Alert! Microsoft Fixes 60 Vulnerabilities With 2 Actively Exploited Zero-Days

In its May 2024 Patch Tuesday release, Microsoft addressed 60 vulnerabilities, including 2 zero-day vulnerabilities actively exploited in the wild.

The updates cover a range of vulnerability categories.

• 27 Remote Code Execution Vulnerabilities

• 17 Elevation of Privilege Vulnerabilities

• 7 Information Disclosure Vulnerabilities

• 4 Spoofing Vulnerabilities.

• 3 Denial of Service Vulnerabilities

• 2 Security Feature Bypass Vulnerabilities

Zero-Day Vulnerabilities Addressed

Microsoft has patched two actively exploited zero-day vulnerabilities in this update:

CVE-2024-30040 – Windows MSHTML Platform Security Feature Bypass Vulnerability

This flaw could enable attackers to bypass OLE mitigations in Microsoft 365 and Microsoft Office.

An attacker must get the user to load a malicious file onto a weak system by offering something tempting in an email or instant message. Then, they would have to get the user to change the specially made file but not necessarily open or click on the malicious file.

Successful exploitation requires convincing a user to open a malicious document, potentially leading to arbitrary code execution.

CVE-2024-30051 – Windows DWM Core Library Elevation of Privilege Vulnerability

This vulnerability could grant an attacker SYSTEM privileges on Windows devices. Recent Qakbot malwarephishing attacks have exploited this flaw to gain elevated privileges.

Vlad Stolyarov and Benoit Sevens of Google Threat Analysis Group, Bryce Abdo, and Adam Brunner of Google Mandiant reported the vulnerability.

List of 60 Vulnerabilities & Fixes:

Windows Task SchedulerCVE-2024-26238Microsoft Windows SCSI Class System FileCVE-2024-29994Windows Common Log File System DriverCVE-2024-29996Windows Mobile BroadbandCVE-2024-29997Windows Mobile BroadbandCVE-2024-29998Windows Mobile BroadbandCVE-2024-29999Windows Mobile BroadbandCVE-2024-30000Windows Mobile BroadbandCVE-2024-30001Windows Mobile BroadbandCVE-2024-30002Windows Mobile BroadbandCVE-2024-30003Windows Mobile BroadbandCVE-2024-30004Windows Mobile BroadbandCVE-2024-30005Microsoft WDAC OLE DB provider for SQLCVE-2024-30006Microsoft Brokering File SystemCVE-2024-30007Windows DWM Core LibraryCVE-2024-30008Windows Routing and Remote Access Service (RRAS)CVE-2024-30009Windows Hyper-VCVE-2024-30010Windows Hyper-VCVE-2024-30011Windows Mobile BroadbandCVE-2024-30012Windows Routing and Remote Access Service (RRAS)CVE-2024-30014Windows Routing and Remote Access Service (RRAS)CVE-2024-30015Windows Cryptographic ServicesCVE-2024-30016Windows Hyper-VCVE-2024-30017Windows KernelCVE-2024-30018Windows DHCP ServerCVE-2024-30019Windows Cryptographic ServicesCVE-2024-30020Windows Mobile BroadbandCVE-2024-30021Windows Routing and Remote Access Service (RRAS)CVE-2024-30022Windows Routing and Remote Access Service (RRAS)CVE-2024-30023Windows Routing and Remote Access Service (RRAS)CVE-2024-30024Windows Common Log File System DriverCVE-2024-30025Windows NTFSCVE-2024-30027Windows Win32K – ICOMPCVE-2024-30028Windows Routing and Remote Access Service (RRAS)CVE-2024-30029Windows Win32K – GRFXCVE-2024-30030Windows CNG Key Isolation ServiceCVE-2024-30031Windows DWM Core LibraryCVE-2024-30032Microsoft Windows Search ComponentCVE-2024-30033Windows Cloud Files Mini Filter DriverCVE-2024-30034Windows DWM Core LibraryCVE-2024-30035Windows Deployment ServicesCVE-2024-30036Windows Common Log File System DriverCVE-2024-30037Windows Win32K – ICOMPCVE-2024-30038Windows Remote Access Connection ManagerCVE-2024-30039Windows MSHTML PlatformCVE-2024-30040Microsoft BingCVE-2024-30041Microsoft Office ExcelCVE-2024-30042Microsoft Office SharePointCVE-2024-30043Microsoft Office SharePointCVE-2024-30044.NET and Visual StudioCVE-2024-30045Visual StudioCVE-2024-30046Microsoft Dynamics 365 Customer InsightsCVE-2024-30047Microsoft Dynamics 365 Customer InsightsCVE-2024-30048Windows Win32K – ICOMPCVE-2024-30049Windows Mark of the Web (MOTW)CVE-2024-30050Windows DWM Core LibraryCVE-2024-30051Azure MigrateCVE-2024-30053Power BICVE-2024-30054Microsoft Edge (Chromium-based)CVE-2024-30055Microsoft IntuneCVE-2024-30059

Along with Microsoft, Adobe released security updates addressing the following vulnerabilities:

APSB24-29 : Security update available for Adobe Acrobat ReaderAPSB24-30 : Security update available for Adobe IllustratorAPSB24-31 : Security update available for Adobe Substance3D PainterAPSB24-33 : Security update available for Adobe AeroAPSB24-35 : Security update available for Adobe Substance3D DesignerAPSB24-36 : Security updateavailablefor Adobe AnimateAPSB24-37 : Security update available for Adobe FrameMakerAPSB24-39 : Security update available for Adobe Dreamweaver

Users of the affected Microsoft products mentioned in the security advisory are advised to upgrade to the latest software releases to prevent the vulnerabilities from being exploited.

Before installing system updates, it’s highly recommended that you consider the importance of creating a backup for your system or essential documents and data. This precautionary measure is always recommended to prevent data loss.

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: [Watch for Free](https://go.cynet.com/top-3-sme-attack-vectors?utm_source=cyber_security_news&utm_medium=webinar&utm_campaign=Q2-sponsored-webinars)