June 25, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Palo Alto and Cisco Release Security Patches as CISA Warns of Critical Fortinet Vulnerability
October 10, 2024
Lazarus aka Hidden Cobra APT Group – Active IOCs
October 10, 2024
Palo Alto and Cisco Release Security Patches as CISA Warns of Critical Fortinet Vulnerability
October 10, 2024
Lazarus aka Hidden Cobra APT Group – Active IOCs
October 10, 2024
Severity
High
Analysis Summary
CVE-2024-43574 CVSS:8.3
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-43560 CVSS:7.8
Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
CVE-2024-43544 CVSS:7.5
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
CVE-2024-43517 CVSS:8.8
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-43468 CVSS:9.8
Microsoft Configuration Manager Remote Code Execution Vulnerability
CVE-2024-43616 CVSS:7.8
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43615 CVSS:7.1
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43609 CVSS:6.5
Microsoft Office Spoofing Vulnerability
Impact
- Gain Access
- Code Execution
- Denial of Service
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-43574
- CVE-2024-43560
- CVE-2024-43544
- CVE-2024-43517
- CVE-2024-43468
- CVE-2024-43616
- CVE-2024-43615
- CVE-2024-43609
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows Server 2022
- Microsoft Windows 10 Version 1809 - 10.0.0
- Microsoft Office 2019 - 19.0.0
- Microsoft Microsoft 365 Apps for Enterprise - 16.0.1
- Microsoft Microsoft Office 2019 - 19.0.0
- Microsoft Windows 10 Version 21H2 - 10.0.0
- Microsoft Windows 11 version 21H2 - 10.0.0
- Microsoft Windows 11 version 22H2 - 10.0.0
- Microsoft Windows Server 2019 - 10.0.0
- Microsoft Windows Server 2019 (Server Core installation) - 10.0.0
- Microsoft Windows Server 2022 - 10.0.0
- Microsoft Configuration Manager - 1.0.0 - 1.0.0 - 1.0.0
- Microsoft Microsoft Office LTSC 2021 - 16.0.1
- Microsoft Microsoft Office LTSC 2024 - 1.0.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.