Microsoft today released updates to fix more than 60 security holes Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available macOS again Adobe users, and Chrome A web browser, which recently patched its zero-day bug.
First, zero days. CVE-2024-30051 is an “elevation of privilege” bug in the Windows library. Satnam Narang of It is usable he said this error is being used as part of the post-compromise exercise to assert rights as a local invader.
“CVE-2024-30051 is used to gain initial access to a target and requires the use of social engineering tactics via email, social media or instant messaging to convince the target to open a specially crafted document file,” Narang said. “Once exploited, an attacker can bypass OLE mitigations in Microsoft 365 and Microsoft Office, which are security features designed to protect end users from malicious files.”
Kaspersky Labone of the two companies credited with reporting the CVE-2024-30051 exploit to Microsoft, has published an interesting write-up of how they discovered the exploit in a file shared with Virustotal.com.
Kaspersky said it has since seen the use of QakBot and other malware. Appearing in 2007 as a banking Trojan, QakBot (aka Qbot again Pinkslipbot) evolved into an advanced form of malware now used by many cybercriminal groups to prepare new compromised networks for ransomware attacks.
CVE-2024-30040 is a pass-through security feature MSHTML, a component deeply tied to the default Web browser on Windows systems. Microsoft’s advice on this error is sparse, however Kevin Breen from Focused Labs he said this vulnerability is also affecting Office 365 again Microsoft Office requests.
“Very little detail is provided and the brief description is painfully full,” Breen said of Microsoft’s advisory on CVE-2024-30040.
The only vulnerability fixed this month that earned Microsoft’s “critical” rating is CVE-2024-30044, which Sharepoint Microsoft said it could be exploited. Tenable’s Narang notes that exploiting this bug requires an attacker to be authenticated to the vulnerable SharePoint server with Site Owner (or higher) permissions first and take additional steps to exploit the flaw, making this flaw less likely to be widely exploited. as most attackers follow the path of least resistance.
Five days ago, Google released a security update for Chrome that fixes a zero-day in the popular browser. Chrome usually automatically downloads any available updates, but may still require a complete restart of the browser to install them. If you’re using Chrome and you see a “Restart to update” message in the upper right corner of the browser, it’s time to restart.
Apple recently sent the macOS Sonoma 14.5 update, which includes about a dozen security patches. To make sure your Mac is up to date, go to System Settings, General Tab, then Software Update and follow any instructions.
Finally, Adobe has important security patches available for a variety of products, including Acrobat, Reader, Graphic artist, Adobe Substance 3D Painter, Adobe Aero, Adobe Animate again Adobe Framemaker.
Whether you’re using a Mac or Windows system (or something else), it’s always a good idea to back up your data and or program before installing any security updates. For a closer look at the fixes released by Microsoft today, check out the complete list at the SANS Internet Storm Center. Anyone in charge of maintaining Windows systems in a business environment should check out askwoody.com, which often has the scoop on any wonky Windows.
Update, May 15, 8:28 am: Fixed CVE-2024-30051 bad assignment.
Source link