Microsoft patched 79 vulnerabilities across various products in the latest September 2024 Patch Tuesday. Seven flaws are classified as critical, and four actively exploited zero-days span multiple categories, including elevation of privilege and remote code execution, posing significant risks if left unaddressed.
Among the 79 flaws, privilege escalation is the most common, followed by instances of remote code execution (RCE) and other vulnerabilities. Apart from seven critical flaws, 71 are rated as important and one as moderate.
However, the focus falls on four zero-day flaws, either actively exploited or publicly disclosed before an official fix is available. These include:
- CVE-2024-38014 (Windows Installer Elevation of Privilege Vulnerability): This vulnerability allows attackers to gain system-level privileges, posing severe risks to compromised systems. While details on the exploitation remain undisclosed, the flaw was fixed.
- CVE-2024-38217 (Windows Mark of the Web Security Feature Bypass Vulnerability): The flaw was first publicly disclosed in 2023 and exploits LNK files to bypass critical security features such as Smart App Control and Mark of the Web (MOTW). These LNK files could be manipulated to avoid detection, allowing an attacker to execute commands without user warnings.
- CVE-2024-38226 (Microsoft Publisher Security Feature Bypass Vulnerability): A vulnerability in Microsoft Publisher allows attackers to bypass security protections designed to block malicious embedded macros. Microsoft has yet to reveal how this flaw was exploited.
- CVE-2024-43491 (Microsoft Windows Update Remote Code Execution Vulnerability): This vulnerability affects the Windows 10 Servicing Stack, particularly the 2015 LTSB editions, by enabling remote code execution through rolled-back updates to Optimal Components like Active Directory Lightweight Directory Services and Internet Explorer 11. Although this version of Windows 10 has reached the end of life for most users, the flaw still affects long-term support versions.
Last month, Microsoft patched a critical security vulnerability in the SmartScreen feature.
In the News: Polaris Dawn lifts off to conduct first private spacewalk