Security News > 2024 > July > Critical Windows licensing bugs, plus two others under attack, top Patch Tuesday
Patch Tuesday Clear your Microsoft system administrator's diary: The bundle of fixes in Redmond's July Patch Tuesday is a doozy, with at least two bugs under active exploitation.
The first of two vulnerabilities for sure under active exploit - CVE-2024-38080 - is a Windows Hyper-V elevation of privilege flaw with a 7.8-out-of-10 CVSS rating, which Microsoft deemed "Important."
We don't know how widespread exploitation is of this one, though Microsoft does note "An attacker who successfully exploited this vulnerability could gain system privileges." Plus, as Zero Day Initiative's Dustin Childs pointed out, this exploit would prove quite useful for ransomware.
The second bug listed as having been found and exploited by miscreants before Redmond pushed a patch is a Windows MSHTML platform spoofing vulnerability tracked as CVE-2024-38112.
Of the remaining Microsoft CVEs, five are critical severity and three of those - CVE-2024-38074, CVE-2024-38076 and CVE-2024-38077 - are 9.8-rated RCE bugs in Windows Remote Desktop Licensing Service.
The other two critical Microsoft bugs include CVE-2024-38060 - an 8.8-rated RCE in Windows Imaging Component that could be exploited by any authenticated user uploading a malicious TIFF file to a server.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/10/july_2024_patch_tuesday/
Related news
- Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP (source)
- Windows Patch Tuesday update might send a user to the BitLocker recovery screen (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- London hospitals left in critical condition after ransomware attack (source)
- June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft (source)
- PHP fixes critical RCE flaw impacting all versions for Windows (source)
- Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs (source)
- Black Basta ransomware gang linked to Windows zero-day attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-38112 | User Interface (UI) Misrepresentation of Critical Information vulnerability in Microsoft products Windows MSHTML Platform Spoofing Vulnerability | 7.5 |
| 2024-07-09 | CVE-2024-38080 | Unspecified vulnerability in Microsoft products Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
| 2024-07-09 | CVE-2024-38077 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
| 2024-07-09 | CVE-2024-38076 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
| 2024-07-09 | CVE-2024-38074 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
| 2024-07-09 | CVE-2024-38060 | Out-of-bounds Write vulnerability in Microsoft products Windows Imaging Component Remote Code Execution Vulnerability | 8.8 |