Security News > 2024 > August > Microsoft fixes 6 zero-days under active attack
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory Corruption Vulnerability that could lead to remote code execution. Reported by AhnLab and South Korea’s National Cyber Security Center (NCSC), the flaw can be successfully exploited only if the target uses Microsoft Edge in Internet … More → The post Microsoft fixes 6 zero-days under active attack appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/08/13/microsoft-zero-days-under-attack/
Related news
- New Attack Technique Exploits Microsoft Management Console Files (source)
- 'Skeleton Key' attack unlocks the worst of AI, says Microsoft (source)
- Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days (source)
- Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) (source)
- Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) (source)
- Windows MSHTML zero-day used in malware attacks for over a year (source)
- Japanese space agency spotted zero-day attacks while cleaning up raid on M365 (source)
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks (source)
- Microsoft links Scattered Spider hackers to Qilin ransomware attacks (source)
- Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-13 | CVE-2024-38178 | Scripting Engine Memory Corruption Vulnerability | 7.5 |