- 54/2024
- Critical
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed two actively exploited zero-day vulnerabilities.
Microsoft has fixed (73) vulnerabilities, with (5) classified as critical as they could allow the attacker to perform denial of service attacks, gain elevated privileges, obtain sensitive information, or remote code execution on the affected products.
February’s Patch Tuesday was released to fix security flaws in several Microsoft products such as Microsoft Exchange Server Windows, SmartScreen, Windows LDAP – Lightweight Directory Access Protocol, Windows Kernel, Windows Hyper-V, SQL Server, Microsoft Windows DNS, Microsoft Windows, Microsoft WDAC OLE DB provider for SQL, Microsoft WDAC ODBC Driver, Microsoft Dynamics, Microsoft Defender for Endpoint, Azure Active Directory, .NET, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Word and Microsoft Office.
The actively exploited zero-day vulnerabilities in February’s Patch are:
- Windows SmartScreen Security Feature Bypass Vulnerability allows attackers to bypass SmartScreen security checks – CVE-2024-21351.
- Internet Shortcut Files Security Feature Bypass Vulnerability allows The
attacker to bypass Mark of the Web (MoTW) warnings in Windows by a specially crafted file – CVE-2024-21412.
Sample of the addressed vulnerabilities:
1. Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2024- 21410):
- CVSS: 9.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Gain Privileges
2. Microsoft Outlook Code Execution Vulnerability (CVE-2024-21413):
- CVSS: 9.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Gain Access
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.