Microsoft has recently rolled out updates to address a total of 90 security vulnerabilities in their Windows operating system and various related software. This includes fixing six zero-day flaws that are currently being exploited by malicious actors. These updates cover a wide range of products such as Office, .NET, Visual Studio, Azure, and Teams, among others.
The zero-day vulnerabilities addressed by Microsoft this month primarily focus on local privilege escalation, which means that they are most effective when combined with other vulnerabilities or access. For instance, CVE-2024-38106, CVE-2024-38107, and CVE-2024-38193 all allow attackers to gain SYSTEM level privileges on a compromised machine, each residing in different parts of the Windows operating system.
One of the vulnerabilities, CVE-2024-38106, is found in the Windows Kernel and has a high “attack complexity,” making it challenging for malware to exploit reliably. Despite the complexity, security experts warn that with active exploitation in the wild, this vulnerability is indeed exploitable. Another zero-day flaw, CVE-2024-38178, targets a remote code execution vulnerability in the Windows Edge browser when operating in Internet Explorer Mode.
CVE-2024-38213 is a zero-day flaw that enables malware to bypass the “Mark of the Web” security feature in Windows, allowing malicious files downloaded from the Internet to be marked as trusted. Meanwhile, CVE-2024-38189 is a remote code execution flaw in Microsoft Project that targets users who have disabled notifications about the security risks of running VBA Macros in the software.
In addition to Microsoft, Adobe has also released 11 security bulletins addressing 71 vulnerabilities in various products like Illustrator, Photoshop, Acrobat, and more. Unlike Microsoft, Adobe states that they are not aware of any active exploitation of the fixed flaws at this time.
It is highly recommended for Windows users to stay up to date with security updates to protect their systems from potential threats. While installing updates on Patch Tuesday is advisable, waiting a few days for any issues to be resolved is a prudent approach. It is also suggested to backup data or create a system image before applying updates to prevent any data loss.
For a detailed breakdown of the vulnerabilities addressed by Microsoft and to stay informed on potential issues with updates, users can refer to resources like the SANS Internet Storm Center and Askwoody.com. By staying vigilant and proactive in applying security patches, users can help safeguard their systems against potential cyber threats.