Patch Tuesday 2024-10-08
posted: Oct. 8, 2024 #patches #newsAnother busy patch Tuesday. Microsoft is addressing 118 vulnerabilities, 5 are zero day exploits. The 5 zero days are listed below.
CVE-2024-43572:
A remote code execution (RCE) vulnerability in the Microsoft Management Console. CVSS: 7.8 | Exploited: Yes | NIST | MSRC
CVE-2024-43573:
A spoofing vulnerability in the Windows MSHTML platform. CVSS: 6.5 | Exploited: Yes | NIST | MSRC
CVE-2024-43468:
A pre-authentication RCE vulnerability in Microsoft Configuration Manager. CVSS: 9.8 | Exploited: No | NIST | MSRC
CVE-2024-43582:
A remote code execution (RCE) vulnerability in Microsoft Edge. CVSS: 8.1 | Exploited: No | NIST | MSRC
CVE-2024-43583:
A remote code execution (RCE) vulnerability in Microsoft Edge CVSS: 7.8 | Exploited: No | NIST | MSRC
Thankfully only 2 of the zero days are actively exploited. Next Patch Tuesday is 2024-11-12.
2024. Skip Barker - All rights reserved.