News

Microsoft Rolls Out Fixes for 80 Bugs – Watch Out for Two Being Actively Exploited!

Hey folks, in the latest tech scoop, Microsoft has just dished out its routine Patch Tuesday updates, and it’s a biggie this time with a whopping 80 vulnerabilities getting patched up. But here’s the kicker – two of these bugs are currently in the wild, being actively exploited by the bad guys, along with a handful of critical issues that needed immediate attention.

Diving into the details, the two vulnerabilities causing a stir are tagged as CVE-2024-21412 and CVE-2024-21351, with CVSS scores of 8.1 and 7.6, respectively. The first one is a sneaky bug that lets hackers sidestep Microsoft’s security for Internet shortcut files. Imagine this: all it takes is for someone to fall for a phishing scam and open a dodgy file, and bam, the attackers are in. The second vulnerability is just as tricky, allowing nefarious types to get around Windows SmartScreen by convincing an unsuspecting victim to open a malicious file. Classic trickery, but effective.

But wait, there’s more. Among the sea of fixes, three critical vulnerabilities stand out: CVE-2024-21380, CVE-2024-21410, and CVE-2024-21413. The first is an information leak in Dynamics Business Central that could give attackers a way to mess with other tenant’s apps and content if they can lure a victim into clicking a malicious link. CVE-2024-21410 is a critical flaw in Microsoft Exchange Server that could let attackers authenticate using leaked user credentials – yikes. And CVE-2024-21413? It’s a nasty bug in Outlook that could let attackers run code remotely, dodging security measures meant to keep malicious files in check.

What’s the takeaway? Microsoft’s on it, patching up these holes to keep users safe. But it’s a stark reminder of the digital tightrope we walk. Stay updated, stay vigilant, and let’s keep our digital worlds secure.”

Leave a Reply

Your email address will not be published. Required fields are marked *