惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Google DeepMind News
Google DeepMind News
Stack Overflow Blog
Stack Overflow Blog
Hugging Face - Blog
Hugging Face - Blog
博客园_首页
T
The Blog of Author Tim Ferriss
博客园 - 叶小钗
N
Netflix TechBlog - Medium
腾讯CDC
C
Check Point Blog
P
Proofpoint News Feed
Engineering at Meta
Engineering at Meta
GbyAI
GbyAI
S
SegmentFault 最新的问题
F
Fortinet All Blogs
美团技术团队
U
Unit 42
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园 - 司徒正美
F
Full Disclosure
Recorded Future
Recorded Future
D
DataBreaches.Net
博客园 - 【当耐特】
Martin Fowler
Martin Fowler
J
Java Code Geeks
I
InfoQ
Y
Y Combinator Blog
A
About on SuperTechFans
AI
AI
爱范儿
爱范儿
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Forbes - Security
Forbes - Security
W
WeLiveSecurity
M
MIT News - Artificial intelligence
雷峰网
雷峰网
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
Schneier on Security
Schneier on Security
The GitHub Blog
The GitHub Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
aimingoo的专栏
aimingoo的专栏
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
G
GRAHAM CLULEY
Know Your Adversary
Know Your Adversary
Latest news
Latest news
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
D
Docker
Recent Commits to openclaw:main
Recent Commits to openclaw:main
量子位
V2EX - 技术
V2EX - 技术
Project Zero
Project Zero

Vulnerabilities – ThreatDown by Malwarebytes

June 2025 Microsoft Patch Tuesday fixes two zero-days April 2025 Patch Tuesday includes one zero-day March 2025 Patch Tuesday, severity over quantity What is Cross-Site Scripting (XSS)? - ThreatDown by Malwarebytes Why ransomware gangs want you to keep using that GPON router - ThreatDown by Malwarebytes Hybrid cloud environments are not safe from ransomware Windows MSHTML vulnerability actively exploited - ThreatDown by Malwarebytes Update now! Critical CVSS 10 vulnerability in Ivanti EPM - ThreatDown by Malwarebytes Ransomware gangs target SonicWall vulnerability
Update now! Four zero-days fixed in September Patch Tuesday - ThreatDown by Malwarebytes
Pieter Arntz · 2024-09-11 · via Vulnerabilities – ThreatDown by Malwarebytes
patch Tuesday header

Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days.

Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days.

The Cybersecurity and infrastructure Security Agency (CISA) has added four of these CVEs to its known exploited vulnerabilities catalog, based on evidence of active exploitation. The actively exploited CVEs from Microsoft’s September Patch Tuesday are:

CVE-2024-38226 (CVSS score 7.3 out of 10): a Microsoft Publisher security feature bypass vulnerability. An attacker who successfully exploited this vulnerability could bypass Office macro policies used to block untrusted or malicious files. The attacker needs to be an authenticated user to exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim’s computer.

Microsoft Publisher is a standalone application included in some versions of Microsoft Office. This flaw lets attackers bypass Microsoft’s Mark of the Web (MOTW)—the technology that prevents users running macros in documents downloaded from the internet.

CVE-2024-43491 (CVSS score 9.8 out of 10): a Microsoft Windows Update remote code execution (RCE) vulnerability. This vulnerability in Servicing Stack allows an attacker to exploit previously mitigated vulnerabilities on Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB systems that have installed the Windows security update released on March 12, 2024 or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB043936) AND the September 2024 Windows security update (KB5043083), in that order. Customers whose systems are configured to receive automatic updates do not need to take any further action.

Microsoft notes: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support.

CVE-2024-38014 (CVSS score 7.8 out of 10): a Microsoft Windows Installer privilege escalation vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Privilege escalation vulnerabilities are often used in combination with other vulnerabilities to get the necessary permissions to further compromise an attacked system.

CVE-2024-38217 (CVSS score 5.4 out of 10): another Microsoft Windows Mark of the Web (MOTW) security feature bypass vulnerability. An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses. To exploit this vulnerability, an attacker could host a file on an attacker-controlled server, then convince a targeted user to download and open the file. This vulnerability has been publicly disclosed and exploit code has been made available.

Other vendors

Other vendors have synchronized their periodic updates with Microsoft. Here are a few major ones that you may find in your environment.

Adobe has released security updates for Adobe Acrobat and Reader.

Android saw several important patches in its September Security bulletin.

Ivanti released a security advisory which tackles several important vulnerabilities.

SonicWall issued a patch for a vulnerability actively exploited by ransomware groups.

We don’t just report on vulnerabilities—we identify them, and prioritize action.

Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in check by using ThreatDown’s Vulnerability Assessment and Patch Management solutions.