Microsoft Patch Tuesday update squashes 73 security flaws and 2 zero-day exploits
This patch fixes 30 remote code vulnerabilities and more
2 min. read
Published on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
After the KB5034765 update that brought many fixes, Microsoft released another update that addressed security issues.
The update fixes dozens of security flaws and several zero-day exploits, so make sure you get it as soon as possible.
Patch Tuesday addresses various security issues and exploits
The new security patch is here for Patch Tuesday, and according to Bleeping Computer, it addresses 73 security flaws. Here’s the breakdown of addressed vulnerabilities:
- 30 remote code execution vulnerabilities
- 16 elevation of privilege flaws
- 10 spoofing security issues
- 9 denial of service vulnerabilities
- 5 information disclosure issues
- 3 security features bypass security flaws
It seems that Microsoft has been busy with this patch, but that’s not all! The issue also addresses two zero-day exploits.
The CVE-2024-21351 exploit was fixed, and if you’re not familiar, this exploit allowed hackers to bypass Windows SmartScreen by sending a user a malicious file that gave them access.
So far, it’s known how this exploit was abused and how many were affected.
CVE-2024-21412 was also fixed, and this exploit allowed hackers to utilize the Internet Shortcut File flaw and circumvent Mark of the Web warnings.
As for this flaw, it was used by the APT group DarkCasino (Water Hydra) hacker group to target financial traders.
We have to applaud Microsoft for fixing these exploits, and we hope that Microsoft will soon address critical vulnerabilities in Word and Excel as well.
User forum
0 messages