Patch Tuesday: Microsoft Tackles 118 Vulnerabilities, Including 2 Under Active Attack
Microsoft has released a security update as part of its Patch Tuesday initiative, addressing 118 vulnerabilities, two of which are already being actively exploited by threat actors. Of the identified vulnerabilities, three are deemed critical, 113 are classified as important, and two are rated as moderate. The update does not include an additional 25 vulnerabilities that the company separately patched in the Chromium-based Edge browser over the past month.
Five of the vulnerabilities were publicly known at the time of the update’s release, with two already being leveraged in real-world attacks. One of these is CVE-2024-43572, rated 7.8 on the CVSS scale, involving remote code execution via the Microsoft Management Console. The second, CVE-2024-43573, with a CVSS score of 6.5, affects the MSHTML platform and facilitates spoofing attacks.
Both vulnerabilities have been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog, with federal agencies required to remediate them by October 29, 2024.
Notably, CVE-2024-43573 bears similarities to other vulnerabilities linked to the MSHTML platform, which were previously exploited to distribute the Atlantida Stealer malware. Despite this, Microsoft has yet to disclose who is responsible for exploiting these vulnerabilities or the extent of their reach.
The most severe vulnerability identified is CVE-2024-43468, with a CVSS score of 9.8, related to remote code execution in Microsoft Configuration Manager. This vulnerability allows attackers to execute arbitrary commands by sending specially crafted requests to the server.
Other critical vulnerabilities include CVE-2024-43488 (remote code execution via the Visual Studio Code extension for Arduino) and CVE-2024-43582 (a remote desktop vulnerability), both of which could be exploited for remote code execution. However, experts note that exploiting CVE-2024-43582 requires complex attack methods, which may slightly reduce its risk in practical scenarios.
Regular security updates, like Microsoft’s Patch Tuesday, underscore the dynamic nature of cybersecurity. They highlight the ongoing race between developers and malicious actors. Each Patch Tuesday is not merely a routine event but a critical juncture for Windows users worldwide. It serves as a reminder that vigilance and timely system updates are essential pillars of robust protection in today’s digital landscape.
