Man
Professional
- Messages
- 3,006
- Reaction score
- 531
- Points
- 113
Two bugs were seen in real attacks, which attracted the attention of CISA.
Microsoft has released a security update as part of the Patch Tuesday initiative, fixing 118 vulnerabilities, two of which are already being actively exploited by attackers. Three of the vulnerabilities identified are critical, 113 are classified as important, and two are classified as moderate. This update does not include another 25 vulnerabilities that the company has separately patched in the Chromium-based Edge browser over the past month.
Five of the vulnerabilities were known at the time of the update's release, and two had already been exploited in real-world attacks. One of them is CVE-2024-43572 with a CVSS score of 7.8, related to remote code execution through the Microsoft Management Console. The second is CVE-2024-43573 with a score of 6.5, which affects the MSHTML platform and allows spoofing.
Both vulnerabilities are already listed in the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Catalog of Known Exploitable Vulnerabilities (KEVs), and federal agencies are tasked with fixing them by October 29, 2024.
Notably, the CVE-2024-43573 vulnerability resembles others related to the MSHTML platform previously used to distribute the Atlantida Stealer malware. Despite this, Microsoft has not yet revealed who exactly is behind the exploitation of these vulnerabilities and how wide their scope is.
The most dangerous of the vulnerabilities identified is CVE-2024-43468 with a score of 9.8, related to remote code execution in Microsoft Configuration Manager. This vulnerability allows attackers to execute arbitrary commands by sending specially crafted requests to the server.
Other critical vulnerabilities include CVE-2024-43488 (code execution via the Visual Studio Code extension for Arduino) and CVE-2024-43582 (remote desktop vulnerability), both of which can be used for remote code execution. Experts note that the exploitation of CVE-2024-43582 requires sophisticated attacks, which may somewhat reduce the risk of its use in real conditions.
Regular security updates, such as Microsoft's Patch Tuesday, highlight the dynamic nature of cybersecurity. They demonstrate a constant race between developers and attackers. Every Patch Tuesday is not just a routine event, but a critical moment for Windows users around the world. It's a reminder that vigilance and up-to-date systems are becoming key factors for reliable protection in our time.
Source
Microsoft has released a security update as part of the Patch Tuesday initiative, fixing 118 vulnerabilities, two of which are already being actively exploited by attackers. Three of the vulnerabilities identified are critical, 113 are classified as important, and two are classified as moderate. This update does not include another 25 vulnerabilities that the company has separately patched in the Chromium-based Edge browser over the past month.
Five of the vulnerabilities were known at the time of the update's release, and two had already been exploited in real-world attacks. One of them is CVE-2024-43572 with a CVSS score of 7.8, related to remote code execution through the Microsoft Management Console. The second is CVE-2024-43573 with a score of 6.5, which affects the MSHTML platform and allows spoofing.
Both vulnerabilities are already listed in the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Catalog of Known Exploitable Vulnerabilities (KEVs), and federal agencies are tasked with fixing them by October 29, 2024.
Notably, the CVE-2024-43573 vulnerability resembles others related to the MSHTML platform previously used to distribute the Atlantida Stealer malware. Despite this, Microsoft has not yet revealed who exactly is behind the exploitation of these vulnerabilities and how wide their scope is.
The most dangerous of the vulnerabilities identified is CVE-2024-43468 with a score of 9.8, related to remote code execution in Microsoft Configuration Manager. This vulnerability allows attackers to execute arbitrary commands by sending specially crafted requests to the server.
Other critical vulnerabilities include CVE-2024-43488 (code execution via the Visual Studio Code extension for Arduino) and CVE-2024-43582 (remote desktop vulnerability), both of which can be used for remote code execution. Experts note that the exploitation of CVE-2024-43582 requires sophisticated attacks, which may somewhat reduce the risk of its use in real conditions.
Regular security updates, such as Microsoft's Patch Tuesday, highlight the dynamic nature of cybersecurity. They demonstrate a constant race between developers and attackers. Every Patch Tuesday is not just a routine event, but a critical moment for Windows users around the world. It's a reminder that vigilance and up-to-date systems are becoming key factors for reliable protection in our time.
Source
