Microsoft Fixes 60 Vulnerabilities With 2 Actively Exploited Zero-Day

In its May 2024 Patch Tuesday release, Microsoft addressed 60 vulnerabilities, including 2 zero-day vulnerabilities actively exploited in the wild.

The updates cover a range of vulnerability categories.

• 27 Remote Code Execution Vulnerabilities
• 17 Elevation of Privilege Vulnerabilities
• 7 Information Disclosure Vulnerabilities
• 4 Spoofing Vulnerabilities.
• 3 Denial of Service Vulnerabilities
• 2 Security Feature Bypass Vulnerabilities

Zero-Day Vulnerabilities Addressed

Microsoft has patched two actively exploited zero-day vulnerabilities in this update:

CVE-2024-30040 – Windows MSHTML Platform Security Feature Bypass Vulnerability

This flaw could enable attackers to bypass OLE mitigations in Microsoft 365 and Microsoft Office.

An attacker must get the user to load a malicious file onto a weak system by offering something tempting in an email or instant message. Then, they would have to get the user to change the specially made file but not necessarily open or click on the malicious file.

Successful exploitation requires convincing a user to open a malicious document, potentially leading to arbitrary code execution.

CVE-2024-30051 – Windows DWM Core Library Elevation of Privilege Vulnerability

This vulnerability could grant an attacker SYSTEM privileges on Windows devices. Recent Qakbot malware phishing attacks have exploited this flaw to gain elevated privileges.

Vlad Stolyarov and Benoit Sevens of Google Threat Analysis Group, Bryce Abdo, and Adam Brunner of Google Mandiant reported the vulnerability.

Study malware before it attacks: Join 400,000 professionals using the ANY.RUN malware sandbox. Sign up for free

List of 60 Vulnerabilities & Fixes: