On 14 May 2024, Microsoft published their May 2024 security update with patches for 60 vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted three in this security bulletin that were categorised as critical or actively exploited.?
Impacted Product #1: Windows?
Vulnerabilities Impacting Windows:?
| ? | CVSS: 8.8 – High?
MS Severity: Important? |
Exploitation Detected? |
| Windows MSHTML ºÚÁÏÉç Security Feature Bypass Vulnerability – An unauthenticated remote threat actor can exploit this vulnerability by convincing a user to open a malicious document. This could lead to the execution of arbitrary code in the context of the user.? | ||
| ? | CVSS: 7.8 – High?
MS Severity: Important? |
Exploitation Detected? |
Windows DWM Core Library Elevation of Privilege Vulnerability – A local threat actor can exploit this vulnerability to escalate privileges.?
|
||
Impacted Product #2: Microsoft Office?
Vulnerabilities Impacting Microsoft Office:?
| ? | CVSS: 8.8 – High?
MS Severity: Critical? |
No Exploitation Detected? |
| Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability – A threat actor, authenticated with Site Owner permissions or higher, could upload a specially crafted file onto a targeted SharePoint Server. Subsequently, they could generate tailored API requests to trigger the deserialisation of the file’s parameters, which enables RCE within the SharePoint Server’s context.? | ||
Recommendations?
Recommendation #1: Apply Security Updates to Impacted Products?
Arctic Wolf strongly recommends applying the available security updates to all impacted products to prevent potential exploitation.?
Note: Please follow your organisations patching and testing guidelines to avoid operational impact.?
| Product? | Vulnerability? | Article? | Download? |
| Windows Server 2022, 23H2 Edition? | CVE-2024-30040? | ? | ? |
| Windows Server 2022? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows Server 2019? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows Server 2016? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 11 Version 23H2 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 11 Version 23H2 for ARM64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 11 Version 22H2 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 11 Version 22H2 for ARM64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 11 version 21H2 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 11 version 21H2 for ARM64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 22H2 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 22H2 for ARM64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 22H2 for 32-bit Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 21H2 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 21H2 for ARM64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 21H2 for 32-bit Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 1809 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 1809 for ARM64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 1809 for 32-bit Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 1607 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 Version 1607 for 32-bit Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 for x64-based Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Windows 10 for 32-bit Systems? | CVE-2024-30051, CVE-2024-30040?? | ? | ? |
| Microsoft SharePoint Server Subscription Edition? | CVE-2024-30044? | ? | ? |
| Microsoft SharePoint Server 2019? | CVE-2024-30044? | ? | ? |
| Microsoft SharePoint Enterprise Server 2016? | CVE-2024-30044? | ? | ? |
References?
?
