All posts tagged routing and remote access service

Always On VPN Security Updates October 2024

Microsoft has released the October 2024 security updates, and numerous issues may impact Always On VPN administrators. Although many CVEs affect Always On VPN-related services that are Remote Code Execution (RCE) vulnerabilities, none are critical this cycle.

RRAS Updates

This month, Microsoft has provided 12 updates for the Windows Server Routing and Remote Access Service (RRAS), commonly deployed to support Always On VPN deployments. Most of these CVEs involve overflow vulnerabilities (heap and stack), input validation weaknesses, and buffer over-read and overflow vulnerabilities. All are rated important, and there are no known exploits currently.

CVE-2024-38212

CVE-2024-38261

CVE-2024-38265

CVE-2024-43453

CVE-2024-43549

CVE-2024-43564

CVE-2024-43589

CVE-2024-43592

CVE-2024-43593

CVE-2024-43607

CVE-2024-43608

CVE-2024-43611

Related Updates

In addition to the updates above, Microsoft also released fixes for security vulnerabilities in various related services that are important to Always On VPN administrators.

Windows Network Address Translation (NAT)

The following CVEs address denial of service vulnerabilities in the Network Address Translation (NAT) service.

CVE-2024-43562

CVE-2024-43565

Certificate Services

Always On VPN administrators will also find updates for CVEs affecting various certificate services-related components.

CVE-2024-43545OCSP Denial of Service Vulnerability

CVE-2024-43541Simple Certificate Enrollment Protocol (SCEP) Denial of Service Vulnerability

CVE-2024-43544Simple Certificate Enrollment Protocol (SCEP) Denial of Service Vulnerability

Recommendations

Always On VPN administrators are encouraged to update systems as soon as possible. However, since none of the CVEs is rated Critical, updates can be applied during standard update windows.

Additional Information

Microsoft October 2024 Security Updates

Leave a comment
by Richard M. Hicks on October 8, 2024  •  Permalink
Posted in Active Directory Certificate Services, AD CS, Always On VPN, AOVPN, Certificate Authentication, Certificate Authority, Certificate Services, certificates, CVE, Enterprise, enterprise mobility, Hotfix, Mobility, NDES, Network Device Enrollment Service, Network Device Enrollment Services, PKI, Remote Access, routing and remote access service, RRAS, SCEP, Security, Simple Certificate Enrollment Protocol, Update, Vulnerability, Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows Server 2025
Tagged , , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on October 8, 2024

https://directaccess.richardhicks.com/2024/10/08/always-on-vpn-security-updates-october-2024/

Always On VPN May 2024 Security Updates

Always On VPN RasMan Errors in Windows 10 1903

Once again, Microsoft has released its monthly security updates. For May 2024, there are several vulnerabilities in services related to Always On VPN that administrators will want to pay close attention to. Microsoft has identified known issues in the Routing and Remote Access Service (RRAS) and the Remote Access Connection Manager (RasMan) service for this release cycle.

RRAS

This month, Microsoft published seven security fixes for vulnerabilities discovered in RRAS. All seven are Remote Code Execution (RCE) vulnerabilities rated Important. In addition, all vulnerabilities in RRAS require specific information about the environment for compromise, mitigating some of the exposure.

CVE-2024-30009

CVE-2024-30014

CVE-2024-30015

CVE-2024-30022

CVE-2024-30023

CVE-2024-30024

CVE-2024-30029

RasMan

In addition to the updates for vulnerabilities in RRAS, Microsoft also released a security fix for issues identified in the Remote Access Connection Manager (RasMan) service. This update is marked Important but is not an RCE.

CVE-2024-30039

Recommendations

Although the vulnerabilities in RRAS are remotely exploitable, they will require specific information for an attacker to compromise. The risk of targeted attacks is lower than opportunistic ones, but administrators are still urged to update as soon as possible.

Additional Information

May 2024 Security Updates

Leave a comment
by Richard M. Hicks on May 14, 2024  •  Permalink
Posted in Always On VPN, AOVPN, enterprise mobility, Microsoft, Remote Access, routing and remote access service, RRAS, Security, Security Update, Update, VPN, Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022
Tagged , , , , , , , , , , ,

Posted by Richard M. Hicks on May 14, 2024

https://directaccess.richardhicks.com/2024/05/14/always-on-vpn-may-2024-security-updates/

Always On VPN April 2024 Security Updates

Microsoft has released its security updates for April 2024. This month, a few vulnerabilities are potentially impacting Always On VPN administrators. Specifically, three updates address issues with the Windows Server Routing and Remote Access Service (RRAS). In addition, vulnerabilities affect the Remote Access Connection Manager (RasMan) service, affecting both VPN servers and clients.

RRAS

Windows Server Routing and Remote Access (RRAS) has three security updates available this month. All three are Remote Code Execution (RCE) vulnerabilities but require user interaction to exploit the vulnerability. All three updates are rated as Important.

CVE-2024-26179

CVE-2024-26200

CVE-2024-26205

RasMan

In addition to the vulnerabilities in RRAS, Microsoft announced numerous updates for vulnerabilities discovered in the Remote Access Connection Manager (RasMan) service. These vulnerabilities are related to information disclosure via buffer overruns. These updates affect both Windows RRAS servers and Windows Always On VPN clients. All updates are rated as Important.

CVE-2024-26207

CVE-2024-26211

CVE-2024-26217

CVE-2024-26255

CVE-2024-28900

CVE-2024-28901

CVE-2024-28902

Recommendations

While none of these vulnerabilities are critical, Always On VPN administrators are urged to update their affected systems soon.

Additional Information

April 2024 Security Updates

6 Comments
by Richard M. Hicks on April 9, 2024  •  Permalink
Posted in Always On VPN, AOVPN, CVE, Enterprise, enterprise mobility, Hotfix, Infrastructure, Microsoft, Mobility, Operational Support, Remote Access, routing and remote access service, RRAS, Security, Security Update, Update, VPN, Vulnerability, Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022
Tagged , , , , , , , ,

Posted by Richard M. Hicks on April 9, 2024

https://directaccess.richardhicks.com/2024/04/09/always-on-vpn-april-2024-security-updates/

« Older Posts
Newer Posts »