FlagThis

CyberSecurity updates
Updated: 2024-10-22 08:06:07 Pacfic
msrc.microsoft.com
Microsoft Releases Critical Patch Tuesday Updates Addressing Exploited Vulnerabilities - 12d

Read more: msrc.microsoft.com

Microsoft has released its October 2024 Patch Tuesday updates, addressing a total of 117 vulnerabilities across its ecosystem. This includes three critical vulnerabilities, two of which have been actively exploited in the wild, highlighting the importance of prompt patching to mitigate these risks. The first actively exploited vulnerability, CVE-2024-43572, is a remote code execution vulnerability in the Microsoft Management Console (MMC). It allows attackers to execute arbitrary code on a targeted system by tricking users into loading a malicious MMC snap-in. The second actively exploited vulnerability, CVE-2024-43573, is a platform spoofing vulnerability in Windows MSHTML. This vulnerability allows attackers to disguise themselves as trusted sources, potentially gaining unauthorized access to systems or data. The third critical vulnerability, CVE-2024-43468, is a remote code execution vulnerability in Microsoft Configuration Manager, which could allow attackers to execute commands on the targeted server or database without user interaction. The release also includes other critical vulnerabilities affecting various Microsoft products, including .NET, OpenSSH for Windows, Power BI, and Windows Hyper-V. Organizations are strongly advised to prioritize the installation of these security updates to protect their systems from potential attacks.

References:
  • Malware Analysis, News and Indicators - Microsoft Releases October 2024 Security Updates - 13d
  • CISA Cybersecurity Advisories - Microsoft Releases October 2024 Security Updates - 13d
  • Vulnerability Archives - Microsoft’s October 2024 Patch Tuesday: Zero-Day Exploits and Critical Vulnerabilities Patched - 12d
  • CISA Cybersecurity Advisories - Microsoft Releases October 2024 Security Updates - 12d
  • Malware Analysis, News and Indicators - Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities - 12d
  • Malware Analysis, News and Indicators - This article discusses the October 2024 Patch Tuesday updates, highlighting the critical vulnerabilities addressed, including the two actively exploited zero-days. It also emphasizes the need for orga - 12d
  • www.jpcert.or.jp - Security Alert: Microsoft Releases October 2024 Security Updates - 12d
  • SOCRadar - SOCRadar article analyzing the vulnerabilities patched in Microsoft's October 2024 Patch Tuesday updates. - 12d
  • Malware Analysis, News and Indicators - Actively exploited Microsoft Management Console bug fixed in October Patch Tuesday - 12d
  • www.scworld.com - Actively exploited Microsoft Management Console bug fixed in October Patch Tuesday - 12d
  • CyberScoop - Microsoft offers updates on 117 vulnerabilities on Patch Tuesday - 11d
  • Arctic Wolf - Microsoft Patch Tuesday – October 2024: Critical and Exploited Vulnerabilities - 9d
  • @feeds - Microsoft October update patches two zero-day vulnerabilities it says are being actively exploited - 9d
  • News - Microsoft October update patches two zero-day vulnerabilities it says are being actively exploited - 9d
  • ciso2ciso.com - Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild – Source:thehackernews.com - 8d
  • @jos1264 - Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild – Source:thehackernews.com - 8d
  • Help Net Security - Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October - 8d
  • All CISA Advisories - CISA adds this vulnerability to its Known Exploited Vulnerabilities Catalog. - 6d

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find Flathis at Mastodon.