Microsoft Releases Large Update To Overcome Windows Security Vulnerabilities

Windows illustration from Microsoft (photo: x @AhmadIfatikhar86)

JAKARTA - Software giant Microsoft on Tuesday July 9 unveiled a series of major updates to fix security loopholes in the Windows ecosystem. They also warned that attackers were already exploiting Windows Hyper-V privileges escalation bugs on the ground.

"An attacker who manages to exploit this vulnerability can get SYSTEM privileges," Microsoft said in a short newsletter marking the Hyper-V issue in the category of detected exploitation'.

The Windows Hyper-V vulnerability, codenamed CVE-2024-38080, was reported anonymously to Redmond's security response center. It has a worst-case score of 7.8/10.

Microsoft shared no additional details about the observed attacks or data or telemetry to help defenders hunt for signs of infection.

Separately, the company is shifting urgent attention to the vulnerability of the MSHTML Windows (CVE-2024-38112) platform spoofing which is also marked as being exploited on the ground.

The successful exploitation of this vulnerability requires attackers to take additional action before exploitation to prepare the target environment. An attacker must send malicious files to victims who must be executed by the victim, "said Microsoft.

These exploited two zero-days are in the spotlight in a series of Patch Tuesday releases that include improvements to more than 140 vulnerabilities in the Windows ecosystem. Of the documented 143 bugs, five were rated critically, Microsoft's highest severity rating.

Security experts are urging Windows system admins to pay special attention to critical remote code execution CVE-2024-38023 at Microsoft Office SharePoint which is likely to be exploited by attackers.

Office SharePoint vulnerabilities can allow attackers who are authenticated with Site Owner's permission or higher to upload custom created files to targeted Server SharePoint and create a dedicated API request to trigger deserialization of file parameters.

This will allow attackers to perform remote code executions in the context of Server SharePoint, Microsoft confirmation, noting that attackers authentication with Site Owner's permission can use vulnerabilities to inject arbitrary codes and execute these codes in the context of Server SharePoint.

Microsoft patches also include improvements to severe remote code execution vulnerabilities in Windows Imaging Component and Windows Desktop Remote Licensing.

Microsoft patches came on the same day software maker Adobe sent critical-level patches for security defects in Adobe products Premiere Pro, Adobe InDesign, and Adobe Bridge.

Successful exploitation can lead to execution of arbitrary code, the company's warning. The Adobe problem affects Windows and macOS users.