At present, Microsoft has released updates to address more than 60 security holes in computer systems and supported software, including two “zero-day” vulnerabilities in Windows that are already being actively exploited in attacks. Customers and users of the internet browser should also consider applying recently released safety patches to mitigate potential vulnerabilities.
First, the zero-days. A critical elevation of privilege vulnerability exists within a core Windows library. The stated flaw is being leveraged as a component in the post-exploitation phase to elevate privileges and establish a foothold for an adversarial actor within the targeted system.
“CVE-2024-30051 enables initial foothold in a target environment and necessitates the application of social engineering tactics via email, social media, or instant messaging to convince a target user to open a specially designed document file,” said Narang. “As the vulnerability is exploited, attackers can circumvent the OLE mitigations built into Microsoft 365 and Microsoft Workplace, which were implemented to safeguard end-users against malicious file types?”
One of the two firms, jointly recognized by Microsoft for discovering the CVE-2024-30051 vulnerability, has disclosed its discovery process. They found the exploit within a file shared on Virustotal.com.
Kaspersky has observed the exploit being leveraged in conjunction with various other forms of malware. Emerging in 2007 as a banking Trojan, QakBot – also known as Qbot and Zeus – has evolved into a highly advanced malware operation, now wielded by multiple cybercriminal groups to orchestrate freshly compromised networks for devastating ransomware attacks.
Is a safety feature designed into the default internet browser of Windows programs, deeply integrated with the operating system. Although Microsoft’s advisory on this flaw is brief, the company does note that it also affects certain and applications, in addition to stated platforms.
Microsoft’s advisory on CVE-2024-30040 is criticized by Breen for providing “little or no data” and featuring a “painfully obtuse” brief description.
Microsoft has designated as the most critical of the recent vulnerabilities, labeling it as “essential” due to its potential for exploitation. A flaw in this has been identified, according to the company. Tenable’s Narang observes that exploiting this vulnerability necessitates an attacker being authenticated to a vulnerable SharePoint Server with Website Proprietor permissions (or higher) first, and subsequently taking deliberate steps to exploit the flaw, thereby significantly diminishing its likelihood of widespread exploitation due to attackers typically following the path of least resistance.
Five days ago, Google rolled out an emergency patch to fix a zero-day vulnerability in its popular Chrome browser. Chrome typically auto-installs available updates, but a full browser restart is still required to complete the installation. If you’re using Chrome and notice a “Relaunch to replace” notification in the top right corner of your browser window, it’s likely time to restart your browser or consider updating to the latest version.
Apple has quietly released an update that bundles nearly two dozen security patches. To ensure your Mac remains current, navigate to System Preferences, click the Apple menu, select Software Update, and follow any on-screen instructions.
Lastly, Adobe offers a range of merchandise, including apparel, accessories, bags, home goods, and tech products.
Regardless of the operating system – be it Mac, Windows, or something else – it is always advisable to back up your data or system before applying any security updates. Here is the rewritten text:
To gain a deeper understanding of the current fixes released by Microsoft, review the comprehensive list available on their website. In an enterprise setting, anyone responsible for managing Windows applications should stay abreast of updates and patch notifications through the Microsoft Security Bulletin, which provides critical information on any issues or anomalies with Windows patches.
On February 15 at 8:28 a.m., the corrected misattribution of CVE-2024-30051 was issued.
