Microsoft Update released today fixing over 60 security vulnerabilities Windows Computers and supported software, including two “zero-day” vulnerabilities in Windows that have been exploited in active attacks.There are also important security patches available for Apple system and adobe user and for Chrome alloy Web browsers just patched their own zero-day vulnerability.
The first is the zero-day vulnerability. CVE-2024-30051 is an “elevation of privilege” bug in the core Windows libraries. sananarang exist tenable Indicates that this flaw was used as part of a post-compromise campaign to escalate the privileges of a local attacker.
“CVE-2024-30051 is used to gain initial access to a target environment, requiring the use of social engineering tactics via email, social media or instant messaging to convince the target to open a specially crafted document file,” Narang said. “Once exploited, attackers can bypass OLE mitigations in Microsoft 365 and Microsoft Office, security features designed to protect end users from malicious files.”
Kaspersky Labwas one of two companies to report the CVE-2024-30051 vulnerability to Microsoft, and the company published an excellent article describing how they discovered the vulnerability in a file shared with Virustotal.com.
Kaspersky said it has since discovered the vulnerability was used with QakBot and other malware. QakBot (aka: QakBot) emerged in 2007 as a banking Trojan Q robot and Pink sliding robot) has evolved into an advanced malware strain that is now used by multiple cybercriminal groups to prepare newly infected networks for ransomware infections.
CVE-2024-30040 is a security feature bypass mshtml.dll, a component closely related to the default web browser on Windows systems.Microsoft’s advisory regarding this flaw is rather sparse, but Kevin Brin from Immersive Lab It is said that this vulnerability also affects Office 365 and Microsoft Office software app.
Breen said of Microsoft’s advisory about CVE-2024-30040: “There was very little information provided, and the brief description was extremely obscure.”
The only vulnerability fixed this month to receive Microsoft’s most severe “critical” rating is CVE-2024-30044. share point Microsoft said it could be exploited. Tenable’s Narang noted that exploiting the vulnerability would require an attacker to first authenticate to a vulnerable SharePoint Server with site owner permissions (or higher) and take additional steps to exploit the vulnerability, making it unknown. Likely to be widely exploited because most attackers will choose the path of least resistance.
Five days ago, Google released a security update for Chrome that fixed a zero-day vulnerability in the popular browser. Chrome will usually automatically download any available updates, but it may still require a full browser restart to install them. If you’re using Chrome and see the “Restart to update” message in the upper right corner of the browser, you need to restart.
Apple just released the macOS Sonoma 14.5 update, which includes nearly two dozen security patches. To make sure your Mac is up to date, go to System Settings, General tab, then Software Update and follow any instructions.
Finally, Adobe has provided critical security patches to a range of products, including iKan Reader, illustrator, Adobe Substance 3D Painter, Adobe Aviation, Adobe animation and Adobe Frame Maker.
Whether you have a Mac or Windows system (or other systems), it’s always a good idea to back up your data and/or system before applying any security updates. To learn more about each of the fixes Microsoft released today, check out the SANS Internet Storm Center’s complete list. Anyone responsible for maintaining Windows systems in a corporate environment should keep an eye on Askwoody.com, which typically reports exclusively on any unstable Windows patches.
Update May 15, 8:28 AM: Corrected incorrect attribution of CVE-2024-30051.
