At launch, the company released updates that remedied no fewer than 79 security vulnerabilities within its operational methodologies and connected software applications, including several flaws that were already being exploited in live attacks. Microsoft has addressed a critical bug that left many PCs vulnerable to actively exploited flaws for several months, leaving users at risk.
Microsoft’s most pressing security concern, revealed today, bears the catchy name of, which stems from a vulnerability causing the reversal of patches for certain optional components on Windows 10 systems manufactured in 2015, affecting non-essential features. The following Windows 10 features install monthly security updates released in March 2024 and other updates available until August 2024?
A senior analysis engineer at Microsoft stated that whereas the phrase “exploitation detected” in a Microsoft advisory typically implies the flaw is being exploited by cybercriminals, it appears labelled this way with CVE-2024-43491 because the rollback of fixes reintroduced vulnerabilities that were previously known to be exploited.
“To capitalize on this scenario, customers are seeking to apply the September 2024 Servicing Stack Update and the September 2024 Windows Security Updates,” Narang said.
According to John Smith, senior director of menace analysis at Acme Inc., the root cause of CVE-2024-43491 is attributed to an issue on specific versions of Windows 10, where the build model numbers, verifiable through the update service, were not properly handled in the code.
According to Breen, they claim that the construct model numbers intersected with a range that activated a code anomaly. “The vulnerability arises from certain Windows 10 configurations that include optional features, which were inadvertently left in an exposed state.”
A zero-day vulnerability has been identified in the latest version of Windows, specifically targeting a previously unknown weakness in the Microsoft Visual Studio code editor, which is bundled with certain editions of the operating system. A vulnerability allows attackers to circumvent Microsoft’s “Mark of the Web,” a Windows security feature that flags files downloaded from the internet as potentially unsafe.
Zero-Day vulnerability affects Microsoft Workplace, specifically bypassing Mark of the Internet security controls in this version (#2). Each zero-day flaw relies on the goal of opening a maliciously crafted Workplace file.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a notification regarding the public disclosure of CVE-2024-38217, along with the availability of exploit code on GitHub, making it crucial for affected systems to be promptly updated or patched.
According to reports, a critical “elevation of privilege” vulnerability within Windows Installer is currently being exploited in accordance with Microsoft’s guidelines.
Microsoft’s Patch Tuesday shielded by June was dubbed “Silenced” due to the unprecedented backlash from privacy and security experts over its latest innovation – a feature in Copilot+ PCs that captures continuous screenshots of users’ activities, sparking widespread criticism.
Initially, Microsoft countered by proposing that Recall would no longer be enabled by default. Last week, the software giant clarified that the ability to disable Recall was a bug or feature in the preview model of Copilot+, which won’t be available to Windows clients moving forward. New versions of Windows come packaged with Recall intricately integrated into the operating system.
Microsoft’s sudden interest in the recall feature is intriguing, considering it already accumulates vast amounts of user data with remarkable consistency, raising questions about the company’s priorities and potential motivations. As viewed from one’s vantage point, Recall, an attribute seemingly unwanted by most users, inadvertently transforms Windows into a surveillance tool of sorts.
Initially responding to criticisms surrounding Recall, Microsoft’s Redmond clarified that snapshots created by this feature never leave a user’s system, and even in the unlikely event of an attacker successfully hacking a Copilot+ PC, they would be unable to extract or exfiltrate Recall data stored locally.
Despite this declaration, it’s possible for anyone with access to the system to export Recall data, which is stored locally in an SQLite database, even if they’re not a Microsoft menace analyst or administrator.
As expected on Microsoft Patch Tuesday, Adobe must patch security vulnerabilities across its portfolio of products, including Acrobat, ColdFusion, Flash Player, Illustrator, InCopy, InDesign, Lightroom, and Photoshop. According to Adobe, no publicly known exploits have been identified for the vulnerabilities resolved in their recent patches.
Are you looking for an in-depth analysis of the latest security patches released by Microsoft, including information on the vulnerabilities addressed and potential implications for your organization’s IT infrastructure? What threats do the SANS Web Storm Middle’s pose to your organization? IT professionals responsible for managing multiple techniques within a corporate environment would be well advised to scrutinize Windows updates, as these can often introduce quirks that affect specific users.
When experiencing any issues related to this month’s patch update, please consider sharing your feedback and notes here.
