Microsoft’s August 2024 Patch Tuesday Addresses Nine Zero-Days, Six Currently Exploited

August 13, 2024

Microsoft's August 2024 Patch Tuesday has rolled out, featuring security patches for 89 vulnerabilities, among them six that are actively exploited and three that have been publicly disclosed zero-days. A tenth zero-day is still being addressed by Microsoft. The fixes rolled out in this Patch Tuesday cover eight critical vulnerabilities, including a mix of elevation of privileges, remote code execution, and information disclosure.

The six actively exploited zero-day vulnerabilities addressed in today's updates are: CVE-2024-38178 - Scripting Engine Memory Corruption Vulnerability; CVE-2024-38193 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability; CVE-2024-38213 - Windows Mark of the Web Security Feature Bypass Vulnerability; CVE-2024-38106 - Windows Kernel Elevation of Privilege Vulnerability; CVE-2024-38107 - Windows Power Dependency Coordinator Elevation of Privilege Vulnerability; and CVE-2024-38189 - Microsoft Project Remote Code Execution Vulnerability.

Microsoft defines a zero-day flaw as one that is publicly disclosed or actively exploited while no official fix is available. The CVE-2024-38178 vulnerability requires an authenticated client to click a link for an unauthenticated attacker to initiate remote code execution. This link must be clicked in Microsoft Edge in Internet Explorer mode, making it a difficult flaw to exploit. Despite these requirements, the South Korean National Cyber Security Center(NCSC) and AhnLab have reported the flaw being exploited in attacks.

The four publicly disclosed vulnerabilities are: CVE-2024-38199 - Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability; CVE-2024-21302 - Windows Secure Kernel Mode Elevation of Privilege Vulnerability; CVE-2024-38200 - Microsoft Office Spoofing Vulnerability; and CVE-2024-38202 - Windows Update Stack Elevation of Privilege Vulnerability. The CVE-2024-21302 and CVE-2024-38202 vulnerabilities were part of a Windows Downdate downgrade attack talk at Black Hat 2024. Microsoft is currently working on a security update to address this threat, but it is not yet available.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.