Microsoft September Patch Tuesday Patched 4 Zero-Day Flaws
The scheduled Patch Tuesday updates for September 2024 have arrived for all Microsoft products. The tech giant addressed some serious security issues with this update, notably four zero-day vulnerabilities. Users must update their devices promptly to avoid potential threats.
Multiple Zero-Day Vulnerabilities Fixed With Latest Updates
September Patch Tuesday’s most significant security fixes addressed five noteworthy vulnerabilities affecting different Microsoft products. Below, we quickly list them.
- CVE-2024-38217 (CVSS 5.4): An important severity vulnerability that might not be as severe a threat as it became due to public disclosure before a fix. Microsoft described it as a security feature bypass impacting the Windows Mark of the Web functionality. An attacker could exploit the flaw by tricking the target user into opening a maliciously crafted file hosted on an attacker-controlled server.
- CVE-2024-43491 (CVSS 9.8): This is the only critical severity vulnerability among all zero-days addressed this month. The tech giant identified it as a remote code execution vulnerability affecting Windows Update. According to Microsoft, the vulnerability was actively exploited in the wild to roll back previously patched systems for some vulnerabilities. The firm urged users to install the servicing stack update (KB5043936) and the security update (KB5043083) released with September Patch Tuesday to re-patch their systems.
- CVE-2024-38226 (CVSS 7.3): An important severity security feature bypass affecting Microsoft Publisher. Exploiting this vulnerability requires the attacker to have local authenticated access to the target system. An attacker could achieve this requirement by tricking the victim user into opening a maliciously crafted file.
- CVE-2024-38014 (CVSS 7.8): An important severity privilege escalation issue affecting Windows Installer. Exploiting the flaw could allow SYSTEM privileges to an attacker.
- CVE-2024-43461 (CVSS 8.8): An important severity spoofing vulnerability in the Windows MSHTML platform. According to ZDI, this vulnerability resembled a previously patched flaw, CVE-2024-38112, that Microsoft addressed with July Patch Tuesday. This vulnerability has a disputed exploitation status since Microsoft confirmed detecting no active exploits for the flaw, whereas ZDI confirmed reporting its active exploitation to Microsoft earlier.
Other Important Patch Tuesday September Updates From Microsoft
Alongside the five crucial vulnerabilities described above, Microsoft also patched 74 other vulnerabilities, releasing a total of 79 security fixes.
These include six critical severity vulnerabilities affecting Azure Stack Hub (privilege escalation vulnerabilities – CVE-2024-38216, CVE-2024-38220), Azure Web Apps (privilege escalation flaw – CVE-2024-38194), Microsoft SharePoint Server (remote code execution – CVE-2024-38018, CVE-2024-43464), and Windows Network Address Translation (NAT) (remote code execution – CVE-2024-38119). The rest include 67 important severity issues and a single moderate severity flaw, CVE-2024-43487 – a Windows Mark of the Web security feature bypass.
Let us know your thoughts in the comments.