Microsoft's latest Windows 11 update, KB5041585, rolled out yesterday as part of the company's monthly Patch Tuesday, delivered critical security fixes including patches for nine zero-day vulnerabilities.
The latest update, which is mandatory for all users, brings fixes for two critical zero-day flaws: a Windows Ancillary Function Driver for WinSock vulnerability (CVE-2024-38193), and a Windows Kernel elevation of privilege vulnerability (CVE-2024-38106). Both were actively exploited in the wild, enabling attackers to gain SYSTEM privileges on compromised devices.
CVE-2024-38193, reported by Luigino Camastra and Milánek from Gen Digital, is a particularly concerning flaw as it allows attackers to elevate privileges on Windows systems, a critical step in many cyberattacks.
The other critical vulnerability, CVE-2024-38106, involves a race condition in the Windows Kernel, also leading to SYSTEM privilege escalation. Microsoft has not disclosed the identity of the researchers who discovered this vulnerability.
Additionally, the update resolves CVE-2024-38213, a Windows Mark of the Web (MOTW) security feature bypass. This flaw, discovered by Peter Girnus of Trend Micro’s Zero Day Initiative, was being actively exploited by attackers to bypass security prompts when users opened malicious files. The bypass allowed attackers to evade Windows' built-in defenses, such as SmartScreen, by tricking users into opening these files, typically through phishing emails or malicious websites.
This Patch Tuesday also addresses a broader range of issues, fixing 89 vulnerabilities overall, including eight classified as critical. The flaws span a variety of components, from remote code execution vulnerabilities to security feature bypasses, underscoring the complexity and breadth of the security landscape Microsoft must manage.
Apply the Windows patches now
The urgency of applying this update cannot be overstated. With the disclosure that several of these vulnerabilities were actively exploited in the wild, organizations and individuals alike are advised to prioritize this update to mitigate potential risks. Additionally, users should ensure that their systems are configured to receive updates automatically to protect against future threats.
The latest update can be applied by navigating to Windows Settings > Windows Update > and clicking on the available patches to start their downloading and installation. After the process is done, a restart will be required for the security updates to be applied.
For those managing enterprise environments, it's also important to note that as of October 8, 2024, support for Windows 11 version 22H2 will end, necessitating an upgrade to version 23H2 to continue receiving security and non-security updates.
Crown Equipment Corporation Reports Data Breach Impacting Staff
Leave a Reply