The Latest Security Updates from Microsoft – Addressing 90 Vulnerabilities, Including 10 Critical Zero-Days

AndyC 14 August 2024

Aug 14, 2024Ravie LakshmananWindows Security / Vulnerability

Microsoft released patches to fix a total of 90 security vulnerabilities yesterday, with 10 of them being zero-days, six of which are actively exploited in the wild.

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days

Aug 14, 2024Ravie LakshmananWindows Security / Vulnerability

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days

Microsoft released patches to fix a total of 90 security vulnerabilities yesterday, with 10 of them being zero-days, six of which are actively exploited in the wild.

Out of the 90 identified issues, seven are considered Critical, 79 as Important, and one at Moderate severity. Additionally, Microsoft also addressed 36 vulnerabilities in its Edge browser that have been detected since the previous month.

The latest Patch Tuesday updates are crucial as they mitigate six zero-day vulnerabilities currently under active exploitation:

  • CVE-2024-38189 (CVSS score: 8.8) – Microsoft Project Remote Code Execution Vulnerability
  • CVE-2024-38178 (CVSS score: 7.5) – Windows Scripting Engine Memory Corruption Vulnerability
  • CVE-2024-38193 (CVSS score: 7.8) – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
  • CVE-2024-38106 (CVSS score: 7.0) – Windows Kernel Elevation of Privilege Vulnerability
  • CVE-2024-38107 (CVSS score: 7.8) – Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
  • CVE-2024-38213 (CVSS score: 6.5) – Windows Mark of the Web Security Feature Bypass Vulnerability

One noteworthy vulnerability, CVE-2024-38213, allows attackers to bypass SmartScreen protections. It necessitates attackers to distribute a malicious file to users and trick them into opening it. Trend Micro’s Peter Girnus is recognized for discovering and reporting this vulnerability, hinting that it could potentially bypass CVE-2024-21412 or CVE-2023-36025, previously exploited by DarkGate malware operatives.

Cybersecurity

This development prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to include these vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to implement the required fixes by September 3, 2024.

Four of the following CVEs are recognized as publicly known:

  • CVE-2024-38200 (CVSS score: 7.5) – Microsoft Office Spoofing Vulnerability
  • CVE-2024-38199 (CVSS score: 9.8) – Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
  • CVE-2024-21302 (CVSS score: 6.7) – Windows Secure Kernel Mode Elevation of Privilege Vulnerability
  • CVE-2024-38202 (CVSS score: 7.3) – Windows Update Stack Elevation of Privilege Vulnerability

“This vulnerability could be exploited by luring a victim to open a specifically crafted file, typically through a phishing email,” mentioned Scott Caveza, a staff research engineer at Tenable, regarding CVE-2024-38200.

“The successful exploitation of this flaw might lead to the exposure of New Technology Lan Manager (NTLM) hashes to a remote attacker. These hashes may be misused in NTLM relay or pass-the-hash attacks, enhancing an attacker’s intrusion within an organization.”

The update also tackles a privilege escalation vulnerability within the Print Spooler component (CVE-2024-38198, CVSS score: 7.8), enabling attackers to achieve SYSTEM privileges. According to Microsoft, “Successful exploitation of this vulnerability necessitates an attacker to win a race condition.”

However, Microsoft is yet to issue updates for CVE-2024-38202 and CVE-2024-21302, which could potentially be exploited to conduct downgrade attacks on the Windows update framework, replacing current OS files with older versions.

This disclosure follows a notification by Fortra about a denial-of-service (DoS) vulnerability detected in the Common Log File System (CLFS) driver (CVE-2024-6768, CVSS score: 6.8), capable of causing system crashes, leading to the infamous Blue Screen of Death (BSoD).

Responding to inquiries, a Microsoft spokesperson informed The Hacker News that the problem “does not meet the threshold for immediate remediation under our severity categorization guidelines, and is being considered for a future product update.”

Cybersecurity

“The described technique necessitates that an attacker has already acquired code execution privileges on the targeted device and does not grant elevated authorities. We strongly encourage customers to maintain secure online practices, which includes exercising vigilance while running unrecognized programs,” the spokesperson added.

Updates from Other Software Suppliers

In line with Microsoft’s actions, several other vendors have released security updates in recent weeks to address various vulnerabilities, including:

Found this article interesting? Follow us on Twitter and LinkedIn for more exclusive content.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

AndyC 20 December 2025
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

AndyC 20 December 2025
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

AndyC 20 December 2025
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

AndyC 19 December 2025
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

AndyC 19 December 2025
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

AndyC 19 December 2025

You may have missed

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
The WAF must die – some interesting thoughts – FireTail Blog

The WAF must die – some interesting thoughts – FireTail Blog

AndyC 20 December 2025
The WAF must die – some interesting thoughts – FireTail Blog

The WAF must die – some interesting thoughts – FireTail Blog

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.