Always On VPN May 2024 Security Updates

Always On VPN RasMan Errors in Windows 10 1903

Once again, Microsoft has released its monthly security updates. For May 2024, there are several vulnerabilities in services related to Always On VPN that administrators will want to pay close attention to. Microsoft has identified known issues in the Routing and Remote Access Service (RRAS) and the Remote Access Connection Manager (RasMan) service for this release cycle.


This month, Microsoft published seven security fixes for vulnerabilities discovered in RRAS. All seven are Remote Code Execution (RCE) vulnerabilities rated Important. In addition, all vulnerabilities in RRAS require specific information about the environment for compromise, mitigating some of the exposure.









In addition to the updates for vulnerabilities in RRAS, Microsoft also released a security fix for issues identified in the Remote Access Connection Manager (RasMan) service. This update is marked Important but is not an RCE.



Although the vulnerabilities in RRAS are remotely exploitable, they will require specific information for an attacker to compromise. The risk of targeted attacks is lower than opportunistic ones, but administrators are still urged to update as soon as possible.

Additional Information

May 2024 Security Updates

Leave a comment

Leave a Reply

Discover more from Richard M. Hicks Consulting, Inc.

Subscribe now to keep reading and get access to the full archive.

Continue reading