Microsoft Patch Tuesday 2024 : 73 Safety Flaws

As a part of its February 2024 Patch Tuesday updates, Microsoft has revealed patches to deal with 73 safety flaws, together with two zero-day vulnerabilities which have been actively exploited.

5 of the 73 vulnerabilities are categorized as ‘Essential’, 65 as ‘Vital’, and three as ‘Average’ in severity.

Two Zero-Days Patched

The 2 vulnerabilities recognized as being actively focused are:

CVE-2024-21351 – Home windows SmartScreen Safety Bypass

The vulnerability, which has a CVSS rating of seven.6, permits an attacker to insert code into SmartScreen and maybe purchase code execution. This might lead to some information disclosure, a scarcity of system availability, or each. 

“A licensed attacker should ship the consumer a malicious file and persuade the consumer to open it,” Microsoft stated.

Thus, if this vulnerability was efficiently exploited, an attacker might bypass the SmartScreen consumer expertise. 

Microsoft doesn’t disclose the widespread of those assaults, though it’s anticipated that the variety of exploits will rise.

CVE-2024-21412 – Web Shortcut Information Safety Characteristic Bypass Vulnerability

“An unauthenticated attacker might ship the focused consumer a specifically crafted file that’s designed to bypass displayed safety checks,” Microsoft.

On this case, it might be inconceivable for the attacker to persuade a consumer to see content material that they managed. As well as, by clicking on the file hyperlink, the attacker would have satisfied them to take motion.

Consequently, the attacker should persuade the sufferer to open a malicious file that they despatched them.

In response to a Development Micro report, the Water Hydra APT is utilizing the vulnerability to contaminate victims with the malware DarkMe. 

After growing a proof-of-concept (PoC) for extra testing, the researchers discovered that the unique shortcut bypassed the CVE-2023-36025 patch whereas evading SmartScreen safety measures.

Essential Safety Flaws Addressed

5 crucial vulnerabilities, together with these involving privilege elevation (CVE-2024-21410), denial of service (CVE-2024-20684), distant code execution (CVE-2024-21357, CVE-2024-21413), and knowledge disclosure (CVE-2024-21380) are mounted on this Patch Tuesday.

Different distributors, along with Microsoft, have additionally supplied safety upgrades in latest weeks to deal with a number of vulnerabilities. These corporations embrace Google, Adobe, Cisco, ExpressVPN, Ivanti, Fortinet, Linux, SAP and JetBrains.

The whole checklist of the 73 Microsoft CVEs could also be discovered right here.

Keep up to date on Cybersecurity information, Whitepapers, and Infographics. Observe us on LinkedIn & Twitter.