Network newsFour serious Microsoft vulnerabilities in hackers' sights: CISA alarm

Four serious Microsoft vulnerabilities in hackers’ sights: CISA alarm

Type of event:
Cybersecurity
Network newsThreat LensWorldNorth America
By Michele Calicchio

Victims

Wounded

Date

September 11, 2024

What happened


In the US, the Cybersecurity and Infrastructure Security Agency (CISA) has reported four serious vulnerabilities in Microsoft products, already exploited by hackers, that federal agencies must resolve by the end of this month. These bugs (CVE-2024-38226, CVE-2024-43491, CVE-2024-38014, and CVE-2024-38217) are among the 79 vulnerabilities listed in the monthly Microsoft security bulletin. Randy Watkins, CTO of Critical Start, stressed the need for timely patching, especially in health, finance, and public administration, to avoid data theft or operational disruptions. Among the bugs, CVE-2024-43491 is the most critical, but it only affects a specific version of Windows 10. Other bugs, such as CVE-2024-38014, could be exploited to increase access privileges, putting thousands of devices at risk.

Where it happened

Main sources

https://therecord.media/hackers-four-microsoft-vulnerabilities-cisa?utm_medium=email&_hsenc=p2ANqtz--qAw_8N4cVr-814SFNXZ9ExAt2ZxANwZ1VWoSbtuCTSdfAQtCwk-ohE5uXP34sSaD-9udwzKM-IKBqR7L-pWMDmW61bxXCkZIJo1d2Hf5LqHwSgd0&_hsmi=324213497&utm_content=324210920&utm_source=hs_email

Join us on Linkedin and Facebook

Our team provides you with information on a wide range of unconventional events threatening people and State security worldwide.
The GAT-REPORT is realised by the Observatory on Security and CBRNE Defence - OSDIFE, the University of Rome "Tor Vergata", Department of Electronic Engineering - DIE and the State University of Republic of San Marino, Center for Security Studies – CUFS, and the European Centre for Disaster Medicine – CEMEC.

CC licence by OSDIFE. Some rights reserved. Attribution-NonCommercial-NoDerivatives 4.0 International