top of page
Writer's pictureJohn Jordan

Microsoft's September Patch Tuesday: 79 Flaws Fixed, Including 3 Actively Exploited Vulnerabilities

Microsoft has released its Patch Tuesday update for September 2024, addressing 79 security vulnerabilities. Notably, three of these flaws are actively being exploited, posing significant risks to Windows users.

Windows | BetterWorld Technology

Key Takeaways

  • Total Vulnerabilities Addressed: 79

  • Critical Vulnerabilities: 7

  • Important Vulnerabilities: 71

  • Moderate Vulnerabilities: 1

  • Actively Exploited Flaws: 3

Actively Exploited Vulnerabilities

Microsoft disclosed that three security flaws are currently under active exploitation:

  1. CVE-2024-38014: Windows Installer Elevation of Privilege Vulnerability (CVSS score: 7.8)

  2. CVE-2024-38217: Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability (CVSS score: 5.4)

  3. CVE-2024-38226: Microsoft Publisher Security Feature Bypass Vulnerability (CVSS score: 7.3)

Additional Vulnerabilities

In addition to the actively exploited flaws, Microsoft also addressed a critical vulnerability:

  • CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (CVSS score: 9.8)

Expert Insights

Satnam Narang, a senior staff research engineer at Tenable, highlighted the risks associated with CVE-2024-38226 and CVE-2024-38217. Exploitation of these vulnerabilities can bypass important security features that block Microsoft Office macros from running. However, exploiting CVE-2024-38226 requires the attacker to be authenticated and have local access to the system.

Historical Context

CVE-2024-38217, also known as LNK Stomping, has been exploited in the wild since February 2018. CVE-2024-43491 is similar to a downgrade attack detailed by SafeBreach last month.

Mitigation Steps

Microsoft recommends installing the September 2024 Servicing Stack Update (SSU KB5043936) and the September 2024 Windows Security Update (KB5043083) to mitigate these vulnerabilities.

Broader Impact

Other vendors have also released security updates to address various vulnerabilities. These vendors include:

  • Adobe

  • Arm

  • Bosch

  • Broadcom (including VMware)

  • Cisco

  • Citrix

  • CODESYS

  • D-Link

  • Dell

  • Drupal

  • F5

  • Fortinet

  • Fortra

  • GitLab

  • Google (Android, Pixel, Chrome, Cloud, Wear OS)

  • Hitachi Energy

  • HP

  • HP Enterprise (including Aruba Networks)

  • IBM

  • Intel

  • Ivanti

  • Lenovo

  • Linux distributions (Amazon Linux, Debian, Oracle Linux, Red Hat, Rocky Linux, SUSE, Ubuntu)

  • MediaTek

  • Mitsubishi Electric

  • MongoDB

  • Mozilla (Firefox, Firefox ESR, Focus, Thunderbird)

  • NVIDIA

  • ownCloud

  • Palo Alto Networks

  • Progress Software

  • QNAP

  • Qualcomm

  • Rockwell Automation

  • Samsung

  • SAP

  • Schneider Electric

  • Siemens

  • SolarWinds

  • SonicWall

  • Spring Framework

  • Synology

  • Veeam

  • Zimbra

  • Zoho (ManageEngine ServiceDesk Plus, SupportCenter Plus, ServiceDesk Plus MSP)

  • Zoom

  • Zyxel

Microsoft's latest Patch Tuesday update underscores the importance of timely software updates to mitigate security risks. Users are strongly advised to apply these patches to protect their systems from potential exploits.

Cyber threats are becoming more sophisticated every day, making strong cybersecurity essential for protecting your business. BetterWorld Technology offers comprehensive solutions designed to safeguard your data, systems, and cloud environments from potential breaches. Our cybersecurity experts provide proactive protection and fast response times to minimize risks and ensure business continuity. Book a consultation with us now and let BetterWorld Technology fortify your defenses and secure your business from evolving cyber threats.


Sources

  • Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws, The Hacker News.

15 views

Comments


bottom of page