Microsoft Discloses Critical Hyper-V Flaws in Low-Volume Patch Update

March 12, 2024 at 06:13PM Microsoft’s March Patch Tuesday update addresses 60 unique CVEs, with only two rated as “critical”. Both affect Windows Hyper-V: CVE-2024-21407, a remote code execution (RCE) bug, and CVE-2024-21408, a denial-of-service (DoS) vulnerability. The update also includes fixes for 18 RCE and two dozen elevation-of-privilege vulnerabilities, requiring immediate attention. Notably, this … Read more

Windows Zero-Day Exploited in Attacks on Financial Market Traders

February 14, 2024 at 07:09AM Microsoft’s latest Patch Tuesday resolves over 70 vulnerabilities, including two zero-day exploits used for financial market trader attacks by the Water Hydra threat group. Trend Micro described the attacks, outlining the exploitation of CVE-2024-21412 to deliver DarkMe malware. It affects Windows Server 2019, Windows Server 2022, Windows 10, and Windows … Read more