Microsoft Addressed 6 Actively Exploited Zero-Day Vulnerabilities
During Patch Tuesday, Microsoft’s monthly release of security updates, a total of 90 CVEs were patched, with some vulnerabilities actively exploited.
A few vulnerabilities stemmed from Chromium, impacting both Microsoft Edge and Google Chrome. Here are the critical vulnerabilities and fixes disclosed by Microsoft on August 13.
Zero-day vulnerabilities that were exploited
Six zero-day exploits were already utilized by threat actors:
- CVE-2024-38106: a Windows kernel vulnerability that could lead to privilege escalation.
- CVE-2024-38107: an elevation of privilege flaw in the Windows Power Dependency Coordinator.
- CVE-2024-38178: a vulnerability that could enable remote code execution by clicking a link in Edge’s Internet Explorer Mode.
- CVE-2024-38189: a flaw that could allow remote code execution by opening a malicious Microsoft Office Project file under specific circumstances.
- CVE-2024-38193: a privilege escalation vulnerability potentially granting an attacker SYSTEM privileges.
- CVE-2024-38213: a flaw that could bypass the SmartScreen protection when downloading from the internet.
SEE: Organizations should evaluate how their privacy and data storage policies align with Microsoft’s Copilot AI.
NIST identifies two vulnerabilities as ‘critical’
In this month’s Patch Tuesday, NIST labeled some items as critical based on the Common Vulnerability Scoring System. These critical vulnerabilities include:
- CVE-2024-38140: a remote code execution vulnerability triggered when a program listens on a Pragmatic General Multicast port.
- CVE-2024-38063: a remote code execution flaw exploited through repeated malicious IPv6 packets.
One notable unpatched vulnerability, CVE-2024-38202, involves an elevation of privilege issue in Windows Update. To address this, Microsoft suggests auditing user access to objects, operations, and files.
For detailed steps on safeguarding against this vulnerability, refer to the recommended actions section in the vulnerability listing.
A cluster of vulnerabilities originates in Chromium
Business users worldwide are advised to use the latest versions of Edge and Google Chrome due to vulnerabilities stemming from the Chromium Open Source Software shared by both browsers.
The notable Chrome and Chromium vulnerabilities include:
- MITRE CVE 7532: potential out-of-bounds memory access in ANGLE, a graphics engine layer in Chrome.
- MITRE CVE 7533: a use-after-free exploit in Chrome for iOS.
- MITRE CVE 7534: a heap buffer overflow in Layout.
- MITRE CVE 7535: an inappropriate implementation in V8.
- MITRE CVE 7536: a use-after-free issue in WebAudio.
- MITRE CVE 7550: Type Confusion in V8.
- MITRE CVE 38218: an HTML-based memory-corruption vulnerability in Microsoft Edge.
- MITRE CVE 38219: a remote code execution flaw in Microsoft Edge.
These vulnerabilities could have allowed attackers to execute arbitrary code prior to being patched.
Important: Ensure browsers and operating systems are up to date
Most vulnerabilities addressed in the patch report are included in the August security updates, requiring administrators to solely focus on keeping their systems updated.
Likewise, to address the Chromium vulnerabilities, ensure Microsoft Edge or Google Chrome are on the latest versions.
In Edge, verify the running version and seek updates via the menu (…) on the right side. Choose “Help,” then “Feedback,” followed by “Microsoft Edge.”
For Chrome, access “About Google Chrome” in the menu bar or use the menu icon (three dots) in the upper-right corner, go to “Help,” and select “About Google Chrome.”
About Author
