Third Party Patching

July 2024 Third-Party Patches

Topics: Third Party Patching

In July 2024, the Liquit Setup Store received updates for 93 applications. This count includes multiple major versions for certain applications. For example, there are 3 updated major versions for Oracle Java SE Development Kit: 17, 21 and 22. In total, there were 135 updates released for these applications during the last month. This means that multiple applications were updated more than once. The updates remediated 164 vulnerabilities in total. 

Notable Vulnerabilities in July 2024 Third-Party Patches

Vulnerability severities vary from low to critical. The vulnerabilities with a critical severity rating include Docker Desktop (CVE-2024-41110 with a CVSS score of 9.09) and VMware Workstation Pro 17 (CVE-2024-22268 and CVE-2024-22267, both with a CVSS score of 9.03). Autodesk AutoCAD, with major versions 2022, 2023, and 2025, received patches for the highest number of vulnerabilities. Their extensive security update addressed 41 vulnerabilities. 

Detailed Analysis of Critical Vulnerabilities 

CVE-2024-41110, a security vulnerability, was discovered in certain versions of Docker Engine. This vulnerability could allow unauthorized access under specific conditions, although the likelihood is considered low. Even though this problem was solved in an update in January 2019, it wasn’t included in later major versions. You can read more about this on Docker’s website. Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker 

A critical heap buffer-overflow vulnerability, identified as CVE-2024-22268, has been reported in the Shader functionality of VMware Workstation and Fusion. This flaw could potentially allow a malicious entity with regular user privileges on a virtual machine with 3D graphics enabled to trigger a denial of service. Stakeholders are advised to consult Broadcom’s security advisory for detailed information and mitigation strategies. Support Content Notification – Support Portal – Broadcom support portal 

Second critical use-after-free vulnerability CVE-2024-22267 has been identified in VMware Workstation and Fusion’s vbluetooth device. This flaw could potentially allow a malicious entity with administrative access to a virtual machine to execute arbitrary code in the context of the host’s VMX process. Users are advised to review their systems and apply updates promptly to mitigate this security risk. Support Content Notification – Support Portal – Broadcom support portal 

Browser Security Updates in July 2024 

Chromium based browsers are known the be updated very frequently. Google Chrome released 6 updates during July. These updates included a remediation for 50 vulnerabilities. Microsoft Edge was updated three times during July and these updates remediated 35 vulnerabilities in total. Opera One was updated only once fixing 4 vulnerabilities. Mozilla Firefox and Mozilla Firefox ESR were updated once remediating 16 and 5 vulnerabilities. Brave Browser was updated twice patching total of 14 vulnerabilities.  

July 2024 Third-Party Patches

Microsoft Product Updates Included in July 2024 Third-Party Patches

In addition to Edge, Microsoft released updates for the following product families. 

  • Microsoft .NET Runtime  
  • Microsoft .NET SDK 
  • Microsoft 365 Apps 
  • Microsoft ASP.NET Core Runtime  
  • Microsoft ASP.NET Core Runtime Hosting Bundle 
  • Microsoft Azure CLI 
  • Microsoft Azure Kubelogin 
  • Microsoft Azure PowerShell 
  • Microsoft OLE DB Driver for SQL Server 
  • Microsoft SQL Server Management Studio 20 
  • Microsoft Visual Studio 2022  
  • Microsoft Visual Studio Team Explorer 2022 
  • Microsoft Windows Desktop Runtime  

Key Third-Party Line-of-Business Application Patches 

Multiple versions of Java products are vulnerable, including but not limited to: Amazon Corretto JDK/JRE, Azul Zulu JDK/JRE, BellSoft Corporation Liberica JDK/JRE, Eclipse Temurin JDK/JRE, Oracle Java Runtime Environment Version 8, Oracle Java SE Development Kit, and Red Hat OpenJDK/JRE. See Oracle’s security advisory for more information. Oracle Critical Patch Update Advisory – July 2024  

AutoCAD products were heavily patched during July. Please see for more information in their advisories. adsk-sa-2024-0009 (autodesk.com) and adsk-sa-2024-0010 (autodesk.com) 

5 vulnerabilities was patched in the latest patch for Jetbrains Teamcity. See more information in. Fixed security issues (jetbrains.com) 

Calibre by Kovid Goyal remediated 4 vulnerabilities in their patch in July. See for more information in  Advisories | STAR Labs.  

