Microsoft fixed two zero-day flaws exploited in malware-based attacks
April 11, 2024
Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware
Microsoft addressed two zero-day vulnerabilities, tracked as CVE-2024-29988 and CVE-2024-26234, that threat actors are exploiting to deliver malware.
Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017. The issues impact Microsoft Windows and Windows Components; Office and Office Components; Azure; .NET Framework and Visual Studio; SQL Server; DNS Server; Windows Defender; Bitlocker; and Windows Secure Boot. According to ZDI, three of these vulnerabilities were reported through their ZDI program.
Below are the descriptions of the two flaws:
CVE-2024-29988 – SmartScreen Prompt Security Feature Bypass Vulnerability. An attacker can exploit this security feature bypass vulnerability by tricking a user into launching malicious files using a launcher application that requests that no UI be shown. An attacker could send the targeted user a specially crafted file designed to trigger the remote code execution issue. The flaw is actively exploited in the wild, but Microsoft did not confirm it.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, zero-day)