Microsoft today released updates to patch at least 70 security holes Windows and Windows software, including one vulnerability that is already being exploited in active attacks.
Zero-day detection exploits include CVE-2024-49138, a security vulnerability Windows Common Log File System (CLFS) driver – used by applications to write transaction logs – could allow an authenticated attacker to gain “system” level privileges on a vulnerable Windows device.
A security firm Immediately7 notes that there have been a series of zero-day increases in privilege errors in CLFS over the past few years.
“Ransomware authors who exploited previous CLFS vulnerabilities will be more than happy to find the new one,” it wrote. Adam Barnettlead software engineer at Rapid7. “Expect more zero-day CLFS vulnerabilities to appear in the future, at least until Microsoft fully replaces the outdated CLFS codebase instead of providing patch fixes for specific bugs.”
An increase in vulnerability accounts for 29% of the 1,009 security bugs Microsoft has patched so far in 2024, according to year-end statistics It is usable; about 40 percent of those bugs were weaknesses that would allow attackers to run malicious code on a vulnerable device.
Rob Reeveschief security engineer at Focused Labsspecial attention was called to CVE-2024-49112, a remote code execution bug Lightweight Directory Access Protocol (LDAP) service in all versions of Windows since Windows 7. CVE-2024-49112 was assigned a CVSS (malicious) score of 9.8 out of 10.
“LDAP is often exposed to servers that are Domain Controllers within a Windows network and LDAP must be exposed to other servers and clients in the enterprise environment for the domain to work,” Reeves said. “Microsoft has not released specific details about the vulnerability at this time, but it has indicated that the severity of the attack is low and unnecessary.”
Tyler Reguly in the security company Fortra had a slightly different figure for 2024 for Microsoft, with 1,088 vulnerabilities, which it said was remarkably similar to the 1,063 vulnerabilities resolved in 2023 and the 1,119 vulnerabilities resolved in 2022.
“If nothing else, we can say that Microsoft is not changing,” Reguly said. “While it would be nice to see the number of victims every year go down, at least the consistency lets us know what to expect.”
If you are a Windows user and your system is not set to install updates automatically, please take a minute this week to run Windows Update, preferably after backing up your system and/or important data.
System administrators should check AskWoody.com, which usually has details if any of the Patch Tuesday fixes cause problems. In the meantime, if you’re having trouble using this month’s fixes, please leave a note in the comments below.
Source link