Microsoft Fixes Two Windows Vulnerabilities Exploited In Attacks
The tech giant’s monthly ‘Patch Tuesday’ release consists of fixes for 89 vulnerabilities, according to Trend Micro’s Dustin Childs.
Microsoft’s monthly patch release includes fixes for two Windows vulnerabilities that threat actors have exploited in cyberattacks, the company disclosed Tuesday.
According to a tally by Trend Micro’s Dustin Childs, the tech giant fixed a total of 89 CVEs (Common Vulnerabilities and Exposures) in connection with its monthly release of software bug fixes, unofficially known as “Patch Tuesday.”
[Related: 10 Major Cyberattacks And Data Breaches In 2024 (So Far)]
“This represents another large month of fixes from the Redmond giant and puts them at 949 CVEs addressed so far this year,” wrote Childs, head of threat awareness for Trend Micro’s Zero Day Initiative. “Even before counting the fixes in December, 2024 is Microsoft's second-largest year for fixes.”
CRN has reached out to Microsoft for comment.
Among the vulnerabilities fixed in the monthly release are a Windows vulnerability in MSHTML and a Windows Task Scheduler flaw that have both seen exploitation, though neither is considered a “critical” issue in terms of severity, according to Microsoft.
The Windows vulnerability in MSHTML (tracked at CVE-2024-43451) is an NTLM hash disclosure spoofing flaw that has been rated “important” with a severity score of 6.5 out of 10.0.
The Windows Task Scheduler vulnerability (tracked at CVE-2024-49039) can be exploited to enable elevation of privilege in an attack. It has also been rated “important,” a severity score of 8.8 out of 10.0.
Four other vulnerabilities have been deemed “critical” in severity — two of which can enable remote execution of code, according to the blog from Childs:
- .NET and Visual Studio Remote Code Execution Vulnerability (CVE-2024-43498)
- Airlift.microsoft.com Elevation of Privilege Vulnerability (CVE-2024-49056)
- Microsoft Windows VMSwitch Elevation of Privilege Vulnerability (CVE-2024-43625)
- Windows Kerberos Remote Code Execution Vulnerability (CVE-2024-43639)
Other vulnerabilities fixed in Tuesday’s patch release affect Microsoft products and platforms including Office, Azure, SQL Server and Hyper-V.