The first Tuesday of every month marks Microsoft’s Patch Tuesday update. This month’s update addresses security concerns by addressing 73 flaws, including two zero-day vulnerabilities currently being exploited.
Within this update, five critical vulnerabilities have been remedied. These include issues such as denial of service, remote code execution, information disclosure, and elevation of privileges vulnerabilities.
Below are the quantities of bugs within each vulnerability category:
• 16 Elevation of Privilege Vulnerabilities
• 3 Security Feature Bypass Vulnerabilities
• 30 Remote Code Execution Vulnerabilities
• 5 Information Disclosure Vulnerabilities
• 9 Denial of Service Vulnerabilities
• 10 Spoofing Vulnerabilities
The tally of 73 flaws does not incorporate 6 Microsoft Edge flaws addressed on February 8th, along with 1 Mariner flaw.
This month's Patch Tuesday addresses two zero-day vulnerabilities that are actively exploited, as defined by Microsoft as flaws that are publicly disclosed or currently being exploited without an official fix available.
The two zero-day vulnerabilities addressed in today's updates are:
CVE-2024-21351 - Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft has addressed a Windows SmartScreen vulnerability that is actively exploited, enabling attackers to circumvent SmartScreen security checks.
It isn’t known how the flaw was abused in attacks or by what threat actor.
CVE-2024-21412 - Vulnerability in Internet Shortcut Files Bypassing Security Features
Microsoft has resolved a vulnerability in Internet Shortcut Files that was actively exploited and could circumvent Mark of the Web (MoTW) warnings in Windows.
According to Microsoft, "An unauthenticated attacker could send a specifically crafted file to the targeted user, aiming to bypass displayed security checks. However, the attacker lacks the ability to compel a user to view the content under their control. Instead, the user must voluntarily click on the file link."
To access the full description of each resolved vulnerability and the systems it affects, you can view the full report here.