Microsoft fixes three zero-day vulnerabilities, two actively exploited | Windows

Advertisement Gaming: Visit today for your PlayStation, Xbox, Xbox bundles, Nintendo games.
Xbox  |  Xbox Bundles  |  Nintendo  |  Playstation  |  Cards
Manor Lords is a strategy game that allows you to experience the life of a medieval lord.
Horizon Forbidden West. Join Aloy as she braves a majestic but dangerous new frontier that holds mysterious new threats. This Complete Edition allows you to enjoy the critically acclaimed Horizon Forbidden West on PC...

In addition to QakBot, the Kaspersky researchers have seen other payloads deployed with the exploit for the new CVE-2024-30051 vulnerability, including the Cobalt Strike beacon. As a result, Kaspersky has concluded that the exploit is currently known and being used by multiple groups.

It’s worth noting that CVE-2024-30051 cannot be used to gain initial access. It is a privilege escalation flaw that enables attackers to gain full system control (SYSTEM privileges) once they’re already able to execute malware on a computer.

OLE security bypass

The second vulnerability exploited in the wild affects the Windows MSHTML platform, enabling attackers to bypass Microsoft Object Linking & Embedding (OLE) defenses in Microsoft 365 and Microsoft Office.

OLE allows Office documents to embed links to external objects and documents that could call other programs. Attackers have long been known to exploit this feature with techniques such as OLE template injection to execute malicious code from custom-crafted files. For this reason, Microsoft Office now has Protected View mode for files downloaded from the internet.

“An attacker would have to convince the user to load a…


FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.

Ad Amazon Minecraft the game, plus clothing, toys, and accessories.

Ad Amazon Gaming Laptops, clothing, games and more

Ad Amazon MUSIC Artists Merch Shop

Stay connected throughout the year with official, ongoing Microsoft podcasts.
Microsoft Podcasts Apple | Microsoft podcasts YouTube

“Happiness is when what you think, what you say, and what you do are in harmony.” —Mahatma Gandhi

Related Posts