In its May 2024 Patch Tuesday updates, Microsoft has addressed a total of 61 security vulnerabilities, including two zero-day exploits actively used in attacks. These vulnerabilities span various Microsoft software products, with one rated Critical, 59 rated Important, and one rated Moderate in severity. Of particular concern are two exploited vulnerabilities, CVE-2024-30040 and CVE-2024-30051, which respectively involve security bypass in the MSHTML Platform and elevation of privilege in the Windows Desktop Window Manager Core Library.
CVE-2024-30040, with a CVSS score of 8.8, poses a significant risk as it enables attackers to execute arbitrary code by convincing users to open a malicious document. Meanwhile, CVE-2024-30051, with a CVSS score of 7.8, allows threat actors to gain SYSTEM privileges, potentially leading to severe system compromise. Notably, these vulnerabilities have been added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA)’s Known Exploited Vulnerabilities catalog, mandating prompt fixes by federal agencies.
Additionally, Microsoft’s patches resolve several remote code execution bugs, privilege escalation flaws, and a security feature bypass vulnerability. Threat actors have been observed attempting to exploit now-patched privilege escalation flaws in various Windows components, emphasizing the critical importance of timely updates to prevent system compromise. Akamai has also outlined a new privilege escalation technique affecting Active Directory environments, highlighting the evolving nature of cyber threats and the need for robust security measures.
