Alert! Microsoft Fixes 60 Vulnerabilities With 2 Actively Exploited Zero-Days

In Cybersecurity News - Original News Source is by Blog Writer

Post Sharing

In its May 2024 Patch Tuesday release, Microsoft addressed 60 vulnerabilities, including 2 zero-day vulnerabilities actively exploited in the wild.

The updates cover a range of vulnerability categories.

  • 27 Remote Code Execution Vulnerabilities
  • 17 Elevation of Privilege Vulnerabilities
  • 7 Information Disclosure Vulnerabilities
  • 4 Spoofing Vulnerabilities.
  • 3 Denial of Service Vulnerabilities
  • 2 Security Feature Bypass Vulnerabilities

Zero-Day Vulnerabilities Addressed

Microsoft has patched two actively exploited zero-day vulnerabilities in this update:

CVE-2024-30040 – Windows MSHTML Platform Security Feature Bypass Vulnerability

This flaw could enable attackers to bypass OLE mitigations in Microsoft 365 and Microsoft Office.

An attacker must get the user to load a malicious file onto a weak system by offering something tempting in an email or instant message. Then, they would have to get the user to change the specially made file but not necessarily open or click on the malicious file.

Successful exploitation requires convincing a user to open a malicious document, potentially leading to arbitrary code execution.

CVE-2024-30051 – Windows DWM Core Library Elevation of Privilege Vulnerability

This vulnerability could grant an attacker SYSTEM privileges on Windows devices. Recent Qakbot malware phishing attacks have exploited this flaw to gain elevated privileges.

Vlad Stolyarov and Benoit Sevens of Google Threat Analysis Group, Bryce Abdo, and Adam Brunner of Google Mandiant reported the vulnerability.

Study malware before it attacks: Join 400,000 professionals using the ANY.RUN malware sandbox. Sign up for free

List of 60 Vulnerabilities & Fixes:

Windows Task Scheduler CVE-2024-26238
Microsoft Windows SCSI Class System File CVE-2024-29994
Windows Common Log File System Driver CVE-2024-29996
Windows Mobile Broadband CVE-2024-29997
Windows Mobile Broadband CVE-2024-29998
Windows Mobile Broadband CVE-2024-29999
Windows Mobile Broadband CVE-2024-30000
Windows Mobile Broadband CVE-2024-30001
Windows Mobile Broadband CVE-2024-30002
Windows Mobile Broadband CVE-2024-30003
Windows Mobile Broadband CVE-2024-30004
Windows Mobile Broadband CVE-2024-30005
Microsoft WDAC OLE DB provider for SQL CVE-2024-30006
Microsoft Brokering File System CVE-2024-30007
Windows DWM Core Library CVE-2024-30008
Windows Routing and Remote Access Service (RRAS) CVE-2024-30009
Windows Hyper-V CVE-2024-30010
Windows Hyper-V CVE-2024-30011
Windows Mobile Broadband CVE-2024-30012
Windows Routing and Remote Access Service (RRAS) CVE-2024-30014
Windows Routing and Remote Access Service (RRAS) CVE-2024-30015
Windows Cryptographic Services CVE-2024-30016
Windows Hyper-V CVE-2024-30017
Windows Kernel CVE-2024-30018
Windows DHCP Server CVE-2024-30019
Windows Cryptographic Services CVE-2024-30020
Windows Mobile Broadband CVE-2024-30021
Windows Routing and Remote Access Service (RRAS) CVE-2024-30022
Windows Routing and Remote Access Service (RRAS) CVE-2024-30023
Windows Routing and Remote Access Service (RRAS) CVE-2024-30024
Windows Common Log File System Driver CVE-2024-30025
Windows NTFS CVE-2024-30027
Windows Win32K – ICOMP CVE-2024-30028
Windows Routing and Remote Access Service (RRAS) CVE-2024-30029
Windows Win32K – GRFX CVE-2024-30030
Windows CNG Key Isolation Service CVE-2024-30031
Windows DWM Core Library CVE-2024-30032
Microsoft Windows Search Component CVE-2024-30033
Windows Cloud Files Mini Filter Driver CVE-2024-30034
Windows DWM Core Library CVE-2024-30035
Windows Deployment Services CVE-2024-30036
Windows Common Log File System Driver CVE-2024-30037
Windows Win32K – ICOMP CVE-2024-30038
Windows Remote Access Connection Manager CVE-2024-30039
Windows MSHTML Platform CVE-2024-30040
Microsoft Bing CVE-2024-30041
Microsoft Office Excel CVE-2024-30042
Microsoft Office SharePoint CVE-2024-30043
Microsoft Office SharePoint CVE-2024-30044
.NET and Visual Studio CVE-2024-30045
Visual Studio CVE-2024-30046
Microsoft Dynamics 365 Customer Insights CVE-2024-30047
Microsoft Dynamics 365 Customer Insights CVE-2024-30048
Windows Win32K – ICOMP CVE-2024-30049
Windows Mark of the Web (MOTW) CVE-2024-30050
Windows DWM Core Library CVE-2024-30051
Azure Migrate CVE-2024-30053
Power BI CVE-2024-30054
Microsoft Edge (Chromium-based) CVE-2024-30055
Microsoft Intune CVE-2024-30059

Along with Microsoft, Adobe released security updates addressing the following vulnerabilities:

Users of the affected Microsoft products mentioned in the security advisory are advised to upgrade to the latest software releases to prevent the vulnerabilities from being exploited. 

Before installing system updates, it’s highly recommended that you consider the importance of creating a backup for your system or essential documents and data. This precautionary measure is always recommended to prevent data loss.

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free