• Cyber Syrup
  • Posts
  • Microsoft Patches Released Including 2 Zero Day Vulnerabilities

Microsoft Patches Released Including 2 Zero Day Vulnerabilities

Microsoft recently released a significant batch of security updates, which address around 60 vulnerabilities across a range of software products

In partnership with

CYBER SYRUP
Delivering the sweetest insights on cybersecurity.

MaxAI.me - Outsmart Most People with 1-Click AI

Discover MaxAI.me, one of the top 50 GenAI apps of 2024!

Best features:

  • Chat with the latest AI like GPT-4, Claude 3, and Gemini 1.5, all in one place.

  • Perfect your writing anywhere with 1-click AI without copy-pasting.

  • Save 90% of your reading & watching time with AI summaries.

  • Reply 10x faster with AI on email, social media, and messaging web apps.

  • Rapidly turn your visions into stunning images with AI art generators.

Microsoft Patches Released Including 2 Zero Day Vulnerabilities

Microsoft recently released a significant batch of security updates, which address around 60 vulnerabilities across a range of software products. Among these updates, urgent attention was drawn to an actively exploited zero-day vulnerability, underscoring the critical importance of maintaining up-to-date system security.

Details of the Zero-Day Exploit

The zero-day vulnerability, identified as CVE-2024-30051, is a heap-based buffer overflow found in the Windows Desktop Window Manager (DWM) Core Library. This particular flaw has already been exploited in malware attacks and requires elevated SYSTEM privileges to be executed. The vulnerability is serious, with a Common Vulnerability Scoring System (CVSS) severity score of 7.8 out of 10 and has been rated as "important" by Microsoft.

Security researchers from Kaspersky, DBAPPSecurity, and Google’s Threat Analysis Group were credited with the discovery and reporting of this vulnerability. The fact that these reputable security teams reported it suggests the exploit may have been used in more than just targeted attacks, indicating a broader risk to users and systems that remain unpatched.

The Dangers of Not Updating Your System

Failing to update your system can leave it vulnerable to such exploits, which can lead to unauthorized access, data breaches, and potential system control by malicious actors. Zero-day vulnerabilities are particularly dangerous because they are exploited before vendors have issued fixes or before many users have applied these fixes. This gives attackers a significant advantage, as they can exploit these vulnerabilities without detection.

Who Is at Risk?

All users operating affected Microsoft software are at risk, especially those who delay or ignore installing updates. This includes individual users as well as organizations, where the impact can be magnified due to the scale of operations and the sensitivity of the data involved. Systems administrators, in particular, need to be vigilant about applying updates as soon as they become available to protect their networks and infrastructure from attacks.

What to Do If You Are at Risk

  1. Apply Updates Promptly: Always ensure your software is updated as soon as patches are available. For businesses, this might require a scheduled downtime to apply updates without disrupting operations.

  2. Educate Users: Regularly educate users about the importance of updates and the risks of phishing scams, as attackers often use social engineering to trick users into executing malicious files.

  3. Enhance Security Measures: Utilize tools like firewalls, antivirus software, and intrusion detection systems to add an extra layer of security to your network. Regularly review and adjust your security settings in response to new threats.

  4. Monitor Systems for Intrusions: Even with updates, no system is entirely secure. Regular monitoring for unusual activity can help catch a breach before it causes significant damage.

  5. Backup Important Data: Regular backups can prevent data loss in the event of a cyber attack. Ensure that backups are stored securely and tested regularly to confirm their integrity.

Other Notable Vulnerabilities

In addition to CVE-2024-30051, Microsoft also highlighted another exploited vulnerability, CVE-2024-30040, which affects Microsoft 365 and Office. This flaw allows attackers to bypass security features and execute arbitrary code via malicious files. Microsoft also warned about a critical remote code execution vulnerability in Microsoft SharePoint, identified as CVE-2024-30044, which allows attackers with certain permissions to execute arbitrary code on affected servers.

Conclusion

The release of these updates by Microsoft and the disclosure of these vulnerabilities underscore the ever-present need for vigilance in the digital age. As technology evolves, so do the tactics of those looking to exploit system weaknesses. Regular system updates, comprehensive security strategies, and ongoing education about cyber threats are essential to safeguarding personal and organizational data against increasingly sophisticated cyber attacks.