HomeCyber BalkansMicrosoft addresses and resolves three zero-day vulnerabilities, with two currently being exploited

Microsoft addresses and resolves three zero-day vulnerabilities, with two currently being exploited

Published on

spot_img

Kaspersky researchers have identified multiple threat groups using an exploit for the new CVE-2024-30051 vulnerability, including the notorious QakBot malware and the Cobalt Strike beacon. This exploit, which targets a privilege escalation flaw, allows attackers to gain full system control once malware has been executed on a computer.

Moreover, another vulnerability has been detected in the wild, affecting the Windows MSHTML platform and allowing attackers to bypass Microsoft Object Linking & Embedding (OLE) defenses in Microsoft 365 and Office. OLE enables Office documents to include links to external objects and documents, which can be exploited by cybercriminals using techniques like OLE template injection to execute malicious code.

To exploit this second vulnerability (CVE-2024-30040), an attacker would need to trick a user into loading a malicious file onto a vulnerable system, often through deceptive emails or instant messages. Microsoft has categorized this vulnerability as “exploited” and the US Cybersecurity and Infrastructure Security Agency (CISA) has included it in its Known Exploited Vulnerabilities catalog.

As cyber threats continue to evolve, it is crucial for individuals and organizations to stay vigilant and implement security measures to protect against these exploits. Microsoft’s advisory for CVE-2024-30040 underscores the importance of being cautious with file downloads from the internet and avoiding manipulation of suspicious files.

Overall, the discovery of these vulnerabilities underscores the ongoing cat-and-mouse game between cybercriminals and security researchers. With threat actors constantly evolving their tactics, it is essential for the cybersecurity community to work together to identify and mitigate these vulnerabilities before they can be leveraged for malicious purposes. The proactive efforts of researchers like those at Kaspersky play a crucial role in safeguarding digital systems and data from growing cyber threats.

Source link

Latest articles

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

A critical vulnerability in Fortinet's FortiSIEM product has recently been exploited, raising concerns about...

Microsoft reveals North Korea’s Moonstone Sleet

Microsoft Threat Intelligence teams recently made a significant discovery regarding a new hacker collective...

AI, Deepfakes, and Digital ID in Corporate Cybersecurity: Exploring the Emerging Frontier

The emergence of deepfakes has sparked a new wave of concern in the cybersecurity...

The Challenge of CVE Incentives

In the realm of cybersecurity, the issue of software vulnerabilities is becoming increasingly challenging...

More like this

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

A critical vulnerability in Fortinet's FortiSIEM product has recently been exploited, raising concerns about...

Microsoft reveals North Korea’s Moonstone Sleet

Microsoft Threat Intelligence teams recently made a significant discovery regarding a new hacker collective...

AI, Deepfakes, and Digital ID in Corporate Cybersecurity: Exploring the Emerging Frontier

The emergence of deepfakes has sparked a new wave of concern in the cybersecurity...
en_USEnglish