Microsoft has released its Patch Tuesday update for September 2024, addressing 79 security vulnerabilities. Notably, three of these flaws are actively being exploited, posing significant risks to Windows users.
Key Takeaways
Total Vulnerabilities Addressed: 79
Critical Vulnerabilities: 7
Important Vulnerabilities: 71
Moderate Vulnerabilities: 1
Actively Exploited Flaws: 3
Actively Exploited Vulnerabilities
Microsoft disclosed that three security flaws are currently under active exploitation:
CVE-2024-38014: Windows Installer Elevation of Privilege Vulnerability (CVSS score: 7.8)
CVE-2024-38217: Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability (CVSS score: 5.4)
CVE-2024-38226: Microsoft Publisher Security Feature Bypass Vulnerability (CVSS score: 7.3)
Additional Vulnerabilities
In addition to the actively exploited flaws, Microsoft also addressed a critical vulnerability:
CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (CVSS score: 9.8)
Expert Insights
Satnam Narang, a senior staff research engineer at Tenable, highlighted the risks associated with CVE-2024-38226 and CVE-2024-38217. Exploitation of these vulnerabilities can bypass important security features that block Microsoft Office macros from running. However, exploiting CVE-2024-38226 requires the attacker to be authenticated and have local access to the system.
Historical Context
CVE-2024-38217, also known as LNK Stomping, has been exploited in the wild since February 2018. CVE-2024-43491 is similar to a downgrade attack detailed by SafeBreach last month.
Mitigation Steps
Microsoft recommends installing the September 2024 Servicing Stack Update (SSU KB5043936) and the September 2024 Windows Security Update (KB5043083) to mitigate these vulnerabilities.
Broader Impact
Other vendors have also released security updates to address various vulnerabilities. These vendors include:
Adobe
Arm
Bosch
Broadcom (including VMware)
Cisco
Citrix
CODESYS
D-Link
Dell
Drupal
F5
Fortinet
Fortra
GitLab
Google (Android, Pixel, Chrome, Cloud, Wear OS)
Hitachi Energy
HP
HP Enterprise (including Aruba Networks)
IBM
Intel
Ivanti
Lenovo
Linux distributions (Amazon Linux, Debian, Oracle Linux, Red Hat, Rocky Linux, SUSE, Ubuntu)
MediaTek
Mitsubishi Electric
MongoDB
Mozilla (Firefox, Firefox ESR, Focus, Thunderbird)
NVIDIA
ownCloud
Palo Alto Networks
Progress Software
QNAP
Qualcomm
Rockwell Automation
Samsung
SAP
Schneider Electric
Siemens
SolarWinds
SonicWall
Spring Framework
Synology
Veeam
Zimbra
Zoho (ManageEngine ServiceDesk Plus, SupportCenter Plus, ServiceDesk Plus MSP)
Zoom
Zyxel
Microsoft's latest Patch Tuesday update underscores the importance of timely software updates to mitigate security risks. Users are strongly advised to apply these patches to protect their systems from potential exploits.
Cyber threats are becoming more sophisticated every day, making strong cybersecurity essential for protecting your business. BetterWorld Technology offers comprehensive solutions designed to safeguard your data, systems, and cloud environments from potential breaches. Our cybersecurity experts provide proactive protection and fast response times to minimize risks and ensure business continuity. Book a consultation with us now and let BetterWorld Technology fortify your defenses and secure your business from evolving cyber threats.
Sources
Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws, The Hacker News.