Microsoft has unveiled a significant update this August, addressing a total of 102 vulnerabilities across its product suite. Among these, six vulnerabilities are currently under active exploitation, while four others are publicly disclosed but not yet exploited. This month’s Patch Tuesday underscores the importance of vigilance in cybersecurity, especially with the backdrop of increasing threats.
Active Exploits and Critical Vulnerabilities
Among the vulnerabilities, the most pressing is CVE-2024-38189, a Remote Code Execution (RCE) vulnerability in Microsoft Project, which carries a CVSS rating of 8.8. The exploit requires certain security features to be disabled, making it a complex but not impossible target for attackers. The exploit’s details remain sparse, but it highlights the need for users to exercise caution when handling files from untrusted sources.
Another notable vulnerability is CVE-2024-38178, a Scripting Engine Memory Corruption flaw rated at 7.5. This vulnerability necessitates the use of Edge in Internet Explorer Mode, a feature that some organizations still rely on despite Microsoft ceasing support for the browser two years ago. If an attacker can lure a victim into clicking a malicious link while in this mode, they could execute remote code on the device.
Additionally, CVE-2024-38193 presents an Elevation of Privilege vulnerability with a CVSS score of 7.8, potentially allowing attackers to gain system privileges. Experts suggest that such vulnerabilities are often paired with code execution flaws, raising concerns about their potential use in ransomware attacks.
Other vulnerabilities include CVE-2024-38106, which involves a race condition in the Windows Kernel, and CVE-2024-38107, which also allows for elevation of privileges. Both have been exploited in the wild, reinforcing the urgency of applying patches promptly.
For those looking to prioritize their patching efforts, Microsoft has flagged four publicly disclosed vulnerabilities that, while not yet exploited, warrant immediate attention:
- CVE-2024-38200 – Microsoft Office Spoofing Vulnerability (6.5 CVSS)
- CVE-2024-38199 – Windows Line Printer Daemon (LPD) Service RCE Vulnerability (9.8 CVSS)
- CVE-2024-21302 – Windows Secure Kernel Mode Elevation of Privilege Vulnerability (6.7 CVSS)
- CVE-2024-38202 – Windows Update Stack Elevation of Privilege Vulnerability (7.3 CVSS)
Adobe and SAP Security Updates
In a parallel effort, Adobe has addressed 71 CVEs across its suite of products, including Illustrator, Photoshop, and Acrobat. The updates span 11 different applications, with Commerce being the most affected, featuring seven critical vulnerabilities. Notably, Adobe has reported no known exploits for these flaws, allowing users to update with confidence.
SAP has also stepped up its security measures, releasing 25 new or updated patches, including two HotNews notes. One of the most critical, CVE-2024-41730, carries a CVSS rating of 9.8 and addresses a denial of service vulnerability in the SAP BusinessObjects platform. This vulnerability poses a significant risk, as it could allow unauthorized users to compromise system integrity if Single Sign-On Enterprise authentication is enabled.
Intel's Comprehensive Security Measures
Intel has joined the ranks of companies addressing security vulnerabilities, issuing 43 advisories this month. Among these, nine are classified as high-severity flaws. These vulnerabilities span various products, including Intel Ethernet Controllers and Adapters, which may allow for privilege escalation or denial of service. Additionally, issues in Intel NUC BIOS Firmware and the Intel Core Ultra Processor could also lead to serious security breaches if left unpatched.
This collective effort by Microsoft, Adobe, SAP, and Intel highlights the critical need for organizations to stay ahead in the ever-evolving landscape of cybersecurity threats. Regular updates and prompt patching remain essential defenses against potential exploits.
