Security News > 2024 > July > Critical Windows licensing bugs, plus two others under attack, top Patch Tuesday
Patch Tuesday Clear your Microsoft system administrator's diary: The bundle of fixes in Redmond's July Patch Tuesday is a doozy, with at least two bugs under active exploitation.
The first of two vulnerabilities for sure under active exploit - CVE-2024-38080 - is a Windows Hyper-V elevation of privilege flaw with a 7.8-out-of-10 CVSS rating, which Microsoft deemed "Important."
We don't know how widespread exploitation is of this one, though Microsoft does note "An attacker who successfully exploited this vulnerability could gain system privileges." Plus, as Zero Day Initiative's Dustin Childs pointed out, this exploit would prove quite useful for ransomware.
The second bug listed as having been found and exploited by miscreants before Redmond pushed a patch is a Windows MSHTML platform spoofing vulnerability tracked as CVE-2024-38112.
Of the remaining Microsoft CVEs, five are critical severity and three of those - CVE-2024-38074, CVE-2024-38076 and CVE-2024-38077 - are 9.8-rated RCE bugs in Windows Remote Desktop Licensing Service.
The other two critical Microsoft bugs include CVE-2024-38060 - an 8.8-rated RCE in Windows Imaging Component that could be exploited by any authenticated user uploading a malicious TIFF file to a server.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/10/july_2024_patch_tuesday/
Related news
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- October 2024 Patch Tuesday forecast: Recall can be recalled (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-38112 | Unspecified vulnerability in Microsoft products Windows MSHTML Platform Spoofing Vulnerability | 7.5 |
| 2024-07-09 | CVE-2024-38080 | Unspecified vulnerability in Microsoft products Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
| 2024-07-09 | CVE-2024-38077 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
| 2024-07-09 | CVE-2024-38076 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
| 2024-07-09 | CVE-2024-38074 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
| 2024-07-09 | CVE-2024-38060 | Out-of-bounds Write vulnerability in Microsoft products Windows Imaging Component Remote Code Execution Vulnerability | 8.8 |