On April Patch Tuesday, Microsoft addressed 149 bugs, one of its largest security updates, spanning various products including Microsoft Office and SQL Server, with most vulnerabilities found in Windows and nine in Azure.
All about the vulnerability- Microsoft Patch
CVE-2024-26234 – Proxy Driver Spoofing Vulnerability
CVE-2024-26234, a proxy driver spoofing vulnerability with a CVSS rating of 6.7, demands high privileges for an attacker to exploit and spoof the proxy driver.
Microsoft swiftly addressed this zero-day vulnerability affecting Windows desktop and server operating systems, which had been publicly disclosed. Administrators are urged to promptly install the Windows cumulative update on their systems to thwart potential security breaches, as the vulnerability is actively exploited in the wild.
CVE-2024-21322 – Microsoft Defender For IoT Remote Code Execution Vulnerability
This vulnerability, rated with a CVSS base score of 7.2, falls under the critical category for Improper Neutralization of Special Elements used in a Command (‘Command Injection’). Microsoft emphasized that successful exploitation necessitates the attacker to possess administrator privileges within the web application. As a best practice, they recommended conducting regular validation and audits of administrative groups.
CVE-2024-21323 – Microsoft Defender For IoT Remote Code Execution Vulnerability
Microsoft Defender for IoT Remote Code Execution Vulnerability, with a base CVSS score of 8.8, poses a significant threat.
For successful exploitation, the attacker must deliver a malicious update package over the network to the Defender IoT sensor.
The attacker needs to authenticate and obtain authorization for the update procedure.
According to Microsoft, exploiting this path traversal vulnerability involves sending a tar file to the Defender IoT sensor. After extraction, the attacker can send unsigned update packages and overwrite any file they choose.
CVE-2024-29053 – Microsoft Defender For IoT Remote Code Execution Vulnerability
The critical Microsoft Defender for IoT Remote Code Execution Vulnerability, rated 8.8 on the CVSS scale, can be exploited by any authorized user without advanced privileges.
Azure Vulnerabilities Addressed
- CVE-2024-29993 – Azure
- CVE-2024-29063 – Azure AI Search
- CVE-2024-28917- Azure Arc
- CVE-2024-21424 – Azure Compute Gallery
- CVE-2024-26193 – Azure Migrate
- CVE-2024-29989 – Azure Monitor
- CVE-2024-20685- Azure Private 5G Core
- CVE-2024-29990 – Microsoft Azure Kubernetes Service
Additionally, 41 SQL Server fixes were released, addressing issues related to remote code execution. Microsoft also republished six CVEs. Users are advised to upgrade affected products to prevent exploitation by threat actors.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment