Microsoft fixes 61 vulnerabilities in latest Windows update
Microsoft has released its monthly security update Patch Tuesday to fix 61 vulnerabilities across many software suites for Windows.
Two of the fixes rated critical are for issues related to Windows Hyper-V vulnerabilities that could lead to DoS (denial of service) incidents or remote code execution. Two serious vulnerabilities are numbered by Microsoft as CVE-2024-21407 and CVE-2024-21408.
Additionally, the fix also fixes 58 critical issues and 1 low-severity issue. Among the fixes, 17 vulnerabilities have been fixed for the Chrome-based Microsoft Edge browser. They are designed to fix vulnerabilities discovered since the most recent Patch Tuesday monthly update (February 2024). Some of the vulnerabilities on this list include CVE-2024-21400 (CVSS score of 9), CVE-2024-26170 (CVSS score of 7.8), and CVE-2024-21390 (CVSS score of 7.1).
While threat actors need to have a local presence on the user's network, that can easily happen through malware or some malicious application that the victim may unknowingly install. . Microsoft claims that exploiting this vulnerability could allow an attacker to access the multi-factor authentication code for the victim's account, as well as modify or delete the account in the Authenticator authentication application.
Senior research engineer at Tenable Satnam Narang said having access to the target device is bad enough as they can track keystrokes, steal data and redirect users to websites Cheat. But things get even more dangerous with a new vulnerability that allows attackers to access and steal multi-factor authentication codes to log into sensitive accounts, steal data or completely take over accounts. accounts by changing passwords and replacing multi-factor authentication devices, locking users out of their accounts.
Another vulnerability to note is an escalation of privilege in Print Spooler (CVE-2024-21433 with a CVSS score of 7), which would grant an attacker system access and privileges.
Overall, many issues are resolved with the new Patch Tuesday update, so Windows users should update immediately to ensure their systems and networks are protected.
You should read it
- Microsoft updated Patch Tuesday in October 2020, patching the 'Ping of Death' vulnerability on Windows 10
- Microsoft releases new Patch Tuesday update for Windows 10
- Microsoft patched a series of serious bugs for IE and Office next Tuesday
- Patch Tuesday security patch causes blue screen errors and slows down Windows 10
- Microsoft is about to release Patch Tuesday
- Microsoft released patches for more than 100 security holes on Windows
- Users should update Windows immediately to fix 33 vulnerabilities
- Microsoft releases new update for Windows 10 and 11, fixing VPN errors
- Microsoft confirms Patch Tuesday patch May 2022 causes AD authentication error
- Microsoft released an updated patch for 25 critical security holes
- Update KB5013943 fixes screen flickering and problems with .NET apps on Windows 11
- Microsoft releases Windows 10 update KB5006670 to fix taskbar errors
Maybe you are interested
The advantages and risks you may face of having children in your 20s and 30s How to view all applied Group Policies in Group Policy Editor What is ChatGPT Code Interpreter? Why is it so important? How to make money by livestreaming on Booyah! TOP relaxing games like Virtual Cottage 5 ways to securely disconnect a removable hard drive on a Mac