Security News > 2024 > August > Microsoft fixes 6 zero-days under active attack

August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory Corruption Vulnerability that could lead to remote code execution. Reported by AhnLab and South Korea’s National Cyber Security Center (NCSC), the flaw can be successfully exploited only if the target uses Microsoft Edge in Internet … More → The post Microsoft fixes 6 zero-days under active attack appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/08/13/microsoft-zero-days-under-attack/
Related news
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- Broadcom fixes three VMware zero-days exploited in attacks (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-13 | CVE-2024-38178 | Unspecified vulnerability in Microsoft products Scripting Engine Memory Corruption Vulnerability | 7.5 |