If you experience any difficulty in accessing content on our website, please contact us at 1-866-333-8917 or email us at support@hudsonvalleyhost.com and we will make every effort to assist you.

By
 
May 21, 2024

Patchday Attacks: How Invaders Exploit Windows to Obtain System Rights

Deluxe company -

${lead}

${lead}

Microsoft has released important security updates for Edge, Dynamics 365 and Windows, among others. Attacks are already underway.

(Bild: heise online)

Admins must confirm that Windows Update is operating, and the most current security patches have been installed. There are on-going attacks against two security flaws in Windows at the moment. Additional attacks could be close by.

The first vulnerability that is being exploited (CVE-2024-30051 “high”) impacts the DWM Core Library of Windows. Not just Windows 10 and 11, but also several editions of Windows Server are in danger. At this time, the specifics of the attacks are uncertain. Microsoft has indicated that the attack complexity is low and there is no need for a victim to interact for a successful attack to occur.

If an attack succeeds, attackers gain system rights. When in such a position, attacks usually expand and ransomware is installed, for example. According to security researchers from Kaspersky, QakBot botnet attacks are designed to exploit this vulnerability.

The second vulnerability that attackers are presently focusing on (CVE-2024-30040 “high”) impacts the MSHTML platform in Windows. The flaw exists in Microsoft’s OLE object system and allows attackers to circumvent a protection mechanism. As a result, attackers can misuse the OLE functionality to introduce malicious code into systems. However, for this to occur, a victim must open a prepared document.

A vulnerability (CVE-2024-30046 “medium”) in Visual Studio is publicly known, so attacks may be imminent. DoS attacks are possible via this vulnerability.

There are also important security patches for Bing, Dynamics 365, SharePoint Server and other Windows components, among others. The majority of these vulnerabilities are classified as “high” threat level.

If attacks are successful, attackers can gain higher user rights or even execute malicious code. Microsoft has compiled further details on the vulnerabilities in the Security Update Guide.

Dennis Schirrmacher


Hudson Valley Host is premier provider of cutting-edge hosting solutions, specializing in delivering a seamless online experience for businesses and individuals. We offer a comprehensive range of hosting services, including Shared Hosting, VPS, Dedicated Servers, and Colocation. With 24/7 technical support, robust security measures, and user-friendly control panels, we empower clients in managing their online presence effortlessly. Hudson Valley Host is your trusted partner in achieving online success.

For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@hudsonvalleyhost.com.

Deluxe company - 

Subscribe Email