Security News > 2024 > July > Critical Windows licensing bugs, plus two others under attack, top Patch Tuesday
Patch Tuesday Clear your Microsoft system administrator's diary: The bundle of fixes in Redmond's July Patch Tuesday is a doozy, with at least two bugs under active exploitation.
The first of two vulnerabilities for sure under active exploit - CVE-2024-38080 - is a Windows Hyper-V elevation of privilege flaw with a 7.8-out-of-10 CVSS rating, which Microsoft deemed "Important."
We don't know how widespread exploitation is of this one, though Microsoft does note "An attacker who successfully exploited this vulnerability could gain system privileges." Plus, as Zero Day Initiative's Dustin Childs pointed out, this exploit would prove quite useful for ransomware.
The second bug listed as having been found and exploited by miscreants before Redmond pushed a patch is a Windows MSHTML platform spoofing vulnerability tracked as CVE-2024-38112.
Of the remaining Microsoft CVEs, five are critical severity and three of those - CVE-2024-38074, CVE-2024-38076 and CVE-2024-38077 - are 9.8-rated RCE bugs in Windows Remote Desktop Licensing Service.
The other two critical Microsoft bugs include CVE-2024-38060 - an 8.8-rated RCE in Windows Imaging Component that could be exploited by any authenticated user uploading a malicious TIFF file to a server.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/10/july_2024_patch_tuesday/
Related news
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-38112 | Unspecified vulnerability in Microsoft products Windows MSHTML Platform Spoofing Vulnerability | 0.0 |
| 2024-07-09 | CVE-2024-38080 | Unspecified vulnerability in Microsoft products Windows Hyper-V Elevation of Privilege Vulnerability | 0.0 |
| 2024-07-09 | CVE-2024-38077 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 0.0 |
| 2024-07-09 | CVE-2024-38076 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 0.0 |
| 2024-07-09 | CVE-2024-38074 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 0.0 |
| 2024-07-09 | CVE-2024-38060 | Out-of-bounds Write vulnerability in Microsoft products Windows Imaging Component Remote Code Execution Vulnerability | 0.0 |