Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Alert: Microsoft Security Updates – March 2024

Microsoft has issued security updates to address vulnerabilities in its software products, including, but not limited to:
 
  • Windows OS: 10 and 11.
  • Windows Server: 2016, 2019, 2022.
  • Microsoft Exchange Server 2016,2019
  • Microsoft SQL Server: 2019, 2022.
  • Microsoft Office: 2016, 2019, Microsoft 365 and Microsoft Edge.
 
The released security updates fix multiple vulnerabilities, which include two critical vulnerabilities:
 

 
Security Risks
 
If the identified vulnerabilities in Microsoft products are not patched, authenticated attackers may be empowered to remotely take control of vulnerable systems and execute malicious code with elevated privileges.
 
To access the full list of security patches released by Microsoft, please refer to the Microsoft Security Update Guide and apply the necessary updates.
 
Recommended Actions
 
The National Cyber Security Authority (NCSA) recommends users and administrators:
 
1. apply the latest security patches, as soon as possible, to prevent unauthorized control over unpatched systems.
 
2. upgrade immediately to the latest supported version of installed Microsoft software in order to continue receiving technical support and security patches.
 
The following Microsoft software products reached their end-of-life and need to be upgraded immediately:
 
  • Windows Vista, XP, 8 and 7
  • Windows Server 2003, 2003 RE, 2008, 2008 RE, 2008 SP2, 2012 and 2012 R2
  • Exchange Server 2003, 2007, 2010, 2013
  • Microsoft SQL Server 2005, 2008, 2012
  • Microsoft Office 2013
 
3. Before any updating task, ensure you have a current tested backup of your data.
 
For further information and support, please contact the National Cyber Security Authority (NCSA) by emailing rwcsirt@ncsa.gov.rw or calling us on 9009
 
References
  Release Note – March 2024.
 
 
 

14 March 2024

© 2024 National Cyber Security Authority