Security News > 2024 > October > Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console (MMC). SOC teams are frustrated with their security tools Security operations … More → The post Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools appeared first on Help Net Security.
News URL
Related news
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- 53% of security teams lack continuous and up-to-date visibility (source)
- AI agents swarm Microsoft Security Copilot (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- New Security Flaws Found in VMware Tools and CrushFTP — High Risk, PoC Released (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-08 | CVE-2024-43573 | Unspecified vulnerability in Microsoft products Windows MSHTML Platform Spoofing Vulnerability | 8.1 |
2024-10-08 | CVE-2024-43572 | Unspecified vulnerability in Microsoft products Microsoft Management Console Remote Code Execution Vulnerability | 7.8 |