Zero-Day Vulnerabilities | Microsoft Patch Tuesday – Technologist
Microsoft has revealed a zero-day vulnerability in Office that could lead to unauthorised access to sensitive information, if not patched. Businesses need to be aware of plenty of zero-day vulnerabilities, and Neuways will always keep you updated. Read more on the latest vulnerability that is risking data exposure.
What Office Versions were affected?
The flaw, identified as CVE-2024-38200 with a CVSS score of 7.5, is a spoofing vulnerability affecting the following Office versions:
- Microsoft Office 2016 (32-bit and 64-bit)
- Microsoft Office LTSC 2021 (32-bit and 64-bit)
- Microsoft 365 Apps for Enterprise (32-bit and 64-bit)
- Microsoft Office 2019 (32-bit and 64-bit)
Researchers Jim Rush and Metin Yunus Kandemir are credited with discovering the vulnerability.
What could happen due to the vulnerability?
In a web-based attack, an attacker could host or leverage a compromised website containing a specially crafted file to exploit the vulnerability. However, the attacker must convince the user to click a link and open the file, typically through email or instant messaging.
Microsoft plans to release a formal patch for CVE-2024-38200 on 13th August as part of its monthly Patch Tuesday updates. Meanwhile, an alternative fix has been enabled via Feature Flighting since 30th July 2024. While customers are currently protected on all supported versions of Microsoft Office and Microsoft 365, it is crucial to update to the final patch for optimal security.
What can businesses do to protect themselves?
Microsoft has assessed the exploitation likelihood as “Less Likely” and provided three mitigation strategies:
- Configure the “Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers” policy setting.
- Add users to the Protected Users Security Group to prevent NTLM from being used as an authentication method.
- Block TCP 445/SMB outbound traffic from the network using perimeter or local firewalls and VPN settings.
What other zero-day vulnerabilities are out there?
This disclosure comes as Microsoft works to address two additional zero-day vulnerabilities (CVE-2024-38202 and CVE-2024-21302) that could allow attackers to “unpatch” updated Windows systems and reintroduce old vulnerabilities. Additionally, cyber secuirty researchers have highlighted methods for bypassing Windows security features, including a long-exploited technique known as LNK stomping.
eGates pickups on travel resurgence – Technologist
FCC Revisits Net Neutrality, Extending Reach and Targeting National Security and Cybersecurity – Technologist
Cyber Security Acronyms | Neuways | Part 1 – Technologist
About The Author
admin
Azeem Rajpoot, the author behind Technolo Gist, is a passionate tech enthusiast with a keen interest in exploring and sharing insights about the rapidly evolving world of technology. With a background in Technologist, Azeem brings a unique perspective to the blog, offering in-depth analyses, reviews, and thought-provoking articles. Committed to making technology accessible to all, Azeem strives to deliver content that not only keeps readers informed about the latest trends but also sparks curiosity and discussions. Follow Azeem on this exciting tech journey to stay updated and inspired.
