Multiple Microsoft Products Zero-Day Vulnerabilities Exploit in the Wild
August 14, 2024Heodo Malware – Active IOCs
August 14, 2024Multiple Microsoft Products Zero-Day Vulnerabilities Exploit in the Wild
August 14, 2024Heodo Malware – Active IOCs
August 14, 2024Severity
High
Analysis Summary
CVE-2024-38199 CVSS:9.8
Microsoft could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Line Printer Daemon (LPD) Service component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-21302 CVSS:6.7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Secure Kernel Mode component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38200 CVSS:7.5
Microsoft Office could allow a remote attacker to conduct spoofing attacks.
CVE-2024-38202 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in Windows Backup. By persuading a victim into performing a system restore, an attacker could exploit this vulnerability to gain SYSTEM privileges.
Impact
- Gain Access
- Security Bypass
- Code Execution
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-38199
- CVE-2024-21302
- CVE-2024-38200
- CVE-2024-38202
Affected Vendors
Affected Products
- Microsoft Office 2019
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Office 2016 x32
- Microsoft Office 2016 x64
- Microsoft 365 Apps for Enterprise
- Microsoft Office LTSC 2021
- Microsoft Windows 10 Version 1507 - 10.0.0
- Microsoft Windows 10 Version 1607 - 10.0.0
- Microsoft Windows 10 Version 1607 for 32-bit Systems - 1607
- Microsoft Windows 10 Version 1607 for x64-based Systems - 1607
- Microsoft Windows 10 Version 1809 - 10.0.0
- Microsoft Windows 10 Version 1809 for 32-bit Systems - 1809
- Microsoft Windows 10 Version 1809 for ARM64-based Systems - 1809
- Microsoft Windows 10 Version 1809 for x64-based Systems - 1809
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.