CISA Wars: Critical Zero-Day Vulnerabilities Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three critical security vulnerabilities currently being exploited by threat actors. These vulnerabilities affect a wide range of systems, including web servers, Microsoft Windows Hyper-V, and the MSHTML platform.

• Rejetto HTTP File Server (CVE-2024-23692): A severe vulnerability in this popular web server allows attackers to remotely execute arbitrary commands, potentially compromising entire systems.
• Microsoft Windows Hyper-V (CVE-2024-38080): This privilege escalation flaw can enable attackers to gain SYSTEM privileges on vulnerable Hyper-V environments, granting them full control over the virtualized systems.
• Microsoft Windows MSHTML Platform (CVE-2024-38112): This spoofing vulnerability can be exploited to deliver malicious files and trick users into executing harmful code.

Patch Now to Protect Your Systems

Microsoft has released patches for the two zero-day vulnerabilities (CVE-2024-38080 and CVE-2024-38112) in its July 2024 Patch Tuesday update. Users and organizations are strongly advised to prioritize applying these updates immediately to safeguard their systems.

For the Rejetto HTTP File Server vulnerability, upgrading to the latest version (2.3m or later) is crucial to mitigate the risk.

CISA’s Recommendations

CISA has added these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, indicating their active exploitation in the wild. Federal agencies are mandated to patch these flaws by July 30, 2024. However, all organizations and individuals are urged to act swiftly to protect their systems and data.