Microsoft fixes 61 vulnerabilities in latest Windows update

Microsoft has released its monthly security update Patch Tuesday to fix 61 vulnerabilities across many software suites for Windows.

Two of the fixes rated critical are for issues related to Windows Hyper-V vulnerabilities that could lead to DoS (denial of service) incidents or remote code execution. Two serious vulnerabilities are numbered by Microsoft as CVE-2024-21407 and CVE-2024-21408.

Picture 1 of Microsoft fixes 61 vulnerabilities in latest Windows update

Additionally, the fix also fixes 58 critical issues and 1 low-severity issue. Among the fixes, 17 vulnerabilities have been fixed for the Chrome-based Microsoft Edge browser. They are designed to fix vulnerabilities discovered since the most recent Patch Tuesday monthly update (February 2024). Some of the vulnerabilities on this list include CVE-2024-21400 (CVSS score of 9), CVE-2024-26170 (CVSS score of 7.8), and CVE-2024-21390 (CVSS score of 7.1).

While threat actors need to have a local presence on the user's network, that can easily happen through malware or some malicious application that the victim may unknowingly install. . Microsoft claims that exploiting this vulnerability could allow an attacker to access the multi-factor authentication code for the victim's account, as well as modify or delete the account in the Authenticator authentication application.

Senior research engineer at Tenable Satnam Narang said having access to the target device is bad enough as they can track keystrokes, steal data and redirect users to websites Cheat. But things get even more dangerous with a new vulnerability that allows attackers to access and steal multi-factor authentication codes to log into sensitive accounts, steal data or completely take over accounts. accounts by changing passwords and replacing multi-factor authentication devices, locking users out of their accounts.

Another vulnerability to note is an escalation of privilege in Print Spooler (CVE-2024-21433 with a CVSS score of 7), which would grant an attacker system access and privileges.

Overall, many issues are resolved with the new Patch Tuesday update, so Windows users should update immediately to ensure their systems and networks are protected.

Update 04 April 2024
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile