October 9, 2024 at 03:27AM
Microsoft has issued security updates for 118 vulnerabilities, including two under active exploitation. Key vulnerabilities include CVE-2024-43572 and CVE-2024-43573, both related to remote code execution and spoofing. The U.S. CISA has added these to its catalog, mandating fixes by October 29, 2024.
### Meeting Takeaways – Microsoft Security Updates (Oct 09, 2024)
1. **Total Vulnerabilities Addressed**: Microsoft released security updates for 118 vulnerabilities:
– 3 rated Critical
– 113 rated Important
– 2 rated Moderate
2. **Active Exploitation**: Two vulnerabilities are currently being exploited:
– **CVE-2024-43572**: Microsoft Management Console Remote Code Execution (CVSS 7.8)
– **CVE-2024-43573**: Windows MSHTML Platform Spoofing (CVSS 6.5)
3. **Publicly Known Vulnerabilities**: Five vulnerabilities were publicly known at the time of the release.
4. **Notable Vulnerabilities**:
– **CVE-2024-43468**: Remote execution flaw in Microsoft Configuration Manager (CVSS 9.8)
– **CVE-2024-43488**: Remote code execution in Visual Studio Code extension for Arduino (CVSS 8.8)
– **CVE-2024-43582**: Remote Desktop Protocol (RDP) Service vulnerability (CVSS 8.1)
5. **CISA Involvement**: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog, requiring federal agencies to apply the patches by **October 29, 2024**.
6. **Research Contributions**: Researchers identified CVE-2024-43572, while there is no acknowledgment for CVE-2024-43573, which raises concerns about potential patch bypass.
7. **Preventive Measures**: As a response to the discovery of CVE-2024-43572, Microsoft has implemented measures to prevent untrusted MSC files from being opened on systems.
8. **Recommendations for IT Security**: Organizations should prioritize patching these vulnerabilities, particularly the critical and actively exploited ones, to mitigate potential risks.
9. **Additional Updates from Other Vendors**: Other software vendors have also initiated updates to address various vulnerabilities in their products.
### Action Items:
– Ensure that all systems are patched against the mentioned vulnerabilities.
– Monitor upcoming communications from CISA regarding compliance deadlines.
– Follow the developments related to other vendor patches for comprehensive security coverage.