Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

Microsoft Unveils Security Update Patch for 118 Vulnerabilities, Two Actively Exploited Flaws


Microsoft Releases Patch for 118 Vulnerabilities, Two Actively Exploited Flaws

  • Microsoft has released a security update patch addressing 118 vulnerabilities across its software portfolio.
  • Two actively exploited remote code execution (RCE) vulnerabilities were addressed in the patch, including one assigned a CVSS score of 9.8 and another with a score of 8.8.
  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by October 29, 2024.



    • Microsoft has recently issued a security update that addresses a total of 118 vulnerabilities across its software portfolio. The patch, which was released on the same day as usual "Patch Tuesday," has been welcomed by cybersecurity experts and organizations alike, who are eager to protect their systems against potentially malicious exploitation.

    According to Microsoft, two of the flaws addressed in this patch have come under active exploitation in the wild, with one being a remote code execution (RCE) vulnerability. The company did not provide further details on how these vulnerabilities were exploited or by whom, but rather attributed them to researchers Andres and Shady for reporting CVE-2024-43572.

    The RCE vulnerability, which has been assigned a CVSS score of 7.8, is found in Microsoft Management Console (MSC) remote code execution. According to Satnam Narang, senior staff research engineer at Tenable, since the discovery of this vulnerability, Microsoft has now prevented untrusted MSC files from being opened on a system.

    Another RCE vulnerability with a CVSS score of 7.8 was also addressed in this patch. This vulnerability is found in Microsoft's Winlogon Elevation of Privilege feature and affects users running Windows operating systems. According to Adam Barnett, lead software engineer at Rapid7, exploitation of this vulnerability would require an attacker to send specially crafted requests to a Windows RPC host.

    The most severe concerns related to these patches are two remote code execution vulnerabilities found in Microsoft Configuration Manager (CVE-2024-43468) and Visual Studio Code extension for Arduino (CVE-2024-43488). The former has been assigned a CVSS score of 9.8, while the latter has a CVSS score of 8.8.

    According to Narang, an unauthenticated attacker could exploit this vulnerability in Microsoft Configuration Manager by sending specially crafted requests to the target environment which are processed in an unsafe manner. This allows the attacker to execute commands on the server and/or underlying database.

    Microsoft also acknowledged two Critical-rated severity flaws that relate to remote code execution in Visual Studio Code extension for Arduino (CVE-2024-43488, CVSS score: 8.8) and Remote Desktop Protocol (RDP) Server (CVE-2024-43582, CVSS score: 8.1).

    Outside of Microsoft, several other vendors have also released security updates to address multiple vulnerabilities in recent weeks, including Adobe, Amazon Web Services, Apache Avro, Apple, AutomationDirect, Bosch, Broadcom (including VMware), Cisco (including Splunk), Citrix, CODESYS, Dell, Draytek, Drupal, F5, Fortinet, GitLab, Google Android, Google Cloud, Hitachi Energy, HP, HP Enterprise (including Aruba Networks), IBM, Intel, Ivanti, Jenkins, Juniper Networks, Lenovo, Linux distributions Amazon Linux, Debian, Oracle Linux, Red Hat, Rocky Linux, SUSE, and Ubuntu, MediaTek, Mitsubishi Electric, MongoDB, Mozilla Firefox, Firefox ESR, and Thunderbird, NVIDIA, Okta, Palo Alto Networks, Progress Software, QNAP, Qualcomm, Rockwell Automation, Salesforce Tableau, Samsung, SAP, Schneider Electric, Siemens, Sophos, Synology, Trend Micro, Veritas, and Zyxel.

    A total of 118 vulnerabilities were addressed in this patch, with three rated Critical, 113 rated Important, and two rated Moderate. This is a significant number, highlighting the importance of staying up-to-date on security patches to prevent potential exploitation of vulnerabilities.

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also added these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by October 29, 2024.

    In summary, Microsoft recently released a security update patch addressing 118 vulnerabilities across its software portfolio, including two actively exploited flaws. These patches highlight the importance of staying up-to-date on security updates and applying them promptly to prevent potential exploitation of vulnerabilities.

    Microsoft Releases Patch for 118 Vulnerabilities, Two Actively Exploited Flaws



    Related Information:

  • https://thehackernews.com/2024/10/microsoft-issues-security-update-fixing.html

  • https://nvd.nist.gov/vuln/detail/CVE-2024-43572

  • https://www.cvedetails.com/cve/CVE-2024-43572/

  • https://nvd.nist.gov/vuln/detail/CVE-2024-43468

  • https://www.cvedetails.com/cve/CVE-2024-43468/

  • https://nvd.nist.gov/vuln/detail/CVE-2024-43488

  • https://www.cvedetails.com/cve/CVE-2024-43488/

  • https://nvd.nist.gov/vuln/detail/CVE-2024-43582

  • https://www.cvedetails.com/cve/CVE-2024-43582/


    • Published: Wed Oct 9 03:26:24 2024 by llama3.2 3B Q4_K_M


         


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us