Cyber Security

Microsoft Points Patches for 79 Flaws, Together with 3 Actively Exploited Home windows Flaws

September 11, 2024
pgsyo

Sep 11, 2024Ravie LakshmananHome windows Safety / Vulnerability

Microsoft Points Patches for 79 Flaws, Together with 3 Actively Exploited Home windows Flaws

Microsoft on Tuesday disclosed that three new safety flaws impacting the Home windows platform have come beneath energetic exploitation as a part of its Patch Tuesday replace for September 2024.

The month-to-month safety launch addresses a complete of 79 vulnerabilities, of which seven are rated Important, 71 are rated Vital, and one is rated Reasonable in severity. That is other than 26 flaws that the tech large resolved in its Chromium-based Edge browser since final month’s Patch Tuesday launch.

The three vulnerabilities which were weaponized in a malicious context are listed beneath, alongside a bug that Microsoft is treating as exploited –

  • CVE-2024-38014 (CVSS rating: 7.8) – Home windows Installer Elevation of Privilege Vulnerability
  • CVE-2024-38217 (CVSS rating: 5.4) – Home windows Mark-of-the-Net (MotW) Safety Function Bypass Vulnerability
  • CVE-2024-38226 (CVSS rating: 7.3) – Microsoft Writer Safety Function Bypass Vulnerability
  • CVE-2024-43491 (CVSS rating: 9.8) – Microsoft Home windows Replace Distant Code Execution Vulnerability

“Exploitation of each CVE-2024-38226 and CVE-2024-38217 can result in the bypass of essential safety features that block Microsoft Workplace macros from operating,” Satnam Narang, senior employees analysis engineer at Tenable, mentioned in an announcement.

Cybersecurity

“In each instances, the goal must be satisfied to open a specifically crafted file from an attacker-controlled server. The place they differ is that an attacker would should be authenticated to the system and have native entry to it to use CVE-2024-38226.”

As disclosed by Elastic Safety Labs final month, CVE-2024-38217 – additionally known as LNK Stomping – is alleged to have been abused within the wild way back to February 2018.

CVE-2024-43491, alternatively, is notable for the truth that it is much like the downgrade assault that cybersecurity firm SafeBreach detailed early final month.

“Microsoft is conscious of a vulnerability in Servicing Stack that has rolled again the fixes for some vulnerabilities affecting Non-compulsory Parts on Home windows 10, model 1507 (preliminary model launched July 2015),” Redmond famous.

“Which means an attacker might exploit these beforehand mitigated vulnerabilities on Home windows 10, model 1507 (Home windows 10 Enterprise 2015 LTSB and Home windows 10 IoT Enterprise 2015 LTSB) techniques which have put in the Home windows safety replace launched on March 12, 2024 — KB5035858 (OS Construct 10240.20526) or different updates launched till August 2024.”

The Home windows maker additional mentioned it may be resolved by putting in the September 2024 Servicing stack replace (SSU KB5043936) and the September 2024 Home windows safety replace (KB5043083), in that order.

It is also price stating that Microsoft’s “Exploitation Detected” evaluation for CVE-2024-43491 stems from the rollback of fixes that addressed vulnerabilities impacting some Non-compulsory Parts for Home windows 10 (model 1507) which were beforehand exploited.

“No exploitation of CVE-2024-43491 itself has been detected,” the corporate mentioned. “As well as, the Home windows product crew at Microsoft found this subject, and we’ve seen no proof that it’s publicly recognized.”

Cybersecurity

Software program Patches from Different Distributors

Along with Microsoft, safety updates have additionally been launched by different distributors over the previous few weeks to rectify a number of vulnerabilities, together with —

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.


Leave a Reply

Your email address will not be published. Required fields are marked *