Multiple Microsoft Windows Task Scheduler and NTLM Vulnerabilities Exploit in the Wild

Severity

High

Analysis Summary

CVE-2024-49039 CVSS:8.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Task Scheduler component. By executing a specially crafted program, an attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43451 CVSS:6.5

Microsoft Windows could allow a remote attacker to conduct spoofing attacks.

Impact

Gain Access
Privilege Escalation

Indicators of Compromise

CVE

CVE-2024-49039
CVE-2024-43451

Affected Vendors

Microsoft

Affected Products

Microsoft Windows 10
Microsoft Windows Server 2025

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-49039

CVE-2024-43451

Multiple WordPress Plugins Vulnerabilities

Iranian Cybercriminals Incorporate SnailResin Malware into Aerospace Attacks by Using ‘Dream Job’ Lures – Active IOCs

Multiple Microsoft Windows Task Scheduler and NTLM Vulnerabilities Exploit in the Wild

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan