CISA orders Windows security updates before October 1
Following the release of Microsoft’s Patch Tuesday security updates and the passing of Exploit Wednesday, this is no time for complacency. The Cybersecurity and Infrastructure Security Agency (CISA), known as America’s Cyber Defense Agency, has issued a directive mandating the patching of three specific Windows vulnerabilities by October 1. Although this directive only specifically mandates action for federal employees, CISA strongly advises all organizations to consult the Known Exploited Vulnerabilities catalog to stay updated on threats and to inform their own vulnerability management strategies. The highlighted vulnerabilities are currently being exploited by threat actors, underlining the urgency for everyone to protect themselves and their organizations effectively against such threats.
CISA has added a total of four Microsoft vulnerabilities to the KEV catalog, including one affecting Microsoft Publisher and the other three associated with Windows.
The CISA announcement details these vulnerabilities.
Regarding CVE-2024-38014, Satnam Narang, senior staff research engineer at Tenable, emphasizes that this vulnerability is leveraged post-compromise, allowing attackers who’ve already infiltrated a system to elevate privileges and deepen their intrusion. Narang notes, “The methods by which these attackers gain initial access can range from exploiting other vulnerabilities, to spear phishing and even brute force attacks.”
The threat posed by CVE-2024-30217 is notably severe, prompting in-depth scrutiny here. Saeed Abbasi, a manager at the Qualys Threat Research Unit, explains that this vulnerability permits attackers to sidestep security warnings that normally alert users of the dangers of opening files from dubious sources—a pathway frequently exploited in ransomware attacks.
Further examination has been given to the CVE-2024-43491 Windows Update remote code execution vulnerability. This issue, while affecting a limited number of Windows 10 users, carries a severe threat level, scoring 9.8 out of 10. It allows an attacker to revert security updates, leaving the system vulnerable to previously patched threats. Kev Breen, senior director of threat research at Immersive Labs, warns that such vulnerabilities can still be exploited, despite the system showing as fully updated.
“CISA strongly urges all organizations to minimize their cyberattack risk by promptly addressing Catalog vulnerabilities as an integral part of their vulnerability management,” states CISA, adding, “CISA will continue to update the catalog with vulnerabilities that meet specific criteria.”
One Community. Many Voices. Create a free account to share your thoughts.
Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.
In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.
Your post will be rejected if we notice that it seems to contain:
User accounts will be blocked if we notice or believe that users are engaged in:
So, how can you be a power user?
Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.