Microsoft’s July security update addresses 142 vulnerabilities, including one already being exploited. This update is part of Microsoft’s regular “Patch Tuesday” release.
MICROSOFT FIXES 3 CRITICAL FLAWS IN PATCH TUESDAY
In the latest Patch Tuesday on July 10, 2024, Microsoft addressed 142 security issues across its product suite. Among them are six critical vulnerabilities: CVE-2024-38023, CVE-2024-38060, CVE-2024-38080, and three RCE bugs (CVE-2024-38074, CVE-2024-38076, CVE-2024-38077) with a CVSS score of 9.8.
These RCE vulnerabilities allow attackers to send specially crafted network packets to execute remote code in the Windows Remote Desktop Licensing service, with one not requiring authentication, making it especially dangerous.
Despite all RCE flaws being rated CVSS 9.8, some require authenticated access or specific privileges. For example, CVE-2024-38023 in Microsoft SharePoint Server needs site owner rights to execute arbitrary code. A significant vulnerability in Windows Hyper-V allows attackers to gain system privileges. Let’s explore these in detail.
CVE-2024-38023 allows attackers with site owner rights in SharePoint Server to execute arbitrary code. With necessary privileges, attackers can use crafted commands to execute code within SharePoint, potentially leading to full server control and data leaks.
Another remote code execution vulnerability, CVE-2024-38060, involves a flaw in the Microsoft Windows codec library. This allows an attacker to upload a specially crafted TIFF file, triggering arbitrary code execution when processed by the system. However, this requires the attacker to have system access, making it less dangerous than fully remote exploits but still a significant risk.
The third vulnerability, CVE-2024-38080, is actively exploited in real-world attacks. It allows attackers to escalate privileges in Windows Hyper-V, gaining system-level access. This poses a serious threat to the security and integrity of virtualized environments.
HOW TO STAY SAFE?
Vulnerabilities are an inherent part of software. The most effective method to mitigate their risks is timely patching. Microsoft strongly recommends promptly installing the latest updates to address these vulnerabilities. Despite Microsoft’s efforts, some flaws may persist for over a year.
Another layer of protection is a zero-trust anti-malware solution. While not widely available for home users, vulnerability exploitation often targets corporate systems. Implementing a zero-trust policy, which thoroughly checks every action from any software, provides robust defense against such attacks.
Leave A Comment