Microsoft released a monthly security update that fixes 61 security flaws covering multiple Microsoft software suites within Windows. Two of the critical fixes are for issues facing Windows Hyper-V threading that could lead to DoS (denial of service) issues or remote code being executed on a user’s system.
Thanks to a report at The Hacker News, we know of 58 important issues that are repaired, while two are rated as critical, with one being rated of low-level importance. However, six were tagged as “Exploitation More Likely.”
There are an additional 17 fixed security flaws for the Microsoft Chromium-based Edge browser, these fixes are for vulnerabilities detected since the most recent February update.
The two most critical issues are CVE-2024-21407 and CVE-2024-21408, that affect Hyper-V and could result in threat actors gaining remote code execution and DoS access to your machine.
The latest Microsoft update will also address escalation flaws in the Azure Kubernetes Service Confidential Container (CVE-2024-21400, CVSS score: 9.0). The update also fixes issues within Windows Composite Image File System (CVE-2024-26170, CVSS score: 7.8), and Authenticator (CVE-2024-21390, CVSS score: 7.1).
This update will prevent threat actor access
Although threat actors would need a local presence on your network, that could easily happen via malware or some other malicious application one might have accidentally installed. It will need to close and re-open the Authenticator app.
Microsoft states “Exploitation of this vulnerability could allow an attacker to gain access to multi-factor authentication codes for the victim’s accounts, as well as modify or delete accounts in the authenticator app but not prevent the app from launching or running,”
According to Satnam Narang, senior staff research engineer at Tenable, “Having access to a target device is bad enough as they can monitor keystrokes, steal data and redirect users to phishing websites, but if the goal is to remain stealth, they could maintain this access and steal multi-factor authentication codes to login to sensitive accounts, steal data or hijack the accounts altogether by changing passwords and replacing the multi-factor authentication device, effectively locking the user out of their accounts.”
Another vulnerability of note is a privilege escalation bug in the Print Spooler (CVE-2024-21433, CVSS score: 7.0) which would grant a threat actor access and system privileges.
So many issues are addressed thanks to this update. You should update immediately to ensure your system and network is protected.