Security News > 2024 > August > Microsoft fixes 6 zero-days under active attack
2024-08-13 20:09
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory Corruption Vulnerability that could lead to remote code execution. Reported by AhnLab and South Korea’s National Cyber Security Center (NCSC), the flaw can be successfully exploited only if the target uses Microsoft Edge in Internet … More → The post Microsoft fixes 6 zero-days under active attack appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/08/13/microsoft-zero-days-under-attack/
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-38178 | Unspecified vulnerability in Microsoft products Scripting Engine Memory Corruption Vulnerability | 7.5 |