Security News > 2024 > October > Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
2024-10-08 19:37

For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console (MMC). About CVE-2024-43573 and CVE-2024-43572 As far as it can be deduced from the accompanying advisory, CVE-2024-43573 is similar to CVE-2024-38112, a vulnerability in MSHTML, a browser engine for the now deprecated Internet Explorer, which has … More → The post Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/10/08/cve-2024-43573-cve-2024-43572/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-10-08 CVE-2024-43573 Unspecified vulnerability in Microsoft products
Windows MSHTML Platform Spoofing Vulnerability
network
low complexity
microsoft
8.1
2024-10-08 CVE-2024-43572 Unspecified vulnerability in Microsoft products
Microsoft Management Console Remote Code Execution Vulnerability
local
low complexity
microsoft
7.8
2024-07-09 CVE-2024-38112 Unspecified vulnerability in Microsoft products
Windows MSHTML Platform Spoofing Vulnerability
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399