{"id":24761182,"url":"https://github.com/myseq/ms_patch_tuesday","last_synced_at":"2025-07-23T00:34:26.352Z","repository":{"id":159394104,"uuid":"481131309","full_name":"myseq/ms_patch_tuesday","owner":"myseq","description":"Get quick summary of vulnerability stats and updates for Patch Tuesday.","archived":false,"fork":false,"pushed_at":"2024-08-22T03:18:19.000Z","size":11143,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-23T12:26:18.533Z","etag":null,"topics":["python3","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/myseq.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-13T08:20:35.000Z","updated_at":"2025-03-16T20:15:03.000Z","dependencies_parsed_at":"2024-08-19T15:31:32.274Z","dependency_job_id":null,"html_url":"https://github.com/myseq/ms_patch_tuesday","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/myseq/ms_patch_tuesday","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/myseq%2Fms_patch_tuesday","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/myseq%2Fms_patch_tuesday/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/myseq%2Fms_patch_tuesday/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/myseq%2Fms_patch_tuesday/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/myseq","download_url":"https://codeload.github.com/myseq/ms_patch_tuesday/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/myseq%2Fms_patch_tuesday/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266597014,"owners_count":23953894,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-22T02:00:09.085Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["python3","security"],"created_at":"2025-01-28T18:30:14.173Z","updated_at":"2025-07-23T00:34:26.324Z","avatar_url":"https://github.com/myseq.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MS Patch Tuesday \n\n`MS Patch Tuesday` is the second Tuesday of every month when Microsoft releases security updates to fix vulnerabilities in their software products.\n\nThis is a simple script, written in Python, to perform quick analysis on security updates. \nIt quickly summarizes:\n\n - Monthly security updates.\n - Any ***high severity*** vulnerabilities (CVSS_Base \u003e= 8.5).\n - Any ***high likelihood*** vulnerabilities (contains 'Exploitation More Likely')\n - Any vulnerability that ***exploited in wild*** (Exploited:yes)\n - Any ***CISA KEV*** vulnerabilities [new]\n - Number of CVE that needs customer/user actions [new]\n - Monthly MS patched product families.\n\nMicrosoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services, and provides these updates as part of the ongoing effort to help you manage security risks and help keep your systems protected. \n\nAll the details from Microsoft security update are formatted according to the Common Vulnerability Reporting Framework (CVRF). \nFor more details, please visit [msrc.microsoft.com/update-guide](https://msrc.microsoft.com/update-guide).\n\n\u003e ***CVRF*** *stands for `Common Vulnerability Reporting Framework`.*\n\n## Setup (Installation)\n\n```bash\n$ git clone https://github.com/myseq/ms_patch_tuesday.git\n$ cd ms_patch_tuesday\n$ python3 -m venv .venv\n$ source .venv/bin/activate \n$ pip3 install -r requirements.txt\n$ ./patch_tuesday.py -h\n$\n$ deactivate\n```\n\n![./patch_tuesday.py -h](images/pt3_help.png)\n\n## Features\n\n 1. Show the total vulnerability count for the month.\n 1. Show the number of `high severity` vulnerability count.