Cisco Talos’ Vulnerability Research team revealed two significant vulnerabilities in Microsoft products that have been patched by the company over the past two Patch Tuesdays.
These vulnerabilities highlight the importance of timely security updates and the potential risks associated with unpatched systems.
Microsoft High-Definition Audio Bus Driver Denial-of-Service Vulnerability
Discovered by Marcin “Icewall” Noga, CVE-2024-45383 is a vulnerability in the Microsoft HD Audio Bus Driver that could allow an attacker to cause a denial of service.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Free Registration
This driver is crucial for the Windows operating system to communicate with external audio devices, including those integrated into motherboards or connected via HD audio interfaces.
The vulnerability arises from the mishandling of IRP (I/O Request Packet) requests in the driver’s interface.
An attacker can exploit this by sending multiple IRP Complete requests to the driver, leading to a denial of service and forcing the operating system into the “Blue Screen of Death”.
Stale Memory Dereference In Microsoft Pragmatic General Multicast Server
A Cisco Talos researcher discovered a memory corruption vulnerability in the Pragmatic General Multicast server in the Microsoft Windows 10 Kernel.
This vulnerability, CVE-2024-38140, can be triggered by a specially crafted network packet that accesses stale memory structures, resulting in memory corruption.
An attacker can exploit this vulnerability by sending a sequence of malicious packets.
Although Talos independently discovered this issue and reported it to Microsoft, the company had already identified the problem internally prior to the patch release earlier this year.
These vulnerabilities underscore the importance of regular security updates and the potential risks associated with unpatched systems.
Users are advised to ensure their systems are up to date with the latest patches to prevent exploitation of these vulnerabilities.
The swift disclosure and patching of these vulnerabilities demonstrate the collaborative efforts between security researchers and vendors to protect users from potential threats.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try It for Free