Security News > 2024 > May > May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)
For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days actively exploited by attackers.
CVE-2024-30051 is a heap-based buffer overflow vulnerability affecting the Windows DWM Core Library that can be exploited to elevate attackers' privileges on a target system.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft says.
CVE-2024-30040 is a vulnerability that allows attackers to bypasses OLE mitigations in Microsoft 365 and Microsoft Office.
"An unauthenticated attacker who successfully exploited this vulnerability could gain code execution through convincing a user to open a malicious document at which point the attacker could execute arbitrary code in the context of the user."
Satnam Narang, senior staff research engineer at Tenable, says that exploitation of CVE-2024-30044, the only critical vulnerability fixed this month, requires an attacker to be authenticated to a vulnerable SharePoint Server with Site Owner permissions first and then take additional steps, "Which makes this flaw less likely to be widely exploited as most attackers follow the path of least resistance."
News URL
https://www.helpnetsecurity.com/2024/05/14/patch-tuesday-cve-2024-30051-cve-2024-30040/
Related news
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) (source)
- Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-14 | CVE-2024-30051 | Out-of-bounds Write vulnerability in Microsoft products Windows DWM Core Library Elevation of Privilege Vulnerability | 0.0 |
| 2024-05-14 | CVE-2024-30044 | Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Server 2016/2019 Microsoft SharePoint Server Remote Code Execution Vulnerability | 0.0 |
| 2024-05-14 | CVE-2024-30040 | Information Exposure Through Discrepancy vulnerability in Microsoft products Windows MSHTML Platform Security Feature Bypass Vulnerability | 0.0 |