InfoSecBulletin Cybersecurity for mankind
Microsoft has released updates for 49 security vulnerabilities in its Patch Tuesday update for June. One of the fixes addresses a critical bug in Microsoft Message Queuing (MSMQ) technology that could allow remote code execution (RCE) and server takeover.
The number of bugs in each vulnerability category is listed below:
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
25 Elevation of Privilege Vulnerabilities
18 Remote Code Execution Vulnerabilities
3 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities
The CVE-2024-30080 vulnerability has a severity score of 9.8/10 and can be exploited by an attacker who sends manipulated malicious MSMQ packets to a MSMQ server.
“This could result in remote code execution on the server side,” Redmond’s security response team warned in an advisory.
Microsoft informed that the Windows message queuing service needs to be enabled for a system to be vulnerable to this exploit. They advised customers to check if a service named Message Queuing is running and if TCP port 1801 is listening on the machine.
A serious flaw in MSMQ is the main focus of the latest Patch Tuesday, which addresses a total of 51 security issues in various Windows OS components and services.
The company found several code execution issues in Microsoft Office, as well as bugs in the Windows Link Layer Topology Discovery Protocol and Windows Event Trace Log File Parsing.
Security experts are also calling attention to CVE-2024-30078, a Windows WiFi driver remote code execution vulnerability with a CVSS severity score of 8.8/10.
“Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions. An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution,” Microsoft warned. click here to read the full report.
