- 퀄컴, 베트남 빈AI의 생성형 AI 부문 ‘모비안AI’ 인수··· AI 솔루션 고도화 박차
- 블로그 | 정치적 격동기에 IT 리더가 할 수 있는 역할
- 완전 자율 주행 자동차가 관광 산업에도 영향··· 웨이모, ‘2025 관광 영향 보고서’ 발간
- European cloud group invests to create what it dubs “Trump-proof cloud services”
- The OnePlus 12 is still a powerhouse in 2025 - and it's on sale for a limited time
Microsoft Patches 150 Flaws Including Two Zero-Days
This month’s Patch Tuesday security update round from Microsoft was a busy one, with 150 CVEs fixed including two zero-days actively exploited in attacks.
The two zero-days are CVE-2024-29988 and CVE-2024-26234.
“Microsoft fixed a SmartScreen Prompt security feature bypass vulnerability this month with CVE-2024-29988, which is credited to some of the same researchers that disclosed a similar flaw in February (CVE-2024-21412) that was exploited as a zero-day,” explained Satnam Narang, senior staff research engineer at Tenable. “Social engineering through direct means (email and direct messages) that requires some type of user interaction is a typical route for exploitation for this type of flaw.”
The second zero-day is described as a “proxy driver spoofing” bug, but the flaw was initially not reported by Microsoft as being under live exploitation. That has changed after notification by Sophos.
Read more on Patch Tuesday: Microsoft Fixes Two Zero-Days in February Patch Tuesday
In total, there were just three critical-rated vulnerabilities patched this month by Microsoft – CVE-2024-29053, CVE-2024-21322 and CVE-2024-21323. All of these are listed as Microsoft Defender for IoT remote code execution vulnerabilities.
“These vulnerabilities have been critically rated for their potential impact on the confidentiality, integrity and availability of the systems they afflict. Stemming from an absolute path traversal flaw, as categorized by the Common Weakness Enumeration (CWE-36), these vulnerabilities expose a pathway for attackers to access and manipulate directories and files located beyond the web root folder,” explained Action1 president, Mike Walters.
“The exploitation of such vulnerabilities could empower an attacker to remotely execute arbitrary code on a victim’s system. The implications of this are profound, ranging from full system control, service disruptions, sensitive data leakage, to further network propagation.”
Of the 60+ remote code execution (RCE) flaws fixed this month, more than half are found in SQL drivers.
