.57 18 
Google Go Programming Language 1.21 Go Programming Language 1.21  1.21.11 
Google Go Programming Language 1.22 Go Programming Language 1.22  1.22.04 
IntelliJ IDEA Community IntelliJ IDEA Community 2023.3  2023.03.07 
IntelliJ IDEA Community IntelliJ IDEA Community 2024.1  2024.01.03 
IntelliJ IDEA Community 2023.1 IntelliJ IDEA Community 2023.1  2023.01.07 
IntelliJ IDEA Community 2023.2 IntelliJ IDEA Community 2023.2  2023.02.07 
IntelliJ IDEA Ultimate IntelliJ IDEA Ultimate 2023.3  2023.03.07 
IntelliJ IDEA Ultimate IntelliJ IDEA Ultimate 2024.1  2024.01.03 
IntelliJ IDEA Ultimate 2023.1 IntelliJ IDEA Ultimate 2023.1  2023.01.07 
IntelliJ IDEA Ultimate 2023.2 IntelliJ IDEA Ultimate 2023.2  2023.02.07 
Microsoft .NET SDK 8.0 .NET SDK 8.0  8.3.224.28002 
Microsoft 365 Apps Microsoft 365 Apps – Business Retail Current Channel – Danish  2405 (Build 16.0.17628.20144) 
Microsoft 365 Apps Microsoft 365 Apps – Business Retail Monthly Enterprise Channel – Dutch  2404 (Build 16.0.17531.20190) 
Microsoft 365 Apps Microsoft 365 Apps – Business Retail Semi-Annual Enterprise Channel – Dutch  2308 (Build 16.0.16731.20716) 
Microsoft Edge Beta Microsoft Edge Beta  126.0.2592.68 
Microsoft Edge Beta Microsoft Edge Beta  126.0.2592.56 32 
Microsoft Edge for Business Microsoft Edge for Business  126.0.2592.81 
Microsoft Edge for Business Microsoft Edge for Business  126.0.2592.68 
Microsoft Edge for Business Microsoft Edge for Business  126.0.2592.56 32 
Microsoft Edge for Business Microsoft Edge for Business  125.0.2535.85 
Microsoft Edge Webview2 Runtime Microsoft Edge Webview2 Runtime  126.0.2592.81 
Microsoft Edge Webview2 Runtime Microsoft Edge Webview2 Runtime  125.0.2535.85 
Microsoft Visual Studio 2017 Enterprise Microsoft Visual Studio 2017 Enterprise 15.9.34930.103 
Microsoft Visual Studio 2019 Community Microsoft Visual Studio 2019 Community 16.11.34931.43 
Microsoft Visual Studio 2019 Enterprise Microsoft Visual Studio 2019 Enterprise 16.11.34931.43 
Microsoft Visual Studio 2019 Enterprise Microsoft Visual Studio 2019 Enterprise 16.11.34931.43 
Microsoft Visual Studio 2019 Professional Microsoft Visual Studio 2019 Professional 16.11.34931.43 
Microsoft Visual Studio 2019 Professional Microsoft Visual Studio 2019 Professional 16.11.34931.43 
Microsoft Visual Studio 2022 Community Microsoft Visual Studio 2022 Community 17.10.35004.147 
Microsoft Visual Studio 2022 Enterprise Microsoft Visual Studio 2022 Enterprise (Current) 17.10.35004.147 
Microsoft Visual Studio 2022 Enterprise Microsoft Visual Studio 2022 Enterprise (LTSC 17.4) 17.4.34931.60 
Microsoft Visual Studio 2022 Enterprise Microsoft Visual Studio 2022 Enterprise (LTSC 17.6) 17.6.34931.59 
Microsoft Visual Studio 2022 Enterprise Microsoft Visual Studio 2022 Enterprise (LTSC 17.8) 17.8.34931.61 
Microsoft Visual Studio 2022 Professional Microsoft Visual Studio 2022 Professional (Current) 17.10.35004.147 
Microsoft Visual Studio 2022 Professional Microsoft Visual Studio 2022 Professional (LTSC 17.4) 17.4.34931.60 
Microsoft Visual Studio 2022 Professional Microsoft Visual Studio 2022 Professional (LTSC 17.6) 17.6.34931.59 
Microsoft Visual Studio 2022 Professional Microsoft Visual Studio 2022 Professional (LTSC 17.8) 17.8.34931.61 
Microsoft Visual Studio Feedback Client 2017 Microsoft Visual Studio Feedback Client 2017 15.9.34930.103 
Microsoft Visual Studio Team Explorer 2017 Microsoft Visual Studio Team Explorer 2017 15.9.34930.103 
Microsoft Visual Studio Team Explorer 2019 Microsoft Visual Studio Team Explorer 2019 16.11.34931.43 
Microsoft Visual Studio Team Explorer 2022 Microsoft Visual Studio Team Explorer 2022 17.10.35004.147 
Mozilla Firefox Firefox (African)  127.00.00 14 
Mozilla Firefox ESR 115 Firefox ESR 115 (African)  115.12.00 
Mozilla Thunderbird Thunderbird (African)  115.12.00 
Obsidian Obsidian  (Device) 1.06.02 
Obsidian Obsidian  (User) 1.06.02 
OpenSSL OpenSSL 3.0 LTS  3.00.14 
OpenSSL OpenSSL 3.1  3.01.06 
OpenSSL OpenSSL 3.2  3.02.02 
OpenSSL Light OpenSSL Light 3.0 LTS  3.00.14 
OpenSSL Light OpenSSL Light 3.1  3.01.06 
OpenSSL Light OpenSSL Light 3.2  3.02.02 
OpenSSL Light OpenSSL Light 3.3  3.03.01 
OpenVPN OpenVPN  2.6.11 (2.6.1101) 
Opera One Opera One  111.0.5168.25 
Pale Moon Pale Moon  33.02.00 
pgAdmin 4 pgAdmin 4 8.09 
PhpStorm PhpStorm  2024.01.03 
PyCharm Community PyCharm Community 2023  2023.03.06 
PyCharm Community PyCharm Community 2024  2024.01.03 
PyCharm Professional PyCharm Professional 2023  2023.03.06 
PyCharm Professional PyCharm Professional 2024  2024.01.03 
Python 3.12 Python 3.12  3.12.4150.0 
RubyMine 2023 RubyMine 2023.1  2023.01.07 
RubyMine 2023 RubyMine 2023.2  2023.02.07 
RubyMine 2023 RubyMine 2023.3  2023.03.07 
RubyMine 2024 RubyMine 2024.1  2024.01.03 
TeamCity TeamCity 2024.03.03 
Waterfox Waterfox G6.0.16 
Webstorm 2023.1 WebStorm 2023.1  2023.01.06 
Webstorm 2023.2 WebStorm 2023.2  2023.02.07 
WebStorm 2023.3 WebStorm 2023.3  2023.03.07 
WebStorm 2024.1 WebStorm 2024.1  2024.01.04 

Conclusion: June 2024 Third-Party Patches

Staying up to date with your third-party patches is essential for safeguarding your IT environment against threats. These updates address critical vulnerabilities across a wide range of applications, ensuring your systems remain both secure and stable. Prioritize applying these patches to maintain the integrity and security of your network.

Learn more about the importance of third-party patching by reading the eBook Reduce Your Attack Footprint. Also, check out our July 2024 Microsoft Patch Tuesday post here.

Back to Top