Detailed List of July 2024 Third-Party Patches

For complete list of applications, versions and remediated vulnerabilities see the following list generated by using Setup Store data.  

Product Version Vulnerabilities remediated 
Amazon Corretto JDK 11 11.0.24.8.1 
Amazon Corretto JDK 17 17.0.12.7.1 
Amazon Corretto JDK 21 21.0.4.7.1 
Amazon Corretto JDK 22 22.0.2.9.1 
Amazon Corretto JDK 8 8.422.05.1 
Amazon Corretto JRE 8 8.422.05.1 
Autodesk AutoCAD 2022 84,25075231 41 
Autodesk AutoCAD 2023 84,29243056 41 
Autodesk AutoCAD 2025 84,37569444 41 
Zulu JDK 11 (LTS) 0,509895833 
Zulu JDK 17 (LTS) 0,744641204 
Zulu JDK 21 (LTS) 0,900196759 
Zulu JDK 22 (STS) 22.32.15.0 
Zulu JDK 8 (LTS) 8.80.0.17 
Zulu JRE 11 (LTS) 0,509895833 
Zulu JRE 17 (LTS) 0,744641204 
Zulu JRE 21 (LTS) 0,900196759 
Zulu JRE 22 (STS) 22.32.15.0 
Zulu JRE 8 (LTS) 8.80.0.17 
balena CLI 0,751550926 
Liberica JDK 11.0.23.10 
Liberica JDK 11.0.24.9 
Liberica JDK 17.0.12.10 
Liberica JDK 8.0.422.6 
Liberica JRE 8.0.412.9 
Liberica JRE 8.0.422.6 
Brave Browser 1.68.128 14 
Brave Browser 1.68.131 14 
Devolutions Launcher 2024.2.15.0 
Devolutions Remote Desktop Manager 2024.2.15.0 
Docker Desktop 0,189583333 
Eclipse Temurin JDK with Hotspot 11 (LTS) 11.0.24.8 
Eclipse Temurin JDK with Hotspot 17 (LTS) 17.0.12.7 
Eclipse Temurin JDK with Hotspot 21 21.0.4.7 
Eclipse Temurin JDK with Hotspot 22 22.0.2.9 
Eclipse Temurin JDK with Hotspot 8 (LTS) 8.0.422.5 
Eclipse Temurin JRE with Hotspot 11 (LTS) 11.0.24.8 
Eclipse Temurin JRE with Hotspot 17 (LTS) 17.0.12.7 
Eclipse Temurin JRE with Hotspot 21 21.0.4.7 
Eclipse Temurin JRE with Hotspot 22 22.0.2.9 
Eclipse Temurin JRE with Hotspot 8 (LTS) 8.0.422.5 
Beats Winlogbeat 0,343078704 
Google Chrome 126.0.6478.182 
Google Chrome 127.0.6533.72 14 
Google Chrome 127.0.6533.88 
Google Chrome 126.0.6478.183 
Google Chrome 127.0.6533.73 14 
Google Chrome 127.0.6533.89 
Google Chrome for Business 126.0.6478.183 
Google Chrome for Business 127.0.6533.73 14 
Google Chrome for Business 127.0.6533.89 
Google Chrome for Education 126.0.6478.183 
Google Chrome for Education 127.0.6533.73 14 
Google Chrome for Education 127.0.6533.89 
Google Go Programming Language 1.21 0,056388889 
Google Go Programming Language 1.22 0,057002315 
TeamCity 84,33819444 
Calibre 0,302777778 
LINQPad 8 0,336238426 
LINQPad 8 0,336863426 
Microsoft .NET Runtime 6.0 6.0.32.33814 
Microsoft .NET Runtime 6.0 0,25037037 
Microsoft .NET Runtime 8.0 8.0.7.33813 
Microsoft .NET Runtime 8.0 0,333414352 
Microsoft .NET SDK 6.0 6.4.2424.31506 
Microsoft .NET SDK 6.0 0,25037037 
Microsoft .NET SDK 8.0 8.3.324.31708 
Microsoft .NET SDK 8.0 0,336840278 
Microsoft 365 Apps 2406 (Build 16.0.17726.20160) 
Microsoft 365 Apps 2405 (Build 16.0.17628.20188) 
Microsoft 365 Apps 2402 (Build 16.0.17328.20452) 
Microsoft ASP.NET Core Runtime 6.0 6.0.32.24314 
Microsoft ASP.NET Core Runtime 6.0 0,25037037 
Microsoft ASP.NET Core Runtime 8.0 8.0.7.24314 
Microsoft ASP.NET Core Runtime 8.0 0,333414352 
Microsoft ASP.NET Core Runtime Hosting Bundle 6.0 6.0.32.24314 
Microsoft ASP.NET Core Runtime Hosting Bundle 8.0 8.0.7.24314 
Microsoft Azure CLI 0,126388889 
Microsoft Azure Kubelogin 0,000740741 
Microsoft Azure PowerShell 12.1.0.38758 
Microsoft Edge Beta 127.0.2651.74 26 
Microsoft Edge for Business 126.0.2592.102 
Microsoft Edge for Business 126.0.2592.113 
Microsoft Edge for Business 127.0.2651.74 26 
Microsoft OLE DB Driver 18 for SQL Server 0,754907407 
Microsoft OLE DB Driver 19 for SQL Server 0,79380787 
Microsoft SQL Server Management Studio 20 20.2.30.0 
Microsoft Visual Studio 2022 Community 17.10.35027.167 
Microsoft Visual Studio 2022 Enterprise 17.10.35027.167 
Microsoft Visual Studio 2022 Enterprise 17.4.35026.314 
Microsoft Visual Studio 2022 Enterprise 17.6.35028.176 
Microsoft Visual Studio 2022 Enterprise 17.8.35027.43 
Microsoft Visual Studio 2022 Professional 17.10.35027.167 
Microsoft Visual Studio 2022 Professional 17.4.35026.314 
Microsoft Visual Studio 2022 Professional 17.6.35028.176 
Microsoft Visual Studio 2022 Professional 17.8.35027.43 
Microsoft Visual Studio Team Explorer 2022 17.10.35027.167 
Microsoft Windows Desktop Runtime 6.0 6.0.32.33814 
Microsoft Windows Desktop Runtime 8.0 8.0.7.33814 
Pale Moon 1,376400463 
Mozilla Firefox 5,333333333 16 
Mozilla Firefox ESR 115 4,800694444 
Mozilla Thunderbird 4,800694444 
Mozilla Thunderbird ESR 128 5,333333333 15 
Node.js 18 LTS 0,763935185 
Node.js 20 LTS 0,843761574 
Node.js 22 0,919456019 
NoMachine 0,341805556 
NoMachine 0,342372685 
NoMachine Enterprise Client 0,341805556 
NoMachine Enterprise Client 0,342372685 
NoMachine Enterprise Desktop 0,341805556 
NoMachine Enterprise Desktop 0,342372685 
Electron 1,211157407 
Electron 1,211168981 
Electron 1,251388889 10 
OpenVPN 2.6.12 (2.6.1201) 
Opera One 112.0.5197.25 
Oracle Java Runtime Environment Version 8 8.0.4210.9 
Oracle Java SE Development Kit 17 17.0.12.0 
Oracle Java SE Development Kit 21 21.0.4.0 
Oracle Java SE Development Kit 22 22.0.2.0 
Oracle VirtualBox 7 0,291898148 
Red Hat OpenJDK 11.0.2408.1 
Red Hat OpenJDK 17.00120.7.1 
Red Hat OpenJDK 21.0040.7.1 
Red Hat OpenJDK 1.8.4221.5 
Red Hat OpenJDK JRE 11.0.240.1 
Red Hat OpenJDK JRE 17.00120.7.1 
Red Hat OpenJDK JRE 21.0040.7.1 
Camtasia Studio 2022 2022.5.6.254 
VMware Workstation Pro 17 17.5.2.23775571 
Waterfox G6.0.17 
Charles 4.6.7.0 
Charles 0,170914352 

Conclusion: July 2024 Third-Party Patches

Maintaining the security and performance of your IT environment hinges on timely third-party patching. The July 2024 updates addressed significant vulnerabilities across various applications, underscoring the importance of staying vigilant. By prioritizing these patches, you help safeguard your systems against potential exploits and ensure continued operational stability.

To deepen your understanding of third-party patching and its impact on your security posture, explore our eBook Reduce Your Attack Footprint. Additionally, don’t miss our analysis of the August 2024 Microsoft Patch Tuesday here.

Back to Top