InfoSecBulletin Cybersecurity for mankind
Microsoft disclosed 48 vulnerabilities in its products and services in 2024. 46 of them are considered “important” severity.
A critical security vulnerability, known as CVE-2024-20674, was fixed on Tuesday. This vulnerability affects the Windows Kerberos authentication protocol. By carrying out a man-in-the-middle attack, an attacker could exploit this vulnerability to pretend to be the Kerberos authentication server and bypass the authentication process.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Microsoft believes that the vulnerability is more likely to be exploited because Keberos is present on many popular operating systems.
Another important issue is CVE-2024-20700, which allows for remote code execution in Windows Hyper-V. An attacker needs to win a race condition and gain access to a restricted network for the exploit to work.
Two more remote code execution vulnerabilities are important: CVE-2024-21307 in Windows Remote Desktop Client and CVE-2024-21318 in SharePoint Server.
CVE-2024-21307 is a vulnerability that can be exploited when an authenticated user connects to a malicious remote desktop server. The server sends a specially designed Server RDP Preconnection that targets the remote client’s drive redirection virtual channel. This can result in remote code execution on the victim’s machine.
CVE-2024-21318 can be exploited by attackers with relative ease. They only need to write and inject specific code to SharePoint Server.
The Windows Kernel has a vulnerability called CVE-2024-20698, which allows an attacker to gain SYSTEM privileges. There are no details on how the attacker can exploit this vulnerability.
A complete list of all the other vulnerabilities Microsoft disclosed this month is available on its update page.
