HomeCyber BalkansMicrosoft addresses two zero-day vulnerabilities in significant July Patch Tuesday

Microsoft addresses two zero-day vulnerabilities in significant July Patch Tuesday

Published on

spot_img

Microsoft has taken significant steps to address 142 vulnerabilities in its latest Patch Tuesday update for July. Among these vulnerabilities were two zero-day flaws that were actively being exploited by malicious actors.

The first zero-day vulnerability, identified as CVE-2024-38080, is a privilege escalation flaw in Microsoft’s Hyper-V virtualization software that impacts both Windows 11 and Windows Server 2022. This flaw received a CVSS score of 7.8 and was classified as important by Microsoft. The software giant acknowledged that exploitation of this vulnerability has been observed, although the extent of the attacks remains uncertain. Interestingly, Microsoft was informed about this flaw by an anonymous individual.

The second zero-day bug, named CVE-2024-38112, is a spoofing vulnerability found in the Windows MSHTML platform. With a CVSS score of 7.5, this flaw was also deemed important by Microsoft. Exploitation of this vulnerability allows attackers to send malicious files through the network. However, Microsoft pointed out in their advisory that additional actions are required before full exploitation of the flaw.

According to Chris Goettl, Vice President of Security Product Management at Ivanti, attackers can exploit this particular vulnerability remotely if they are already present on the network, making it a significant threat across various Windows OS versions.

The individual credited with discovering and reporting CVE-2024-38112 is Haifei Li of Check Point Software Technologies. However, Li expressed frustration towards Microsoft for divulging and fixing the flaw earlier than expected, without informing Check Point about the altered schedule.

Apart from the zero-day vulnerabilities, Microsoft also addressed two other disclosed flaws in the Patch Tuesday update. The first one, CVE-2024-35264, is a remote code execution vulnerability affecting .NET version 8.0 and Visual Studio 2022. This flaw received an 8.1 CVSS score and was labeled as important by Microsoft. On the other hand, the second disclosed vulnerability, CVE-2024-37985, is an information disclosure flaw in Windows 11 versions for Arm64-based systems, with a 5.9 CVSS score and an important rating.

Furthermore, Microsoft patched CVE-2024-38060, an RCE flaw impacting the Windows Imaging Component, which is critical. This flaw could be exploited by uploading a malicious TIFF file to a targeted server.

The massive Patch Tuesday update also included 38 RCE vulnerabilities in SQL Server alone. While the number of vulnerabilities addressed might seem overwhelming, experts like Goettl assure users that focusing on addressing the critical ones promptly is crucial for safeguarding systems from potential threats.

In conclusion, Microsoft’s robust response in addressing these vulnerabilities underscores the importance of regular patching and maintenance of software systems to mitigate security risks and protect against cyber threats. Organizations are advised to stay vigilant and prioritize the installation of these updates to bolster their cybersecurity posture in an ever-evolving threat landscape.

Source link

Latest articles

1Password Integrates with Claude AI for Enhanced Secure Authentication

1Password Integrates with Anthropic's Claude AI: Enhancing Secure Authentication In a significant advancement in digital...

Critical WordPress Core Vulnerability Enables Remote Code Execution by Anonymous Hackers

Major Security Flaw Discovered in WordPress Core—"wp2shell" A newly unveiled pre-authentication remote code execution (RCE)...

Q&A: Cyber Returns to the CSIDES

In the vibrant seaside town of Weston-super-Mare, CSIDES is set to return for its...

San Francisco Calls on Apple and Google to Remove AI Nudify Apps

San Francisco Takes Action Against AI "Nudify" Apps Targeting Vulnerable Individuals In a decisive move...

More like this

1Password Integrates with Claude AI for Enhanced Secure Authentication

1Password Integrates with Anthropic's Claude AI: Enhancing Secure Authentication In a significant advancement in digital...

Critical WordPress Core Vulnerability Enables Remote Code Execution by Anonymous Hackers

Major Security Flaw Discovered in WordPress Core—"wp2shell" A newly unveiled pre-authentication remote code execution (RCE)...

Q&A: Cyber Returns to the CSIDES

In the vibrant seaside town of Weston-super-Mare, CSIDES is set to return for its...