Microsoft Releases August 2024 Patches
Microsoft has released software updates as part of its August 2024 Patch Tuesday. The updates fix 89 security vulnerabilities in total, including 10 zero-day vulnerabilities, 6 of which are being actively exploited.
The breakdown of the vulnerabilities are as follows:
36 privilege escalation
4 security feature bypass
28 remote code execution
8 information disclosure
6 denial of service
7 spoofing
The 6 actively exploited zero-day vulnerabilities are as follows:
CVE-2024-38178 - vulnerability in Scripting Engine that allows an attacker to remotely execute code
CVE-2024-38193 - vulnerability in Windows Ancillary Function Driver for WinSock that leads to escalation of privilege
CVE-2024-38213 - vulnerability in Windows Mark of the Web that allows an attacker to create files that can bypass the feature
CVE-2024-38106 - vulnerability in Windows Kernel that leads to elevation of privilege
CVE-2024-38107 - vulnerability in Windows Power Dependency Coordinator that leads to elevation of privilege vulnerability
CVE-2024-38189 - vulnerability in Microsoft Project that can lead to remote code execution
Why You Should Care?
Zero-day vulnerabilities are vulnerabilities where a flaw has been identified but there is no fix for the flaw, which means attackers will try to exploit as many targets as possible before users fix the vulnerability. This makes it extra dangerous, and needs to be addressed as soon as possible.
In this case, 6 of the zero-days are already being exploited, which means it is only a matter of time before the attackers compromise your business.
What Should You Do?
Test the patches ASAP at your organization, and make sure it does not break any business applications
Prioritize patching against the 6 actively exploited zero-days
Next priority are the other zero-days
Roll out the rest of the Patch Tuesday updates
References
https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2024-patch-tuesday-fixes-9-zero-days-6-exploited/