Microsoft’s latest Patch Tuesday update addresses 79 vulnerabilities, including four zero-day exploits that are already being actively targeted by attackers. This update is the fourth largest of the year and includes seven critical remote code execution (RCE) and elevation of privilege vulnerabilities.

Key Zero-Day Vulnerabilities:

1. CVE-2024-38226: Affects Microsoft Publisher, allowing attackers to bypass Office macros and execute local attacks through social engineering.
2. CVE-2024-38217: Targets the Windows Mark of the Web (MoTW) feature, enabling attackers to bypass security checks and introduce malicious files.
3. CVE-2024-38014: An elevation of privilege vulnerability in Windows Installer, allowing attackers to gain system-level privileges.
4. CVE-2024-43491: A high-severity RCE in Windows Update, rolling back previous fixes and exposing systems to previously mitigated vulnerabilities.

Other Notable Vulnerabilities:

• CVE-2024-43461: A Windows spoofing vulnerability similar to a previously exploited zero-day.
• CVE-2024-38018: A critical RCE in Microsoft SharePoint Server with no available mitigations.
• CVE-2024-38241 and CVE-2024-38242: Elevation-of-privilege vulnerabilities in Kernel Streaming Service Driver.

Security experts emphasize the importance of prioritizing these patches to protect against potential exploits. This update follows a similar trend from August, where Microsoft disclosed six zero-day vulnerabilities.

Security gaps are left open when your IT infrastructure does not have a well configured managed end-point-management solution. Patches are a critical part of maintaining a secure infrastructure to secure your business security and ability to stay open for business. ForesterIT.com has solutions to monitor, patch, and its fully managed by a real person to run check and tests on what needs to be done.