Microsoft’s Patch Tuesday update for this month includes as many as 91 different fixes for security vulnerabilities in its products. Two actively exploited zero-day vulnerabilities have been patched, and Microsoft also disclosed three not yet exploited but important vulnerabilities.
According to the tech giant, Windows users should quickly install this month’s latest Patch Tuesday update. Although as many as 91 different fixes have been released, the company especially wants users to counter two very critical and now actively exploited zero-day vulnerabilities.
The first major actively abused vulnerability is CVE-2024-49039. This allows privilege escalation through a flaw in Windows Task Scheduler. Hackers can exploit this flaw after first gaining access to a system using a specifically created low-privilege AppContainer.
This allows them to perform unauthorized privileged RPC functions, such as creating new users or changing system settings to a higher privilege level than the attackers previously had.
The second actively exploited zero-day vulnerability that Microsoft aims to close with the recent update is CVE-2024-43451. This is a problem with the NTLM code. Through a spoofing flaw, attackers can obtain a victim’s NTLMv2 hash and thus impersonate the affected account.
Victims can trigger this vulnerability by opening or running a malicious file with minimal action. Consider a single mouse click, a right-click, or any action other than opening or running the file.
Three critical vulnerabilities
In addition, Microsoft has also reported a trio of vulnerabilities that are not currently exploited but deserve attention. Azure CycleCloud users should focus their attention on CVE-2024-43602. This vulnerability enables Remote Code Execution (RCE) via a rogue request to modify the configuration of an Azure CycleCloud cluster. The vulnerability can then be exploited to gain root privileges.
Another important vulnerability is CVE-2024-43498 in .NET and Visual Studio. Hackers can send malicious requests to a vulnerable .NET application or load a modified file into a vulnerable desktop app through this vulnerability.
The critical vulnerability CVE-2024-43639 for Windows Kerberos should also be watched. According to the tech giant, hackers can build and use a malicious application to exploit a “cryptographic protocol vulnerability” in the authentication protocol which, again, makes RCE possible.
Other tech companies
Microsoft is not the only tech company that has recently released security patches. Other tech companies that have recently patched security vulnerabilities in their products include Adobe, Citrix, Cisco, Dell, D-Link, Google, Ivanti, SAP, Schneider Electric, and Siemens.
Also read: Microsoft emphasizes policy after upgrade debacle Windows Server 2025