Microsoft Releases September 2024 Security Updates

Sep 12, 2024 GMT+08:00

I. Overview.

Microsoft has released its September 2024 Security Updates. A total of 79 security vulnerabilities have been disclosed, among which 7 are marked as important vulnerabilities. Attackers can exploit these vulnerabilities to implement remote code execution, privilege escalation, and security feature bypass. The affected applications include Microsoft Windows, Microsoft Office, SQL Server, and Azure Stack.

For details, visit the Microsoft official website:

https://msrc.microsoft.com/update-guide/releaseNote/2024-Sep

The following vulnerabilities require close scrutiny as their details have been disclosed or they have already been exploited by attackers:

Microsoft Windows Update Remote Code Execution Vulnerability (CVE-2024-43491): 0-day vulnerability. Due to a defect in the Windows update process, attackers can exploit this vulnerability to execute remote code on the target host. This vulnerability has been exploited in the wild, and the risk is high.

Microsoft Publisher Security Feature Bypass Vulnerability (CVE-2024-38226): 0-day vulnerability. An authenticated attacker can exploit this flaw by convincing a victim to download and open a specially crafted file from a website. Successful exploitation allows the attacker to bypass the Office macro policy, which is designed to block untrusted or malicious files, and execute local attacks on the victim's computer. This vulnerability has been exploited in the wild, and the risk is high.

Windows Mark of the Web Security Feature Bypass Vulnerability (CVE-2024-38217): 0-day vulnerability. An attacker can exploit this flaw by convincing a victim to download and open a specially crafted malicious file. Successful exploitation allows the attacker to evade MOTW defenses and bypass security features. This vulnerability has been exploited in the wild, and the risk is high.

Windows Installer Elevation of Privilege Vulnerability (CVE-2024-38014): 0-day vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. This vulnerability has been exploited in the wild, and the risk is high.

19 vulnerabilities (such as CVE-2024-43461, CVE-2024-38018, and CVE-2024-43457) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Microsoft Windows, Microsoft Office, SQL Server and Azure Stack.

IV. Vulnerability Details

(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)

V. Security Recommendations

1. Use Windows Update or download patches from the following address to fix the vulnerabilities:

https://msrc.microsoft.com/update-guide

2. Back up data remotely to protect your data.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.