14 August 2024

Microsoft fixes over 80 security bugs, 6 actively exploited in the wild


Microsoft fixes over 80 security bugs, 6 actively exploited in the wild

Microsoft has released its August 2024 Patch Tuesday security updates that fix more than 80 vulnerabilities in the vendor’s software, including six zero-day flaws that are being actively exploited by malicious actors.

All six zero-days are listed below:

  • CVE-2024-38189 - Microsoft Project Remote Code Execution Vulnerability. The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can trick the victim into opening a specially crafted file and execute arbitrary code on the system.

  • CVE-2024-38178 - Microsoft Windows Scripting Engine Memory Corruption Vulnerability. The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can trick the victim into opening a specially crafted file and execute arbitrary code on the system.

  • CVE-2024-38213 - Microsoft Windows SmartScreen Security Feature Bypass Vulnerability. The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass Windows Mark of the Web security feature. According to security researchers, the flaw has been exploited by threat actors behind the DarkGate operation since March 2024.

  • CVE-2024-38193 - Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability. The issue stems from a use-after-free error within the ancillary function driver for WinSock. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

  • CVE-2024-38106 - Microsoft Windows Kernel Privilege Escalation Vulnerability. The vulnerability exists due to a race condition within the Windows kernel. A local user can exploit the race and execute arbitrary code with SYSTEM privileges.

  • CVE-2024-38107 - Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability. The vulnerability exists due to a use-after-free error within Windows Power Dependency Coordinator. A local user can trigger a use-after-free error and execute arbitrary code with SYSTEM privileges.

The US CISA has already added the above-mentioned flaws to its KEV (Rnjwn Exploited Vulnerabilities) catalog.

In addition to zero-days, Microsoft released the fixes for a slew of the publicly disclosed vulnerabilities: CVE-2024-38199 (remote code execution in Microsoft Windows Line Printer Daemon (LPD) Service), CVE-2024-21302 (privilege escalation in Microsoft Windows Secure kernel mode), CVE-2024-38200 (information disclosure in Microsoft Office), CVE-2024-38202 (privilege escalation in Microsoft Windows Update stack).

This month’s Patch Tuesday release also addresses a number of high-risk vulnerabilities in various software products, including Microsoft Windows App Installer, Microsoft Office Visio, Microsoft RMCAST, Microsoft Windows SmartScreen, Excel, PowerPoint, Windows IP Routing Management Snapin, Windows OLE, Windows Kerberos, and Windows RRAS.


Back to the list

Latest Posts

What is Vulnerability Management? A Beginner's Guide

What is Vulnerability Management? A Beginner's Guide

In this article will try to cover basics of vulnerability management process and why it is important to every company.
11 September 2024
Cyber Security Week in Review: September 6, 2024

Cyber Security Week in Review: September 6, 2024

In brief: the US charges Russian GRU hackers for attacks on Ukraine, Apache, Cisco, Zyxel patch high-risk flaws, Google fixes Android zero-day, and more.
6 September 2024
Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Some of the documents appeared to be part of legitimate Red Team exercises, while other were intended for malicious purposes.
5 September 2024