HomeCyber BalkansMicrosoft addresses two zero-day vulnerabilities in significant July Patch Tuesday

Microsoft addresses two zero-day vulnerabilities in significant July Patch Tuesday

Published on

spot_img

Microsoft has taken significant steps to address 142 vulnerabilities in its latest Patch Tuesday update for July. Among these vulnerabilities were two zero-day flaws that were actively being exploited by malicious actors.

The first zero-day vulnerability, identified as CVE-2024-38080, is a privilege escalation flaw in Microsoft’s Hyper-V virtualization software that impacts both Windows 11 and Windows Server 2022. This flaw received a CVSS score of 7.8 and was classified as important by Microsoft. The software giant acknowledged that exploitation of this vulnerability has been observed, although the extent of the attacks remains uncertain. Interestingly, Microsoft was informed about this flaw by an anonymous individual.

The second zero-day bug, named CVE-2024-38112, is a spoofing vulnerability found in the Windows MSHTML platform. With a CVSS score of 7.5, this flaw was also deemed important by Microsoft. Exploitation of this vulnerability allows attackers to send malicious files through the network. However, Microsoft pointed out in their advisory that additional actions are required before full exploitation of the flaw.

According to Chris Goettl, Vice President of Security Product Management at Ivanti, attackers can exploit this particular vulnerability remotely if they are already present on the network, making it a significant threat across various Windows OS versions.

The individual credited with discovering and reporting CVE-2024-38112 is Haifei Li of Check Point Software Technologies. However, Li expressed frustration towards Microsoft for divulging and fixing the flaw earlier than expected, without informing Check Point about the altered schedule.

Apart from the zero-day vulnerabilities, Microsoft also addressed two other disclosed flaws in the Patch Tuesday update. The first one, CVE-2024-35264, is a remote code execution vulnerability affecting .NET version 8.0 and Visual Studio 2022. This flaw received an 8.1 CVSS score and was labeled as important by Microsoft. On the other hand, the second disclosed vulnerability, CVE-2024-37985, is an information disclosure flaw in Windows 11 versions for Arm64-based systems, with a 5.9 CVSS score and an important rating.

Furthermore, Microsoft patched CVE-2024-38060, an RCE flaw impacting the Windows Imaging Component, which is critical. This flaw could be exploited by uploading a malicious TIFF file to a targeted server.

The massive Patch Tuesday update also included 38 RCE vulnerabilities in SQL Server alone. While the number of vulnerabilities addressed might seem overwhelming, experts like Goettl assure users that focusing on addressing the critical ones promptly is crucial for safeguarding systems from potential threats.

In conclusion, Microsoft’s robust response in addressing these vulnerabilities underscores the importance of regular patching and maintenance of software systems to mitigate security risks and protect against cyber threats. Organizations are advised to stay vigilant and prioritize the installation of these updates to bolster their cybersecurity posture in an ever-evolving threat landscape.

Source link

Latest articles

Anthropic Introduces Cyber Jailbreak Severity Framework for Claude Fable 5 Safeguards

Anthropic Unveils Cybersecurity Enhancements for Claude Fable 5 Model In a significant development in the...

Opera Introduces Paste Protect to Combat ClickFix

Opera Launches "Paste Protect" Feature to Combat ClickFix Attacks In a strategic move to bolster...

AI-Generated Browser Ransomware Exploits Chromium API on Windows, Linux, macOS, and Android

In a significant development within the realm of cybersecurity, researchers from Check Point have...

More like this

Anthropic Introduces Cyber Jailbreak Severity Framework for Claude Fable 5 Safeguards

Anthropic Unveils Cybersecurity Enhancements for Claude Fable 5 Model In a significant development in the...

Opera Introduces Paste Protect to Combat ClickFix

Opera Launches "Paste Protect" Feature to Combat ClickFix Attacks In a strategic move to bolster...