Weekly Security Insights

February 20, 2024

Welcome to this week’s Jolera Security Insights update.

Every Tuesday, we’re here to update you on the latest vulnerabilities out in the wild.

As always, if you are already a Jolera customer or partner, you can engage with your relationship manager to ensure you and your clients are secure.

If you’d like assistance with patching vulnerabilities and securing your environment, you can use the form below. 

Microsoft Vulnerabilities

Here’s a summary of critical vulnerabilities affecting Microsoft products released on February 20, 2024.

We strongly recommend reviewing these vulnerabilities and applying the necessary security updates to protect your systems.

 

Release Date

 

Product

 

Impact

 

Max Severity

 

CVE Details

 

Build Number

Feb 20, 2024 Microsoft Dynamics 365 Business Central 2023 Release Wave 2 Information Disclosure Critical CVE-2024-21380 Application Build 23.4.15715, Platform Build 20.4.31592
Feb 20, 2024 Microsoft Exchange Server 2019 Cumulative Update 12 Elevation of Privilege Critical CVE-2024-21410 15.2.1544.004
Feb 20, 2024 Microsoft Exchange Server 2019 Cumulative Update 11 Elevation of Privilege Critical CVE-2024-21410 15.2.1544.004
Feb 20, 2024 Microsoft Exchange Server 2016 Cumulative Update 23 Elevation of Privilege Critical CVE-2024-21410 N/A
Feb 20, 2024 Microsoft Dynamics 365 Business Central 2022 Release Wave 2 Information Disclosure Critical CVE-2024-21380 Application Build 22.10.63195, Platform Build 19.10.40206

 

 

Release
Date

 

Product

 

Impact

 

Max
Severity

 

CVE
Details

 

Build
Number

Feb 20, 2024 Microsoft Dynamics 365 Business Central 2023 Release Wave 2 Information Disclosure Critical CVE-2024-21380 Application Build 23.4.15715, Platform Build 20.4.31592
Feb 20, 2024 Microsoft Exchange Server 2019 Cumulative Update 12 Elevation of Privilege Critical CVE-2024-21410 15.2.1544.004
Feb 20, 2024 Microsoft Exchange Server 2019 Cumulative Update 11 Elevation of Privilege Critical CVE-2024-21410 15.2.1544.004
Feb 20, 2024 Microsoft Exchange Server 2016 Cumulative Update 23 Elevation of Privilege Critical CVE-2024-21410 N/A
Feb 20, 2024 Microsoft Dynamics 365 Business Central 2022 Release Wave 2 Information Disclosure Critical CVE-2024-21380 Application Build 22.10.63195, Platform Build 19.10.40206

 

Other Vulnerabilities

Here’s a summary of critical vulnerabilities affecting Microsoft products released on February 20, 2024.

We strongly recommend reviewing these vulnerabilities and applying the necessary security updates to protect your systems.

Adobe_Corporate_logo

Adobe has released security updates for Commerce, Substance 3D Painter, Acrobat and Reader, and more.
Adobe Security Updates

Cisco Systems

Cisco released security updates for multiple products.
Cisco Security Updates

ExpressVPN-logo

ExpressVPN released a new version to remove the split-tunneling feature after it leaked DNS queries.
ExpressVPN Update

Fortinet Logo

Fortinet released security updates for a new FortiOS SSL VPN RCE, which is exploited in attacks, and two RCE flaws in FortiSIEM.
Fortinet RCE Flaw, FortiSIEM RCE Bugs

Google released the Android February 2024 security updates.
Android Security Bulletin

Ivanti_Logo_RGB_red

Ivanti released security updates for a new Connect Secure authentication bypass flaw.
Ivanti Update

JetBrains_beam_logo

JetBrains released security updates for a new critical authentication bypass vulnerability in TeamCity On-Premises.
JetBrains TeamCity Update

linux-logo

Linux distros release patches for new Shim bootloader code execution flaw.
Linux Shim Patch

mastodon-wordmark

Mastodon released a security update to fix a vulnerability that allows attackers to take over any remote account.
Mastodon Vulnerability

SAP_2011_logo

SAP has released its February 2024 Patch Day updates.
SAP Security Notes

Request Assistance

This comprehensive list includes the critical vulnerabilities and updates for various platforms and products.

We recommend reviewing these updates and applying the necessary patches to ensure your systems are secure.

Stay vigilant and proactive in managing your cybersecurity posture.

Solutions to Grow Your Business

We've got you covered with our comprehensive portfolio of solutions.

Cybersecuirty Solutions

Cyber Incident ​Response
Endpoint Detection and Response (EDR)
Extended Detection and Response (XDR)
Firewall Security
Mail Security
Penetration Testing Services
Security Baseline Assessment
User Defence
Vulnerability Detection Response (VDR)
Wi-Fi Security

Backup & Recovery Solutions

Hybrid Backup
Enterprise Backup
Mail Archiving

Public & Private Cloud Solutions

Azure Management and Monitoring
Microsoft 365 Administration
Private Cloud
Microsoft CSP

Helpdesk & Field Services Solutions

Professional Services & Consulting Solutions

Monitoring & Management Solutions

Hardware Maintenance Solutions

Application Management Services

Telco

VOICIS AI

Your partner in digital transformation

Helping the next generation of MSP and IT solution providers transform and grow.

businessmans handshake

Types of Partners

Managed Services Provider (MSP)

Internet Service Provider (ISP)

Value Added Reseller (VAR)

businessmans handshake

Partnership Overview

Jolera’s partner program offers flexibility to engage with us on your terms. We have spent more than two decades building award-winning best in class partner enablement and turnkey end-customer solutions for you.
progress

Partner Program

Jolera has three partner programs to choose from: Select, Preferred and Premier.

Learn about us and the legacy we have created

At Jolera, we treat each MSP partner with specialized care. With more than 20 years of IT experience, we offer the latest technology to navigate cloud, security, endpoint, and storage needs.

vintage pocket watch vintage background concept

About Us

Jolera is widely recognized as a global managed services leader. We started as managed services provider over 20 years ago and have been at the forefront of managed services innovation ever since.

progress

Our People

As a service provider our main goal is to make the customer happy. For that final goal, we need passionate and happy people working with us – Our People Are Our Biggest Asset.

progress

Our Leaders

We are performance driven at the core - tying together best of breed technology and industry leading expertise with pragmatic processes built to deliver outcomes.

Meet Our Leaders!