Request a Demo
Rewterz
Multiple Microsoft Products Zero-Day Vulnerabilities Exploit in the Wild
August 14, 2024
Rewterz
Heodo Malware – Active IOCs
August 14, 2024

Multiple Microsoft Products Zero-Day Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-38199 CVSS:9.8

Microsoft could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Line Printer Daemon (LPD) Service component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-21302 CVSS:6.7

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Secure Kernel Mode component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38200 CVSS:7.5

Microsoft Office could allow a remote attacker to conduct spoofing attacks.

CVE-2024-38202 CVSS:7.3

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in Windows Backup. By persuading a victim into performing a system restore, an attacker could exploit this vulnerability to gain SYSTEM privileges.

Impact

  • Gain Access
  • Security Bypass
  • Code Execution
  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2024-38199
  • CVE-2024-21302
  • CVE-2024-38200
  • CVE-2024-38202

Affected Vendors

Microsoft

Affected Products

  • Microsoft Office 2019
  • Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Office 2016 x32
  • Microsoft Office 2016 x64
  • Microsoft 365 Apps for Enterprise
  • Microsoft Office LTSC 2021
  • Microsoft Windows 10 Version 1507 - 10.0.0
  • Microsoft Windows 10 Version 1607 - 10.0.0
  • Microsoft Windows 10 Version 1607 for 32-bit Systems - 1607
  • Microsoft Windows 10 Version 1607 for x64-based Systems - 1607
  • Microsoft Windows 10 Version 1809 - 10.0.0
  • Microsoft Windows 10 Version 1809 for 32-bit Systems - 1809
  • Microsoft Windows 10 Version 1809 for ARM64-based Systems - 1809
  • Microsoft Windows 10 Version 1809 for x64-based Systems - 1809

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-38199

CVE-2024-21302

CVE-2024-38200

CVE-2024-38202