Microsoft addressed 90 Common Vulnerabilities and Exposures (CVE’s) this month, 10 which were marked as zero-day vulnerabilities. The most critical Common Vulnerabilities and Exposures (CVE’s) are noted below:
Windows Zero-Days:
- CVE-2024-38178 – Scripting Engine Memory Corruption Vulnerability
- Actively being exploited in the wild.
- CVE-2024-38193 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
- Actively being exploited in the wild.
- CVE-2024-38213 – Windows Mark of the Web Security Feature Bypass Vulnerability
- Actively being exploited in the wild.
- CVE-2024-38106 – Windows Kernel Elevation of Privilege Vulnerability
- Actively being exploited in the wild.
- CVE-2024-38107 – Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
- Actively being exploited in the wild.
- CVE-2024-38189 – Microsoft Project Remote Code Execution Vulnerability
- Actively being exploited in the wild.
- CVE-2024-38199 – Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
- Publicly disclosed vulnerability with 0 reports of being exploited in the wild.
- CVE-2024-21302 – Windows Secure Kernel Mode Elevation of Privilege Vulnerability
- Publicly disclosed vulnerability with 0 reports of being exploited in the wild.
- CVE-2024-38200 – Microsoft Office Spoofing Vulnerability
- Publicly disclosed vulnerability with 0 reports of being exploited in the wild.
- CVE-2024-38202 – Windows Update Stack Elevation of Privilege Vulnerability
- Publicly disclosed vulnerability with 0 reports of being exploited in the wild.
Other Critical CVE’s worth mentioning:
- CVE-2024-38109 – Azure Health Bot Elevation of Privilege Vulnerability
- CVE-2024-38206 – Microsoft Copilot Studio Information Disclosure Vulnerability
- CVE-2024-38166 – Microsoft Dynamics 365 Cross-site Scripting Vulnerability
- CVE-2022-3775 – Redhat – Heap based OOB write when rendering certain Unicode sequences
- CVE-2023-40547 – Redhat – RCE in HTTP boot support may lead to secure boot bypass
- CVE-2024-38159/38160 – Windows Network Virtualization Remote Code Execution Vulnerability
- CVE-2024-38140 – Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
- CVE-2024-38063 – Windows TCP/IP Remote Code Execution Vulnerability
3rd Party Critical CVE’s:
Adobe Products:
- Adobe released 3 patches covering 7 CVE’s for Adobe Bridge, InDesign, and Premiere Pro.
Adobe Products:
- Adobe released 11 patches covering 71 CVE’s for Adobe Acrobat and Reader, Bridge, Commerce, Dimension, Illustrator, InCopy, InDesign, Photoshop, Substance 3D Designer, Substance 3D Sampler and Substance 3D Stager.
Cisco:
Firefox:
About FortressSRM Cyber Hygiene Offering:
Software vulnerabilities are one of the top cyber-attack vectors and one in three breaches are the result of vulnerabilities that were known about and should have been already patched1.
Keeping operating systems and application software patched and secure is time consuming and tedious – an internal IT resource nightmare. Fortress SRM’s Guardian Managed Patching with Monitoring Service delivers automated, high-efficacy (97%+) updates to Microsoft and over 80 third-party software, ensuring efficient patch deployment to every device, whether on or off network. This includes the deployment of critical updates, security updates, feature updates, operating system upgrades, key Windows security setting and configurations.
The Fortress SRM real-time reporting console includes current patch levels of devices and gives the Client total visibility into what patch related activities have been performed, while real-time patch monitoring provides deep insight into approved, unapproved, pending, and failed patching efforts.
Ready to start the Cyber Hygiene journey? Contact us at: Contact Us | Fortress Security Risk Management (fortresssrm.com)