Who: Microsoft has released its April 2024 security updates, addressing a total of 149 vulnerabilities, including two actively exploited zero-days.
What: Among the 149 vulnerabilities addressed, three are rated Critical, with the remaining categorized as Important, Moderate, or Low severity. Notably, two zero-day flaws have been actively exploited in the wild: CVE-2024-26234, a Proxy Driver Spoofing Vulnerability, and CVE-2024-29988, a SmartScreen Prompt Security Feature Bypass Vulnerability.
Impact: The security updates address a range of vulnerabilities, including remote code execution, privilege escalation, security feature bypass, and denial-of-service bugs. One noteworthy flaw is CVE-2024-29990, an elevation of privilege vulnerability affecting Microsoft Azure Kubernetes Service Confidential Container, which could allow unauthenticated attackers to steal credentials. Additionally, the release highlights ongoing challenges with Secure Boot vulnerabilities and underscores the need for improved security practices. Microsoft has also faced criticism for its handling of cybersecurity incidents, including a recent report highlighting lapses in preventing cyber espionage campaigns. Meanwhile, cybersecurity firm Varonis has detailed methods for attackers to circumvent audit logs while exfiltrating files from SharePoint, prompting organizations to closely monitor access events until a fix is released.
Read the full article HERE