Security News > 2024 > July > Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)
For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days in Windows Hyper-V and Windows MSHTML Platform.
CVE-2024-38080 is a integer overflow or wraparound bug affecting Hyper-V, Windows' native hypervisor for creating virtual machines on systems running Windows and Windows Server.
Successful exploitation may allow attackers to gain SYSTEM privileges on the host machine, but initial local access is required to exploit the flaw, according to Microsoft.
Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative, advises testing and deploying this update quickly on systems running Hyper-V. "While not specifically stated by Microsoft, let's assume the worst-case scenario and say that an authorized user could be on a guest OS. Microsoft also does not state how widespread the exploitation is, but this exploit would prove quite useful for ransomware."
Among the critical vulnerabilities fixed are three affecting the Windows Remote Desktop Licensing Service.
"An attacker could send a specially crafted packet to a server set up as a Remote Desktop Licensing server, which will cause remote code execution," Microsoft says.
News URL
Related news
- Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) (source)
- Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) (source)
- Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) (source)
- Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-38080 | Unspecified vulnerability in Microsoft products Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |