If you are a Windows user, you will want to install the latest updates as soon as possible. Microsoft has just released a huge batch of security patches that address more than 70 vulnerabilities in its operating systems and related products, including two zero-day flaws that are already being exploited by hackers.
What are the zero-day vulnerabilities?
A zero-day vulnerability is a software bug that is unknown to the vendor and the public, but is known and exploited by attackers. In this case, Microsoft has identified two such vulnerabilities that affect Windows users:
- CVE-2024-21412: This is a security feature bypass in the way Windows handles Internet Shortcut Files, which are files that link to web pages. An attacker could trick a user into opening a malicious shortcut file and execute code on the user’s system.
- CVE-2024-21351: This is another security feature bypass in the way Windows SmartScreen, a component that tries to block potentially harmful files downloaded from the web, works. An attacker could bypass the SmartScreen protection and run malicious code on the user’s system.
Both of these vulnerabilities are being exploited in the wild by different threat actors, according to Microsoft and security researchers.
What are the other notable vulnerabilities?
Apart from the zero-day flaws, Microsoft has also fixed several other critical and important vulnerabilities that could allow remote code execution, elevation of privilege, information disclosure, or denial of service attacks. Some of the noteworthy ones are:
- CVE-2024-21410: This is an elevation of privilege vulnerability in Microsoft Exchange Server, which is a popular email and calendar server. An attacker could exploit this flaw to obtain NTLM hashes, which are encrypted passwords, of Exchange users and impersonate them on the network.
- CVE-2024-21413: This is a remote code execution vulnerability in Microsoft Office, which is a suite of productivity applications. An attacker could exploit this flaw by convincing a user to view a specially crafted message in the Outlook Preview pane, which would cause the file to open in editing mode and run malicious code.
How to protect yourself?
The best way to protect yourself from these and other vulnerabilities is to apply the latest security updates from Microsoft as soon as possible.
You should also be careful about opening files or links from unknown or suspicious sources, and use a reputable antivirus or security software to scan your system regularly.
Microsoft releases security updates every second Tuesday of the month, which is also known as Patch Tuesday. This is the largest Patch Tuesday so far in 2024, and one of the largest in Microsoft’s history. It is highly recommended that you install these updates to keep your Windows devices secure and protected. If your organization doesn’t have a patch management process in place to automatically update your computers, get in touch. We continuously update our managed customers’ computers automagically.