Among the most critical vulnerabilities is CVE-2024-38178, a Scripting Engine Memory Corruption flaw that allows remote code execution via Microsoft Edge in Internet Explorer Mode. Although this mode is not commonly used, its active exploitation underscores the persistent risk for organizations and users who rely on outdated configurations. The vulnerability requires a user to click on a specially crafted URL, enabling an unauthenticated attacker to initiate remote code execution.
CVE-2024-38106 and CVE-2024-38107 are both privilege escalation vulnerabilities within the Windows Kernel and Windows Power Dependency Coordinator, respectively. These flaws allow attackers to gain SYSTEM privileges, either by exploiting a race condition or by leveraging local access to trick users into performing specific actions. The successful exploitation of these vulnerabilities could lead to complete control over the affected systems.
CVE-2024-38193, found in the Windows Ancillary Function Driver for WinSock, also leads to privilege escalation and is currently being exploited in the wild. The vulnerability is of particular concern as it has the potential to grant attackers SYSTEM-level access, allowing them to execute malware with elevated privileges.
Among the publicly known vulnerabilities, CVE-2024-38200 stands out as a spoofing vulnerability in Microsoft Office, potentially allowing attackers to capture and relay NTLM hashes. CVE-2024-21302 and CVE-2024-38202, both elevation of privilege flaws in Windows components, were recently revealed and are linked to potential downgrade attacks that could reintroduce previously mitigated vulnerabilities.
The severity of these vulnerabilities underscores the importance of promptly applying the latest patches and reviewing security configurations to mitigate risks. Microsoft’s efforts to address these issues highlight the ongoing battle against sophisticated cyber threats targeting critical software used by millions worldwide.
Source: Help Net Security
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.