\n 1. Show the number of vulnerability which `very likely to be exploited`. \n 1. Show the number of vulnerability which already `exploited in wild`.\n 1. Show the `product families` that involve.\n 1. Display the product familier as `bar chart`.\n 1. Download the `JSON` file.\n\n## Usages\n\nShow quick summary including `Action_required` and CISA_KEV count.\n\n```bash\n$ ./patch_tuesday.py\n\n _____ _ _ _____ _\n| _ |___| |_ ___| |_ |_ _|_ _ ___ ___ _| |___ _ _\n| __| .'| _| _| | | | | | | -_|_ -| . | .'| | |\n|__| |__,|_| |___|_|_| |_| |___|___|___|___|__,|_ |\n |___|\n\n Microsoft Patch Tuesday - By MSRC\n===============================================\n \u003c\u003c August 2024 Security Updates [ 2024-08-13 ] \u003e\u003e\n\n\n [+] Vulnerabilities : [ 102 ]\n [-] High_Severity : [ 21 ]\n [-] High_likelihood : [ 11 ]\n [-] Exploited in_wild : [ 6 ]\n [-] Action_required : [ 99 ]\n [-] Found in CISA_KEV : [ 6 ]\n\n\n [*] [2024-08-19] main(): Completed within [8.9630 sec].\n\n```\n\nShow vulnerabilities and product families in verbose mode.\n\n```bash\n$ ./patch_tuesday.py -v -k 2024-may\n\n\n _____ _ _ _____ _\n| _ |___| |_ ___| |_ |_ _|_ _ ___ ___ _| |___ _ _\n| __| .'| _| _| | | | | | | -_|_ -| . | .'| | |\n|__| |__,|_| |___|_|_| |_| |___|___|___|___|__,|_ |\n |___|\n\n\n [*] Finish fetching [1,215,882 bytes] from https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2024-may\n\n\n [*] CISA Catalog of Known Exploited Vulnerabilities [ 2024.08.15/1150 ]\n\n\n Microsoft Patch Tuesday - By MSRC\n===============================================\n \u003c\u003c May 2024 Security Updates [ 2024-05-14 ] \u003e\u003e\n\n\n [+] Vulnerabilities : [ 79 ]\n [-] High_Severity : [ 7 ]\n [-] High_likelihood : [ 10 ]\n [-] Exploited in_wild : [ 2 ]\n [-] Action_required : [ 79 ]\n [-] Found in CISA_KEV : [ 6 ]\n\n High_Severity/7\n┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓\n┃ CVE ┃ CVSS_Base/Temp ┃ Title_Value ┃\n┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩\n│ CVE-2024-32002 │ B:9.0/T:7.8 │ GitHub: CVE-2024-32002 Recursive clones on case-insensitive filesystems that support symlinks │\n│ │ │ are susceptible to Remote Code Execution │\n│ CVE-2024-30006 │ B:8.8/T:7.7 │ Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability │\n│ CVE-2024-30007 │ B:8.8/T:7.7 │ Microsoft Brokering File System Elevation of Privilege Vulnerability │\n│ CVE-2024-30009 │ B:8.8/T:7.7 │ Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability │\n│ CVE-2024-30010 │ B:8.8/T:7.7 │ Windows Hyper-V Remote Code Execution Vulnerability │\n│ CVE-2024-30017 │ B:8.8/T:7.7 │ Windows Hyper-V Remote Code Execution Vulnerability │\n│ CVE-2024-30040 │ B:8.8/T:8.2 [K] │ Windows MSHTML Platform Security Feature Bypass Vulnerability │\n└────────────────┴─────────────────┴─────────────────────────────────────────────────────────────────────────────────────────────────┘\n\n High_Likelihood/10\n┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓\n┃ CVE ┃ CVSS_Base/Temp ┃ Title_Value ┃\n┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩\n│ CVE-2024-29996 │ B:7.8/T:6.8 │ Windows Common Log File System Driver Elevation of Privilege Vulnerability │\n│ CVE-2024-30044 │ B:7.2/T:6.3 │ Microsoft SharePoint Server Remote Code Execution Vulnerability │\n│ CVE-2024-30050 │ B:5.4/T:5.0 │ Windows Mark of the Web Security Feature Bypass Vulnerability │\n│ CVE-2024-30025 │ B:7.8/T:6.8 │ Windows Common Log File System Driver Elevation of Privilege Vulnerability │\n│ CVE-2024-30032 │ B:7.8/T:6.8 │ Windows DWM Core Library Elevation of Privilege Vulnerability │\n│ CVE-2024-30034 │ B:5.5/T:4.8 │ Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability │\n│ CVE-2024-30035 │ B:7.8/T:6.8 │ Windows DWM Core Library Elevation of Privilege Vulnerability │\n│ CVE-2024-30037 │ B:5.5/T:4.8 │ Windows Common Log File System Driver Elevation of Privilege Vulnerability │\n│ CVE-2024-30038 │ B:7.8/T:6.8 │ Win32k Elevation of Privilege Vulnerability │\n│ CVE-2024-30049 │ B:7.8/T:6.8 │ Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability │\n└────────────────┴────────────────┴─────────────────────────────────────────────────────────────────────────────┘\n\n Exploited_in_Wild/2\n┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓\n┃ CVE ┃ CVSS_Base/Temp ┃ Title_Value ┃\n┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩\n│ CVE-2024-30040 │ B:8.8/T:8.2 [K] │ Windows MSHTML Platform Security Feature Bypass Vulnerability │\n│ CVE-2024-30051 │ B:7.8/T:7.2 [K] │ Windows DWM Core Library Elevation of Privilege Vulnerability │\n└────────────────┴─────────────────┴───────────────────────────────────────────────────────────────┘\n\n\n [+] Product Families (10)\n [ 1] Windows : 26\n [ 2] Microsoft Office : 13\n [ 3] ESU : 10\n [ 4] Developer Tools : 9\n [ 5] Azure : 2\n [ 6] Apps : 2\n [ 7] Mariner : 2\n [ 8] Browser : 1\n [ 9] Microsoft Dynamics : 1\n [10] SQL Server : 1\n\n [*] \"May 2024 Security Updates\" (Rev 25)\n [-] Initial Release date: 2024-05-14T07:00:00\n [-] Current Release date: 2024-06-19T07:00:00\n\n\n [*] [2024-08-19] main(): Completed within [4.8891 sec].\n\n```\n\nShow vulnerabilities and product families (as bar chart) in verbose mode.\n\n```bash\n$ ./patch_tuesday.py -vc -k 2024-jun\n\n _____ _ _ _____ _\n| _ |___| |_ ___| |_ |_ _|_ _ ___ ___ _| |___ _ _\n| __| .'| _| _| | | | | | | -_|_ -| . | .'| | |\n|__| |__,|_| |___|_|_| |_| |___|___|___|___|__,|_ |\n |___|\n\n\n [*] Finish fetching [3,472,243 bytes] from https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2024-jun\n\n\n [*] CISA Catalog of Known Exploited Vulnerabilities [ 2024.08.15/1150 ]\n\n\n Microsoft Patch Tuesday - By MSRC\n===============================================\n \u003c\u003c June 2024 Security Updates [ 2024-06-11 ] \u003e\u003e\n\n\n [+] Vulnerabilities : [ 91 ]\n [-] High_Severity : [ 7 ]\n [-] High_likelihood : [ 12 ]\n [-] Exploited in_wild : [ 0 ]\n [-] Action_required : [ 90 ]\n [-] Found in CISA_KEV : [ 0 ]\n\n High_Severity/7\n┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓\n┃ CVE ┃ CVSS_Base/Temp ┃ Title_Value ┃\n┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩\n│ CVE-2024-30078 │ B:8.8/T:7.7 │ Windows Wi-Fi Driver Remote Code Execution Vulnerability │\n│ CVE-2024-30080 │ B:9.8/T:8.5 │ Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability │\n│ CVE-2024-30064 │ B:8.8/T:7.7 │ Windows Kernel Elevation of Privilege Vulnerability │\n│ CVE-2024-30068 │ B:8.8/T:7.7 │ Windows Kernel Elevation of Privilege Vulnerability │\n│ CVE-2024-30097 │ B:8.8/T:7.7 │ Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability │\n│ CVE-2024-30103 │ B:8.8/T:7.7 │ Microsoft Outlook Remote Code Execution Vulnerability │\n│ CVE-2024-35249 │ B:8.8/T:7.7 │ Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability │\n└────────────────┴────────────────┴───────────────────────────────────────────────────────────────────────────────────────────────┘\n\n High_Likelihood/12\n┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓\n┃ CVE ┃ CVSS_Base/Temp ┃ Title_Value ┃\n┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩\n│ CVE-2024-30080 │ B:9.8/T:8.5 │ Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability │\n│ CVE-2024-30082 │ B:7.8/T:6.8 │ Win32k Elevation of Privilege Vulnerability │\n│ CVE-2024-35250 │ B:7.8/T:6.8 │ Windows Kernel-Mode Driver Elevation of Privilege Vulnerability │\n│ CVE-2024-35260 │ B:8.0/T:7.0 │ Microsoft Dataverse Remote Code Execution Vulnerability │\n│ CVE-2024-30084 │ B:7.0/T:6.1 │ Windows Kernel-Mode Driver Elevation of Privilege Vulnerability │\n│ CVE-2024-30085 │ B:7.8/T:7.0 │ Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability │\n│ CVE-2024-30086 │ B:7.8/T:6.8 │ Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability │\n│ CVE-2024-30087 │ B:7.8/T:6.8 │ Win32k Elevation of Privilege Vulnerability │\n│ CVE-2024-30088 │ B:7.0/T:6.3 │ Windows Kernel Elevation of Privilege Vulnerability │\n│ CVE-2024-30089 │ B:7.8/T:6.8 │ Microsoft Streaming Service Elevation of Privilege Vulnerability │\n│ CVE-2024-30091 │ B:7.8/T:7.0 │ Win32k Elevation of Privilege Vulnerability │\n│ CVE-2024-30099 │ B:7.0/T:6.3 │ Windows Kernel Elevation of Privilege Vulnerability │\n└────────────────┴────────────────┴─────────────────────────────────────────────────────────────────────────────┘\n\n\n [+] Product Families (8)\n Windows ▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ 26\n Azure ▇▇▇▇▇▇▇▇▇ 15\n Microsoft Office ▇▇▇▇▇▇▇▇ 13\n ESU ▇▇▇▇▇▇ 10\n Developer Tools ▇▇▇▇ 6\n Mariner ▇▇▇▇ 6\n Microsoft Dynamics ▇▇▇ 5\n Browser ▇▇ 3\n\n [*] \"June 2024 Security Updates\" (Rev 181)\n [-] Initial Release date: 2024-06-11T07:00:00\n [-] Current Release date: 2024-08-13T07:00:00\n\n\n [*] [2024-08-19] main(): Completed within [10.2520 sec].\n\n```\n\nDownload and save the JSON file (YYYY_MM.json).\n\n```bash\n$ ./patch_tuesday.py -j -k 2023-dec\n\n _____ _ _ _____ _\n| _ |___| |_ ___| |_ |_ _|_ _ ___ ___ _| |___ _ _\n| __| .'| _| _| | | | | | | -_|_ -| . | .'| | |\n|__| |__,|_| |___|_|_| |_| |___|___|___|___|__,|_ |\n |___|\n\nic| filename: '2023_12.json'\n\n\n [*] [2024-04-23] main(): Completed within [3.0585 sec].\n\n```\n\n## Tips\n\nUse the `-j` option to download the JSON file.\nThen use `jq` utility to count the number of vulnerabilities released.\n\n```bash\n$ cat 2023_12.json | jq '.Vulnerability | length'\n51\n```\n\n# History/Updates:\n\n - 2022.03 : ms_patch_tuesday_2.0\n - 2024.04 : ms_patch_tuesday_3.0\n - 2022.07 : ms_patch_tuesday_3.1 (minor bug fix)\n - 2024.08 : ms_patch_tuesday.4.0 (added CISA_KEV, action_required)\n\n## CVRF API calls\n \n - https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/\n - https://api.msrc.microsoft.com/cvrf/v2.0/cvrf/\n\n# Links:\n\n - [MSRC-Microsoft-Security-Updates-API](https://github.com/microsoft/MSRC-Microsoft-Security-Updates-API)\n - [MSRC CVRF API v3](https://api.msrc.microsoft.com/cvrf/v3.0/swagger/v3/swagger.json)\n - [MySeq - Patch_Tuesday Utils](https://myseq.blogspot.com/2022/07/patchtuesday-utils.html)\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmyseq%2Fms_patch_tuesday","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmyseq%2Fms_patch_tuesday","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmyseq%2Fms_patch_tuesday/lists"}