Microsoft’s Latest Security Update Addresses 61 Flaws

Microsoft has recently rolled out its monthly security update, tackling a total of 61 security flaws across its software. Among these vulnerabilities, two critical issues affecting Windows Hyper-V have been identified, potentially leading to denial-of-service (DoS) attacks and remote code execution. The severity of the 61 vulnerabilities is categorized as follows: two are rated Critical, 58 are rated Important, and one is rated Low. While none of the flaws are currently known to be publicly exploited or under active attack, six of them have been flagged with an "Exploitation More Likely" assessment. Notably, this latest update comes on the heels of Microsoft addressing 17 security flaws in its Chromium-based Edge browser since the February 2024 Patch Tuesday updates. ## Critical Vulnerabilities in Focus At the forefront of critical shortcomings addressed by Microsoft's update are CVE-2024-21407 and CVE-2024-21408, both impacting Hyper-V and posing risks for remote code execution and DoS conditions respectively. Furthermore, the update also resolves privilege escalation vulnerabilities in Azure Kubernetes Service Confidential Container (CVE-2024-21400), Windows Composite Image File System (CVE-2024-26170), and Authenticator (CVE-2024-21390). One particularly concerning vulnerability is CVE-2024-21390, which requires local access to exploit through malware or malicious applications already installed on a device. This flaw could potentially allow attackers to gain access to multi-factor authentication codes and manipulate accounts within the Authenticator app. ## Expert Insights According to Satnam Narang, senior staff research engineer at Tenable, attackers are constantly seeking ways to bypass multi-factor authentication. Exploiting such vulnerabilities not only grants access to sensitive accounts but also enables data theft and account hijacking by changing passwords and replacing authentication devices. Another noteworthy vulnerability addressed in the update is a privilege escalation bug in the Print Spooler component (CVE-2024-21433), which could grant attackers SYSTEM privileges under specific conditions. Additionally, a remote code execution flaw in Exchange Server (CVE-2024-26198) allows unauthenticated threat actors to execute malicious DLL files by tricking victims into opening specially crafted files placed on online directories. ## Highest-Rated Vulnerability The vulnerability with the highest CVSS rating is CVE-2024-21334, involving remote code execution in Open Management Infrastructure (OMI). Redmond warns that unauthenticated attackers could exploit this flaw by sending specially crafted requests to trigger a use-after-free vulnerability. In summary, while this year's first quarter Patch Tuesday has seen fewer vulnerabilities patched compared to previous years, it remains crucial for users to apply these updates promptly to safeguard their systems against potential threats. Stay informed about cybersecurity updates from various vendors by following us on [Twitter](https://twitter.com/thehackersnews) and [LinkedIn](https://www.linkedin.com/company/thehackernews/).