Microsoft Patch Tuesday update squashes 73 security flaws and 2 zero-day exploits

Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission.

Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

After the KB5034765 update that brought many fixes, Microsoft released another update that addressed security issues.

The update fixes dozens of security flaws and several zero-day exploits, so make sure you get it as soon as possible.

Patch Tuesday addresses various security issues and exploits

The new security patch is here for Patch Tuesday, and according to Bleeping Computer, it addresses 73 security flaws. Here’s the breakdown of addressed vulnerabilities:

  • 30 remote code execution vulnerabilities
  • 16 elevation of privilege flaws
  • 10 spoofing security issues
  • 9 denial of service vulnerabilities
  • 5 information disclosure issues
  • 3 security features bypass security flaws

It seems that Microsoft has been busy with this patch, but that’s not all! The issue also addresses two zero-day exploits.

The CVE-2024-21351 exploit was fixed, and if you’re not familiar, this exploit allowed hackers to bypass Windows SmartScreen by sending a user a malicious file that gave them access.

So far, it’s known how this exploit was abused and how many were affected.

CVE-2024-21412 was also fixed, and this exploit allowed hackers to utilize the Internet Shortcut File flaw and circumvent Mark of the Web warnings.

As for this flaw, it was used by the APT group DarkCasino (Water Hydra) hacker group to target financial traders.

We have to applaud Microsoft for fixing these exploits, and we hope that Microsoft will soon address critical vulnerabilities in Word and Excel as well.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *