Security News > 2024 > September > Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
2024-09-10 19:41

September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (CVE-2024-43491) that rolled back earlier CVE fixes. The actively exploited flaws Let’s start with the only one that was previously publicly known: CVE-2024-38217, a vulnerability that allows attackers to bypass Mark of the Web (MotW). Elastic Security researcher Joe Desimone … More → The post Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/09/10/cve-2024-38217-cve-2024-43491/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-43491 Unspecified vulnerability in Microsoft Windows 10 1507
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015).
network
low complexity
microsoft
critical
9.8
2024-09-10 CVE-2024-43461 Unspecified vulnerability in Microsoft products
Windows MSHTML Platform Spoofing Vulnerability
network
low complexity
microsoft
8.8
2024-09-10 CVE-2024-38226 Unspecified vulnerability in Microsoft Office and Publisher
Microsoft Publisher Security Feature Bypass Vulnerability
local
low complexity
microsoft
7.3
2024-09-10 CVE-2024-38217 Unspecified vulnerability in Microsoft products
Windows Mark of the Web Security Feature Bypass Vulnerability
network
low complexity
microsoft
5.4
2024-09-10 CVE-2024-38014 Unspecified vulnerability in Microsoft products
Windows Installer Elevation of Privilege Vulnerability
local
low complexity
microsoft
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 708 787 4587 4647 3639 13660