Microsoft Points Patches for 79 Flaws, Together with 3 Actively Exploited Home windows Flaws
Microsoft on Tuesday disclosed that three new safety flaws impacting the Home windows platform have come underneath lively exploitation as a part of its Patch Tuesday replace for September 2024.
The month-to-month safety launch addresses a complete of 79 vulnerabilities, of which seven are rated Crucial, 71 are rated Necessary, and one is rated Reasonable in severity. That is except for 26 flaws that the tech large resolved in its Chromium-based Edge browser since final month’s Patch Tuesday launch.
The three vulnerabilities which were weaponized in a malicious context are listed under, alongside a bug that Microsoft is treating as exploited –
- CVE-2024-38014 (CVSS rating: 7.8) – Home windows Installer Elevation of Privilege Vulnerability
- CVE-2024-38217 (CVSS rating: 5.4) – Home windows Mark-of-the-Net (MotW) Safety Function Bypass Vulnerability
- CVE-2024-38226 (CVSS rating: 7.3) – Microsoft Writer Safety Function Bypass Vulnerability
- CVE-2024-43491 (CVSS rating: 9.8) – Microsoft Home windows Replace Distant Code Execution Vulnerability
“Exploitation of each CVE-2024-38226 and CVE-2024-38217 can result in the bypass of necessary security measures that block Microsoft Workplace macros from working,” Satnam Narang, senior employees analysis engineer at Tenable, stated in an announcement.
“In each instances, the goal must be satisfied to open a specifically crafted file from an attacker-controlled server. The place they differ is that an attacker would should be authenticated to the system and have native entry to it to use CVE-2024-38226.”
As disclosed by Elastic Safety Labs final month, CVE-2024-38217 – additionally known as LNK Stomping – is alleged to have been abused within the wild way back to February 2018.
CVE-2024-43491, alternatively, is notable for the truth that it is much like the downgrade assault that cybersecurity firm SafeBreach detailed early final month.
“Microsoft is conscious of a vulnerability in Servicing Stack that has rolled again the fixes for some vulnerabilities affecting Elective Elements on Home windows 10, model 1507 (preliminary model launched July 2015),” Redmond famous.
“Which means that an attacker may exploit these beforehand mitigated vulnerabilities on Home windows 10, model 1507 (Home windows 10 Enterprise 2015 LTSB and Home windows 10 IoT Enterprise 2015 LTSB) programs which have put in the Home windows safety replace launched on March 12, 2024 — KB5035858 (OS Construct 10240.20526) or different updates launched till August 2024.”
The Home windows maker additional stated it may be resolved by putting in the September 2024 Servicing stack replace (SSU KB5043936) and the September 2024 Home windows safety replace (KB5043083), in that order.
It is also value mentioning that Microsoft’s “Exploitation Detected” evaluation for CVE-2024-43491 stems from the rollback of fixes that addressed vulnerabilities impacting some Elective Elements for Home windows 10 (model 1507) which were beforehand exploited.
“No exploitation of CVE-2024-43491 itself has been detected,” the corporate stated. “As well as, the Home windows product staff at Microsoft found this difficulty, and we’ve seen no proof that it’s publicly identified.”
Software program Patches from Different Distributors
Along with Microsoft, safety updates have additionally been launched by different distributors over the previous few weeks to rectify a number of vulnerabilities, together with —
- Adobe
- Arm
- Bosch
- Broadcom (together with VMware)
- Cisco
- Citrix
- CODESYS
- D-Link
- Dell
- Drupal
- F5
- Fortinet
- Fortra
- GitLab
- Google Android and Pixel
- Google Chrome
- Google Cloud
- Google Wear OS
- Hitachi Energy
- HP
- HP Enterprise (together with Aruba Networks)
- IBM
- Intel
- Ivanti
- Lenovo
- Linux distributions Amazon Linux, Debian, Oracle Linux, Red Hat, Rocky Linux, SUSE, and Ubuntu
- MediaTek
- Mitsubishi Electric
- MongoDB
- Mozilla Firefox, Firefox ESR, Focus and Thunderbird
- NVIDIA
- ownCloud
- Palo Alto Networks
- Progress Software
- QNAP
- Qualcomm
- Rockwell Automation
- Samsung
- SAP
- Schneider Electric
- Siemens
- SolarWinds
- SonicWall
- Spring Framework
- Synology
- Veeam
- Zimbra
- Zoho ManageEngine ServiceDesk Plus, SupportCenter Plus, and ServiceDesk Plus MSP
- Zoom, and
- Zyxel