The vulnerability identified as CVE-2024-30080 has been assigned a CVSS severity score of 9.8/10. It can be exploited by attackers sending specially crafted malicious MSMQ packets to an MSMQ server. There is a warning that it could potentially cause a remote code execution on the server side. Microsoft emphasized that for a system to be vulnerable, the Windows message queuing service must be enabled. They urged customers to verify if the Message Queuing service is running and if TCP port 1801 is listening on their machines.
This MSMQ flaw was discovered among at least 51 security defects across various Windows OS components and services. The update also documents multiple code execution issues within the Microsoft Office productivity suite and remotely exploitable bugs in the Windows Link Layer Topology Discovery Protocol and Windows Event Trace Log File Parsing.
Another vulnerability is CVE-2024-30078, a remote code execution vulnerability in the Windows WiFi driver with a CVSS severity score of 8.8/10. Exploiting this vulnerability requires the attacker to be in proximity to the target system to send and receive radio transmissions. An unauthenticated attacker could send a malicious networking packet to a nearby system using a Wi-Fi networking adapter, potentially enabling remote code execution. This was included in the Microsoft Patch Tuesday report. Also noted that on Github there is a POC for this particular vulnerability. The latter is still relatively new, none have been published.
Additionally, Adobe has issued warnings about potential code execution attacks on Windows and macOS platforms due to security flaws in Adobe Photoshop, Adobe After Effects, and Adobe Illustrator products. Always ensure to secure your machines and stay up to date with any cyber news. We are here to assist with any questions and addressing concerns on how to better secure your business.
0