Microsoft Patches Actively Exploited 0-Day Flaws (CVE-2024-30040 & CVE-2024-30051)

Microsoft’s Patch Tuesday for May 2024 addresses a whopping 67 vulnerabilities across a wide range of products. This security update focused on patching one critical flaw, 59 important vulnerabilities, and, most notably, two zero-day vulnerabilities that were actively exploited in the wild.

The security update addressed a diverse array of vulnerabilities impacting Microsoft Office and its components, Power BI, Visual Studio, and various Windows system drivers. The patched flaws included several common security risks like Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Remote Code Execution (RCE), Security Feature Bypass, and Spoofing.

The two patched zero-day vulnerabilities, CVE-2024-30040 and CVE-2024-30051, were of particular concern. CVE-2024-30040, a Security Feature Bypass vulnerability in Windows MSHTML, could allow attackers to bypass security measures in Microsoft 365 and Office. CVE-2024-30051, an Elevation of Privilege vulnerability in the Windows DWM Core Library, could grant attackers elevated system privileges. These vulnerabilities were added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, highlighting their criticality.

The most severe vulnerability patched this month, CVE-2024-30044, affected Microsoft SharePoint Server. This Remote Code Execution vulnerability could allow authenticated attackers with sufficient permissions to execute code on the targeted server. The flaw involved the deserialization of parameters from a specially crafted file uploaded to the server.

By addressing critical and zero-day vulnerabilities promptly, Microsoft continues to mitigate potential threats and enhance the overall security posture of its products. IT administrators and organizations are urged to prioritize the deployment of these updates to safeguard their systems against emerging threats.