Windows 10 and 11 PC users need to update this patch immediately
The latest Patch Tuesday patch released by Microsoft helps fix two Zero-day vulnerabilities and related evidence that these vulnerabilities have been exploited by hackers to launch a new attack. So users need to update them as soon as possible.
Both Windows 10 and 11 are vulnerable.
The first vulnerability tracking number is CVE-2024-26234. This is a proxy driver spoofing vulnerability that could use valid Microsoft hardware publishing certificates to certify malicious drivers. Sophos X-Ops is the security firm that discovered this vulnerability in December 2023 and team leader Christopher Budd reported this vulnerability to Microsoft.
According to the report, the malicious file labeled 'Category Customer Authentication Service' appears to impersonate Thales Group. Further investigation revealed that the malware also came with a marketing software called 'LaiXi Android Screen Mirroring'.
While Sophos could not verify the authenticity of the LaiXi software, Budd said it believes the file is a malicious backdoor.
Users are advised to update immediately.
Another vulnerability identified as CVE-2024-29988 can bypass system protection mechanisms and disable SmartScreen prompts. The vulnerability was discovered by Peter Girnus of Trend Micro's Zero-Day Project and Dmitrij Lenz and Vlad Stolyarov of Google's Threat Analysis Team.
Dustin Childs, director of threat intelligence at ZDI, pointed out that attackers could use this vulnerability to evade EDR/NDR detection and bypass Mark of the Web (MoTW) functionality. , and can deploy many types of malware on the target Windows system.
You should read it
- Microsoft patched a series of serious bugs for IE and Office next Tuesday
- Patch Tuesday security patch causes blue screen errors and slows down Windows 10
- Microsoft is about to release Patch Tuesday
- Microsoft released patches for more than 100 security holes on Windows
- Users should update Windows immediately to fix 33 vulnerabilities
- Microsoft fixes 61 vulnerabilities in latest Windows update
- Microsoft releases new update for Windows 10 and 11, fixing VPN errors
- Microsoft confirms Patch Tuesday patch May 2022 causes AD authentication error
May be interested
- Microsoft releases new Patch Tuesday update for Windows 10microsoft has released a series of new cumulative updates for win 10 as part of the monthly patch tuesday update cycle, bringing changes and fixes to improve the quality and security of windows 10.
- 5 best patch management and monitoring softwarepatch management software not only helps you update the system but also saves your company from potential threats, ransomware, viruses and exploits, which can cripple the it infrastructure.
- Microsoft has released a critical update for Windows 10, users need to update nowmicrosoft recently released a critical update for windows 10 as well as windows server 2016 and windows server 2019 to fix a security vulnerability discovered by the u.s. national security agency (nsa) on april 14. 1 past.
- Download an emergency Windows patch right away, fix two critical vulnerabilities, affecting every Windows versionmicrosoft has announced a new windows emergency patch, aimed at patching more than 90 security flaws, including two vulnerabilities used in direct attacks. every windows is affected, please update your operating system now.
- Update KB5013943 fixes screen flickering and problems with .NET apps on Windows 11a series of issues have been fixed and a series of vulnerabilities have been patched in microsoft's windows 11 update kb5013493 and patch tuesday may 2022.
- Should I update to iOS 15?every time apple releases a new operating system update, many users wonder whether to update immediately or wait a while. each option has many factors to consider.
- Serious security vulnerability on AMD CPUs has been patchedusers need to update the microcode patch immediately to ensure security.
- This is the last update of Windows 7, what's special?windows 7 has officially entered the phase of discontinuing support (eos), meaning that users will not receive any additional feature updates and security patches.
- Microsoft updated Patch Tuesday in October 2020, patching the 'Ping of Death' vulnerability on Windows 10patch tuesday's security update by windows 10 this month fixes a fairly serious security hole.
- Update KB5005033 causes serious error on Windows 10some users reported that their windows 10 computer encountered a black screen error after updating to kb5005033. specifically, windows 10's default alt+tab function was broken after the july 2021 preview update and the august 2021 patch update patch.