Microsoft Patch Tuesday

Published On: February 13, 2024Categories: Cyber Alerts

In today’s SensCy Cyber Brief, your SensCy team reviewed Microsoft’s latest series of patches released on Tuesday, February 13, 2023. Today’s Patch Tuesday comes fix for TWO zero days and 74 flaws.

What is Patch Tuesday?

Patch Tuesday is Microsoft’s initiative to release new security fixes for the Windows operating system and any other Microsoft software on a monthly basis. Your SensCy team will monitor such releases and provide you with our observations and recommendations.

Why is it important?

This month’s patch Tuesday is critical because it fixes critical vulnerabilities. The SensCy team recommends Microsoft users install those patches immediately.

This month’s patch Tuesday fixes two actively exploited zero-day vulnerabilities.

CVE2024-21351, a vulnerability in Windows SmartScreen, “An authorized attacker must send the user a malicious file and convince the user to open it,” explains Microsoft.”An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience,” continued Microsoft.

CVE-2024-21412, a vulnerability in Internet Shortcut File. According to Microsoft, “an unauthenticated attacker could send the targeted user a specially crafted file that is designed to bypass displayed security checks,”

In addition to the zero-day fix, Microsoft is also fixing 74 vulnerabilities. Here is a breakdown of each vulnerability category:

  • 30 Remote Code Execution Vulnerabilities
  • 16 Elevation of Privilege Vulnerability
  • 10 Spoofing Vulnerabilities
  • 9 Denial of Service Vulnerabilities
  • 5 Information Disclosure Vulnerabilities
  • 3 Security Feature Bypass Vulnerabilities

For more information on vulnerabilities and the system that it affects, please refer to the full report from Microsoft linked here.

Related Posts

  • April 19, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team is reviewing latest disclosure of vulnerabilities by WordPress. There were 202 vulnerabilities discovered, including 185 WordPress plugin [...]

  • April 18, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team recommends Google Chrome Browser users to install the new Chrome Version 124 immediately. The new update patches [...]

  • April 10, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Brief, your SensCy team reviewed Adobe latest release of security updates. We recommend installing those updates immediately if you are using [...]