October Microsoft Patch Tuesday. 146 CVEs, of which 28 were added since September MSPT. 2 vulnerabilities with signs of exploitation in the wild:
Remote Code Execution – Microsoft Management Console (CVE-2024-43572) Spoofing – Windows MSHTML Platform (CVE-2024-43573)
Without signs of exploitation in the wild, but with a public PoC exploit:
Remote Code Execution – Open Source Curl (CVE-2024-6197)
Private exploits exist for:
Information Disclosure – Microsoft Edge (CVE-2024-38222) Security Feature Bypass – Windows Hyper-V (CVE-2024-20659)
Among the rest can be highlighted:
Remote Code Execution – Remote Desktop Protocol Server (CVE-2024-43582) Remote Code Execution – Windows Remote Desktop Client (CVE-2024-43533, CVE-2024-43599) Remote Code Execution – Windows Routing and Remote Access Service (RRAS) (CVE-2024-38212 and 11 more CVEs)
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.