Microsoft (MSFT) has launched the September 2024 patch updates, addressing 79 vulnerabilities—seven of which are deemed Critical, 71 Important, and one Moderate.
Notably, the update includes patches for actively exploited zero-day vulnerabilities such as CVE-2024-38014 (Windows Installer Elevation of Privilege Vulnerability), CVE-2024-38217 (Windows Mark of the Web Security Feature Bypass Vulnerability), and CVE-2024-38226 (Microsoft Publisher Security Feature Bypass Vulnerability).
"Exploitation of both CVE-2024-38226 and CVE-2024-38217 can lead to the bypass of significant security features aimed at blocking Microsoft Office macros," stated Satnam Narang, Senior Staff Research Engineer at Tenable. Narang elaborated, "In both cases, the target needs to be coaxed into opening a specially crafted file from an attacker-controlled server. However, exploiting CVE-2024-38226 also requires the attacker to be authenticated and have local access to the system."
Microsoft evaluated 19 of the Common Vulnerabilities and Exposures (CVEs) in the latest updates as having a higher likelihood of exploitation. These vulnerabilities are particularly worrisome as they allow remote code execution, involve low-complexity attacks, require no user interaction, and are present in widely deployed products, among other concerning attributes.
