Serious unused window threat – with a replacement expiration date
Updated as of 07/11 with Microsoft feedback and Backbone to pre replace factor.
Microsoft Home Windows users are suddenly in danger from a “previously unknown” trick attacking their PC. This warning is now being actively exploited on your device through an unknown vulnerability that has just been patched via Microsoft.
The analysis team at Test Level warns that “attackers are using special Windows Internet shortcut files that, when clicked, call retired Internet Explorer (IE) to go to attacker-controlled URLs… “By opening the URL with IE instead of the modern and more secure Chrome/Edge browser on Windows, the attacker gained a significant advantage in exploiting the victim’s computer, even though the computer is running a modern Windows 10/11 operating system.”
The warning is so serious that the United States government has just added it to its identified exploit vulnerabilities catalog, warning that Microsoft Home Windows “contains a spoofing vulnerability that has a high impact on confidentiality, integrity, and availability.”
CISA, the federal government’s cybersecurity company, has ordered all Windows programs critical for federal employees to be updated or shut down within 21 days, until July 30. Attackers have been using techniques for quite some time now,” it is important that all organizations comply with the CISA mandate as well.
We’ve marked yet another CISA July Home Windows update mandate today. However around this generation, the first known exploits occurred more than a month ago – which is a dangerous range for a generation to perform in the wild.
Microsoft publicly stated that this vulnerability was exploited in its July update; A spokesperson informed me “We are very appreciative of (Check Point’s) Haifei Li for this research and for reporting it responsibly under the Coordinated Vulnerability Disclosure. Customers who have installed the update are already protected.
With IE long gone, many Windows customers will probably be dissatisfied with the idea. “IE is an old web browser and is known for its insecurities,” Level says, although “IE is still part of the Windows OS.” Clients will no longer be able to clean URLs with IE unless specifically requested to take action. However, with the “MHTML trick,” a victim clicks on a hyperlink to clear a PDF, not an IE shortcut.
This vulnerability—CVE-2024-38112—is not the only Microsoft Windows region to set a CISA record with a July 30 deadline. The federal government has additionally added CVE-2024-38080, threatening that “Microsoft Windows Hyper-V has a privilege escalation vulnerability that could allow a local attacker with user permissions to gain system privileges.” Now updating Home Windows will apparently address both, with the addition of an additional 137 patches in Microsoft’s July update.
Take a look at Level’s Eli Smadza, who called the exploit he came up with “particularly surprising… taking advantage of Internet Explorer, which many users may not realize they have on their computers, to carry out their attack. are also described,” including that “All Windows users should immediately apply Microsoft patches to protect themselves.”
Additionally to this list Windows 10 holdouts will have to be deactivated for consideration before the end of October, at which point it will no longer receive normal security updates unless you go for an untested, paid plan. The anecdotal data suggests that Microsoft is finally making some progress in improving customer service, which is welcome.
It’s a busy era for Windows Update. In parallel, users are now getting news of July’s patched zero-days, Windows 11 updates required to maintain access to security treatments (e.g.), and the continued ability to switch from 10 to 11.
And given that it’s Windows, it doesn’t always work smoothly. Microsoft has fixed an issue with its June Windows Security Update where “devices may fail to start; Affected systems may restart frequently and require recovery operations to restore normal usage.” This led to the removal of some updates.
in line with bleeping laptop“This fix comes after Redmond was forced to pull the update on June 27 following reports that it was causing some Windows devices to restart repeatedly while others failed to start altogether.. .The same update causes the taskbar to display or close correctly on systems running Windows N editions or turning off the ‘Media Features’ feature.”
The issue surfaced a day earlier as the final CISA required Windows update due on July 4 approached, but some users were unable to update. It initially seemed like it might impact a large section of customers, before it became clear that the problem primarily affected virtualized machines or gadgets using features, but the same amount per thirty. There was an interruption. Days replace the process.
Thankfully, that’s not the case, but in this day and age—keep an eye on this area though…
Discover more from news2source
Subscribe to get the latest posts sent to your email.
