Microsoft Patch Tuesday September 2024
Microsoft Patch Tuesday September 2024
Summary
This month’s Patch Tuesday has security updates to fix 4 zero-day vulnerabilities with 3 of them being actively-exploited, 7 critical vulnerabilities and a total of 79 vulnerabilities.
The most important patches are:
CVE 2024 38217 – Windows Mark of the Web Security Feature Bypass Vulnerability. An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as SmartScreen Application Reputation security check and/or the legacy Windows Attachment Services security prompt. CVSS 3.1: 5.4 (Important)
CVE 2024 38014 – Windows Installer Elevation of Privilege Vulnerability. An attacker exploiting this vulnerability could gain SYSTEM-level privileges, a proof-of-concept has not been published yet. CVSS 3.1: 7.8 (Important)
CVE-2024-38226 – Microsoft Publisher Security Feature Bypass Vulnerability. The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer. CVSS 3.1: 7.3 (Important)
CVE-2024-43491 – Microsoft Windows Update Remote Code Execution Vulnerability. No exploitation of CVE-2024-43491 itself has been detected. Successful exploitation of this vulnerability allows an attacker to execute code remotely. CVSS 3.1: 9.8 (Critical)
The patches this month break down as follows:
- 23 Remote code execution vulnerabilities
- 30 Elevation of privilege vulnerabilities
- 4 Security feature bypass vulnerabilities
- 8 Denial of Service vulnerabilities
- 11 Information disclosure vulnerabilities
- 3 Spoofing vulnerabilities
More information can be found here.