Microsoft on Tuesday launched its month-to-month safety replace, addressing 61 totally different safety flaws spanning its software program, together with two important points impacting Home windows Hyper-V that would result in denial-of-service (DoS) and distant code execution.
Of the 61 vulnerabilities, two are rated Important, 58 are rated Necessary, and one is rated Low in severity. Not one of the flaws are listed as publicly recognized or underneath lively assault on the time of the discharge, however six of them have been tagged with an “Exploitation Extra Doubtless” evaluation.
The fixes are along with 17 safety flaws which have been patched within the firm’s Chromium-based Edge browser because the launch of the February 2024 Patch Tuesday updates.
Topping the record of important shortcomings are CVE-2024-21407 and CVE-2024-21408, which have an effect on Hyper-V and will lead to distant code execution and a DoS situation, respectively.
Microsoft’s replace additionally addresses privilege escalation flaws within the Azure Kubernetes Service Confidential Container (CVE-2024-21400, CVSS rating: 9.0), Home windows Composite Picture File System (CVE-2024-26170, CVSS rating: 7.8), and Authenticator (CVE-2024-21390, CVSS rating: 7.1).
Profitable exploitation of CVE-2024-21390 requires the attacker to have an area presence on the gadget both by way of malware or a malicious utility already put in by way of another means. It additionally necessitates that the sufferer closes and re-opens the Authenticator app.
“Exploitation of this vulnerability might permit an attacker to achieve entry to multi-factor authentication codes for the sufferer’s accounts, in addition to modify or delete accounts within the authenticator app however not forestall the app from launching or working,” Microsoft mentioned in an advisory.
“Whereas exploitation of this flaw is taken into account much less seemingly, we all know that attackers are eager to search out methods to bypass multi-factor authentication,” Satnam Narang, senior employees analysis engineer at Tenable, mentioned in a press release shared with The Hacker Information.
“Gaining access to a goal gadget is unhealthy sufficient as they’ll monitor keystrokes, steal knowledge and redirect customers to phishing web sites, but when the aim is to stay stealth, they might keep this entry and steal multi-factor authentication codes to be able to login to delicate accounts, steal knowledge or hijack the accounts altogether by altering passwords and changing the multi-factor authentication gadget, successfully locking the person out of their accounts.”
One other vulnerability of word is a privilege escalation bug within the Print Spooler part (CVE-2024-21433, CVSS rating: 7.0) that would allow an attacker to acquire SYSTEM privileges however solely upon successful a race situation.
The replace additionally plugs a distant code execution flaw in Trade Server (CVE-2024-26198, CVSS rating: 8.8) that an unauthenticated risk actor might abuse by putting a specifically crafted file onto a web-based listing and tricking a sufferer into opening it, ensuing within the execution of malicious DLL recordsdata.
The vulnerability with the very best CVSS ranking is CVE-2024-21334 (CVSS rating: 9.8), which considerations a case of distant code execution affecting the Open Administration Infrastructure (OMI).
“A distant unauthenticated attacker might entry the OMI occasion from the Web and ship specifically crafted requests to set off a use-after-free vulnerability,” Redmond mentioned.
“The primary quarter of Patch Tuesday in 2024 has been quieter in comparison with the final 4 years,” Narang mentioned. “On common, there have been 237 CVEs patched within the first quarter from 2020 via 2023. Within the first quarter of 2024, Microsoft solely patched 181 CVEs. The common variety of CVEs patched in March over the past 4 years was 86.”
Software program Patches from Different Distributors
Along with Microsoft, safety updates have additionally been launched by different distributors over the previous few weeks to rectify a number of vulnerabilities, together with —
