Microsoft September Updates
Query
DeviceTvmSoftwareVulnerabilities | join kind=inner (DeviceTvmSoftwareVulnerabilitiesKB) on $left.CveId == $right.CveId | where RecommendedSecurityUpdate contains "September 2024 Security Updates" |
extend URLSecurityUpdate = strcat("https://msrc.microsoft.com/update-guide/en-US/advisory/", CveId) | project CveId,IsExploitAvailable,URLSecurityUpdate,CvssScore,VulnerabilitySeverityLevel,RecommendedSecurityUpdate, DeviceName, DeviceId,RecommendedSecurityUpdateId, OSPlatform, SoftwareVendor, SoftwareName, SoftwareVersion | order by CvssScoreAbout this query
Devices affected by September Security updates which includes 4 Zero-days & 79 Vulnerabilities fixed
Description: Microsoft’s September 2024 Patch Tuesday has addressed a significant number of security vulnerabilities, including four zero-day exploits and a total of 79 vulnerabilities across various products. This query helps to identify devices affected by the mentioned updates and add a column related to the corresponding updates/remediations information provided by Microsoft.
Explanation
This query is designed to identify devices that are affected by the security updates released by Microsoft in September 2024. These updates address a total of 79 vulnerabilities, including four zero-day exploits. The query performs the following steps:
-
Join Tables: It combines data from two tables (
DeviceTvmSoftwareVulnerabilitiesandDeviceTvmSoftwareVulnerabilitiesKB) based on a common identifier (CveId). -
Filter Updates: It filters the results to include only those devices that are affected by the "September 2024 Security Updates".
-
Add URL Column: It creates a new column (
URLSecurityUpdate) that provides a link to more detailed information about each vulnerability on Microsoft's update guide. -
Select Columns: It selects specific columns to display, including details about the vulnerability (like
CveId,IsExploitAvailable,CvssScore, etc.) and information about the affected device (likeDeviceName,DeviceId,OSPlatform, etc.). -
Sort Results: It sorts the results by the
CvssScore, which indicates the severity of the vulnerabilities.
In summary, this query helps to identify and provide detailed information about devices affected by the September 2024 security updates, including links to more information about each vulnerability.
Details

Sergio Albea
Released: September 11, 2024
Tables
Keywords
Operators