.webp)
Microsoft released their security updates for May of 2024 which include fixes for two zero-day vulnerabilities: CVE-2024-30040 (CVSSv3: 8.8) and CVE-2024-30051 (CVSSv3:7.8). CVE-2024-30051 (Windows DWM Core Library Elevation of Privilege Vulnerability) allows for a local attacker to exploit this vulnerability to gain system-level privileges. CVE-2024-30040 (Windows MSHTML Platform Security Feature Bypass Vulnerability) allows a remote attacker to bypass OLE mitigations in M365 and Microsoft Office that protect users from vulnerable COM/OLE controls. It requires an attacker to convince a user to load a malicious file into a vulnerable system and manipulate it. This can allow an unauthenticated attacker to achieve remote arbitrary code execution from the context of the user. Both of these vulnerabilities are known to be exploited and have each been added to CISA’s Known Exploited Vulnerabilities Catalog, giving them a heightened patch priority and associated risk.
Both vulnerabilities are known to be exploited and can be used to execute code or obtain heighted privileges. These vulnerabilities, if exploited would have a high impact on any system affected by these vulnerabilities.
These vulnerabilities impact the Windows Operating System (Windows 10/11, Windows Server 2016/2019/2022). A detailed list of the affected products as well as patches and KB articles are detailed on the vulnerability pages for each vulnerability at the Microsoft Security Response Center Security Update Guide.
Applying the latest Windows updates to endpoints through the latest cumulative update. You can also obtain individual packages for the updates through the Microsoft Update Catalog.
If you utilize Windows systems, checking for updates and applying them to your machine is what must be done at a user level.
If you oversee applying patches to an organization, ensuring a policy is in place for automatic provisioning of Windows updates is essential. Due to the high risk these vulnerabilities bring due to being actively exploited, it is essential to expedite the process that endpoints and servers receive this update.
Exploitation of any of these vulnerabilities can allow an attacker to gain elevated privileges within a system or execute arbitrary code. This enables the attacker to create a backdoor in an organization’s environment and perform lateral movement. This can cause monetary, data, and reputational loss as a result. This depends on the attacker’s motive, as malware such as ransomware could be downloaded, data could be leaked and sold, or the organization could be brought does through a denial-of-service situation.
Patch: We recommend patching these vulnerabilities and apply Windows and Windows Server updates as soon as they are available. This is due to two actively exploited zero days being patched through these latest updates.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051
https://msrc.microsoft.com/update-guide/
In December 2020, Ticketmaster was hit with a $10 million fine for an act of corporate espionage. The company had engaged in unauthorized access to a competitor's computer systems, using stolen login credentials to gather confidential business intelligence. Although this scandal broke nearly four years ago, it serves as a reminder of the legal and ethical responsibilities businesses must adhere to in today’s marketplace.
Hospitals and healthcare providers have increasingly become targets of cyberattacks, which pose significant risks to patient care and safety. This document examines the various ways in which cyberattacks can disrupt hospital operations, compromise patient data security, and ultimately affect the quality of patient care. It also explores strategies and best practices that hospitals can implement to mitigate these risks and enhance their cybersecurity posture.
Ethical hacking has become an essential response to an IT industry kept on its toes by a spectrum of bad actors with malicious intent. This article introduces two prominent methodologies that help the good guys fight back: penetration testing (pen-testing) and red teaming. Learn more here.
Host Geoff Hancock was joined by guests Mike Rush, Director of Threat Intelligence at Access Point Consulting; and Evie Manning, Senior Director of Threat Hunting and Intelligence at Access Point Consulting. Together, they talked about cyber threat intelligence and the applications that can make it work for small and medium-sized businesses.
