CVE-2024-26190: Microsoft QUIC Denial of Service Vulnerability
First published: Tue Mar 12 2024(Updated: )
Microsoft QUIC Denial of Service Vulnerability
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Server 2022 | ||
| Microsoft .NET 7.0 | ||
| Microsoft Windows Server 2022 | ||
| Microsoft .NET 8.0 | ||
| Microsoft Windows Server 2022 23H2 | ||
| Microsoft PowerShell | ||
| Microsoft PowerShell | ||
| Visual Studio Professional 2022 | =17.9 | |
| Visual Studio Professional 2022 | =17.6 | |
| Microsoft .NET Framework | >=7.0.0<7.0.17 | |
| Microsoft .NET Framework | >=8.0.0<8.0.3 | |
| Windows PowerShell | >=7.3<7.3.12 | |
| Windows PowerShell | >=7.4<7.4.2 | |
| Visual Studio Professional 2022 | >=17.4.0<17.4.17 | |
| Visual Studio Professional 2022 | >=17.6.0<17.6.13 | |
| Visual Studio Professional 2022 | >=17.8.0<17.8.8 | |
| Visual Studio Professional 2022 | >=17.9.0<17.9.3 | |
| Windows 11 | <10.0.22000.2836 | |
| Windows 11 | <10.0.22621.3296 | |
| Windows 11 | <10.0.22631.3296 | |
| Microsoft Windows Server 2022 | <10.0.20348.2340 | |
| Microsoft Windows Server 2022 | <10.0.25398.763 | |
| Windows 11 | =23H2 | |
| Windows 11 | =22H2 | |
| Windows 11 | =22H2 | |
| Windows 11 | =21H2 | |
| Windows 11 | =21H2 | |
| Windows 11 | =23H2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-26190?
CVE-2024-26190 has been classified as a denial of service vulnerability.
How do I fix CVE-2024-26190?
To fix CVE-2024-26190, ensure that your affected Microsoft products are updated with the latest patches.
Which Microsoft products are affected by CVE-2024-26190?
CVE-2024-26190 affects Microsoft Windows Server 2022, Windows 11, and Visual Studio 2022 among others.
Is there a workaround for CVE-2024-26190?
Currently, the best recommendation is to apply the available updates to mitigate CVE-2024-26190.
What type of attack does CVE-2024-26190 enable?
CVE-2024-26190 enables a denial of service attack that can disrupt service availability.
- agent/references
- agent/title
- agent/type
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- agent/first-publish-date
- agent/description
- collector/msrc
- agent/severity
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/weakness
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/softwarecombine
- agent/tags
- vendor/microsoft
- canonical/microsoft windows server 2022
- canonical/microsoft .net 7.0
- canonical/microsoft .net 8.0
- canonical/microsoft windows server 2022 23h2
- canonical/microsoft powershell
- canonical/visual studio professional 2022
- version/visual studio professional 2022/17.9
- version/visual studio professional 2022/17.6
- version/visual studio professional 2022/17.4
- version/visual studio professional 2022/17.8
- canonical/microsoft .net framework
- version/microsoft .net framework/7.0.0
- version/microsoft .net framework/8.0.0
- canonical/windows powershell
- version/windows powershell/7.3
- version/windows powershell/7.4
- version/visual studio professional 2022/17.4.0
- version/visual studio professional 2022/17.6.0
- version/visual studio professional 2022/17.8.0
- version/visual studio professional 2022/17.9.0
- canonical/windows 11
- version/windows 11/23h2
- version/windows 11/22h2
- version/windows 11/21h2