The first Microsoft zero-day to date is CVE-2024-38080, a malicious program Home Windows Hyper-V characteristic that affects home windows 11 And home windows server 2022 Methods. CVE-2024-38080 allows an attacker to escalate the privileges of their account on a Home Windows device. Although Microsoft says the flaw is being exploited, it has offered little information about its exploitation.
Alternative zero day is CVE-2024-38112, which is a disease mshtmlMicrosoft’s proprietary engine web explorer Internet browser. kevin breenSenior Director of Ultimatum Analysis Immersive LabsThe exploit of CVE-2024-38112 potentially calls for the attribution of an “attack chain” of exploits or programmatic adjustments to the target host, Los Angeles Microsoft details: “Successful exploitation of this vulnerability requires an attacker to take additional actions. “Requires to prepare the target environment before exploitation.”
“Despite the lack of details provided in the initial advisory, this vulnerability affects all hosts windows server 2008 r2 Going forward, including customers,” Breen said. “Due to active exploitation in the wild it should be prioritized for patching.”
Satnam NarangSenior Personnel Analysis Engineer worthCVE-2024-38021 is a remote code execution flaw known as CVE-2024-38021. Microsoft Administrative Center, Attacks in this scenario would control the disclosure of the NTLM hash, which may well be leveraged as part of an NTLM relay or “pass the hash” attack, which we can do by posing as a legitimate consumer to an attacker. Can. ,
“One of the more successful attack campaigns of 2023 used CVE-2023-23397, an elevation of privilege bug in Microsoft Outlook that can also leak NTLM hashes,” Narang said. “However, CVE-2024-38021 is limited by the fact that the preview pane is not an attack vector, meaning that simply previewing the file will not lead to the exploit.”
security company Morphisecwho is credited with reporting CVE-2024-38021 to Microsoft, said it respectfully disagrees with Microsoft’s “Significant” severity score, arguing that the Administrative Center flaw deserves an additional serious “Critical” score. Given how easy it is for attackers to take advantage of.
“Their assessment differentiates between trusted and untrusted senders, noting that the vulnerability is zero-click for trusted senders, but requires a one-click user interaction for untrusted senders,” says Morphisec. Michael Gorelick Their discovery was described in a blog post. “This reassessment is important to reflect the actual risk and ensure that adequate attention and resources are allocated to mitigation.”
Last week, Microsoft discovered a flaw in its Windows WiFi driver that allows attackers to install rogue tools by sending a specially crafted data packet to an interested Windows host over a local network. jason kikta But automox This date states CVE-2024-38053 – a security vulnerability. Home Windows Layer 2 Bridge Community – Are there any other native community “ping-of-death” vulnerabilities that are of concern to pockets of highway warriors.
“This requires close approach to the target,” Kikta said. “While this does stop a ransomware actor in Russia, it is something that falls outside most existing threat models. This type of exploit works in shared office environments, hotels, conference centers, and other places where unknown computers can use the same physical link as you.
Automox also highlighted three vulnerabilities in Windows Faraway Desktop, a carrier that allocates consumer access licenses (CALs) when a consumer accesses a remote desktop host (CVE-2024-38077, CVE-2024-38074, and CVE-2024 Connects to -). 38076). All three bugs were given a CVSS rating of 9.8 (out of 10) and indicated that a rogue packet could lead to the vulnerability.
tyler regulé But Forta Famously the backup has recently come to the end of life SQL Server 2014, a platform that is similar to Shodan yet has ~110,000 cases publicly available. At its peak, more than a quarter of all vulnerabilities detected by Microsoft to date were in SQL Server.
“Many companies don’t update quickly enough, but that could leave them scrambling to update those environments to supported versions of MS-SQL,” Regule said.
It’s a good suggestion for Windows end-users to stay tuned to Microsoft’s security updates, which will be out and about for a short period of time. It is not heartless, it is necessary to install them on Tuesdays of the area. Of course, being prepared a month or three in advance to update is a sensible response, as updates sometimes glitch out and in most cases Microsoft fixes any issues with its patches within a few days. Have fixed it. It’s also wise to backup your data and/or backup your Windows before using unused updates.
For a more realistic analysis of individual flaws recently addressed by Microsoft, take a look at the SANS Web Hurricane Heart report. For those administrators who are responsible for maintaining a better home windows environment, they will always have to pay to reserve an optic on Askwoody.com, which is released when specific Microsoft updates are causing problems for different customers Are.
As always, if you encounter any problems using any of these updates, imagine losing even a word about it in response; Chances are someone else reading here has experienced the same thing, and may even have an answer.
Discover more from news2source
Subscribe to get the latest posts sent to your email.
