Monday, December 9, 2024
HomeCVE/vulnerabilityMicrosoft Patches Multiple Vulnerabilities Allow Attackers to Elevate Privileges

Microsoft Patches Multiple Vulnerabilities Allow Attackers to Elevate Privileges

Published on

SIEM as a Service

Microsoft has recently released patches addressing multiple vulnerabilities that could enable attackers to elevate privileges across various Microsoft products.

The patches are part of Microsoft’s continuous efforts to enhance security and protect its users from threats.

The Microsoft Security Response Center (MSRC) has been actively investigating these vulnerabilities to provide timely and effective security updates.

- Advertisement - SIEM as a Service

Microsoft Patches Multiple Vulnerabilities

Several patched vulnerabilities have been classified as “Important” due to their potential impact on system security.

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.

These vulnerabilities span a range of Microsoft products, from the .NET Framework to Microsoft Exchange Server. Here is a detailed overview of the vulnerabilities and their respective patches:

CVE IDVulnerability DescriptionImpactAffected Product
CVE-2024-29059.NET Framework Information Disclosure VulnerabilityInformation Disclosure.NET Framework
CVE-2024-28916Xbox Crypto Graphic Services Elevation of PrivilegeElevation of PrivilegeXbox Crypto Graphic Services
CVE-2024-26204Outlook for Android Information Disclosure VulnerabilityInformation DisclosureOutlook for Android
CVE-2024-26203Azure Data Studio Elevation of Privilege VulnerabilityElevation of PrivilegeAzure Data Studio
CVE-2024-26201Microsoft Intune Linux Agent Elevation of Privilege VulnerabilityElevation of PrivilegeMicrosoft Intune
CVE-2024-26199Microsoft Office Elevation of Privilege VulnerabilityElevation of PrivilegeMicrosoft Office
CVE-2024-26198Microsoft Exchange Server Remote Code Execution VulnerabilityRemote Code ExecutionMicrosoft Exchange Server
CVE-2024-26197Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of ServiceWindows Standards-Based Storage Management Service

The impact of these vulnerabilities can be significant, allowing attackers to gain elevated privileges and access sensitive information.

Users and administrators are strongly advised to apply these updates as soon as possible to mitigate potential security risks.

Microsoft continues to prioritize the security of its products and services, emphasizing the importance of keeping systems up to date with the latest patches.

Regular system updates and vigilance in applying security patches are crucial in defending against potential cyber threats.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Google Announces Vanir, A Open-Source Security Patch Validation Tool

Google has officially launched Vanir, an open-source security patch validation tool designed to streamline and...

New Transaction-Relay Jamming Vulnerability Let Attackers Exploits Bitcoin Nodes

A newly disclosed transaction-relay jamming vulnerability has raised concerns about the security of Bitcoin...

Raspberry Pi 500 & Monitor, Complete Desktop Setup at $190

Raspberry Pi, a pioneer in affordable and programmable computing, has once again elevated its...

Qlik Sense for Windows Vulnerability Allows Remote Code Execution

Qlik has identified critical vulnerabilities in its Qlik Sense Enterprise for Windows software that...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Google Announces Vanir, A Open-Source Security Patch Validation Tool

Google has officially launched Vanir, an open-source security patch validation tool designed to streamline and...

New Transaction-Relay Jamming Vulnerability Let Attackers Exploits Bitcoin Nodes

A newly disclosed transaction-relay jamming vulnerability has raised concerns about the security of Bitcoin...

Raspberry Pi 500 & Monitor, Complete Desktop Setup at $190

Raspberry Pi, a pioneer in affordable and programmable computing, has once again elevated its...