In today’s VERT Alert, we focus on Microsoft’s November 2024 Security Updates. VERT is diligently working to enhance its coverage for these vulnerabilities and anticipates releasing ASPL-1132 promptly upon completion.
Active Vulnerabilities and Noteworthy CVEs
CVE-2024-43451: This vulnerability enables unauthorized access to NTLMv2 hashes. Alarmingly, it has been both disclosed publicly and exploited in the wild. The exploit is trivial; significant interaction is not needed, as merely right- or left-clicking a malicious file can trigger the vulnerability. Microsoft has flagged it as Exploitation Detected.
CVE-2024-49039: This vulnerability within Windows Task Scheduler permits low-privilege users to elevate their permissions to a Medium Integrity Level, allowing potential code execution. Microsoft indicates that exploitation is currently detected.
CVE-2024-49040: Found in Microsoft Exchange Server, it permits spoofing of email senders through non-compliant P2 FROM headers. After applying recent updates, users receive guidance for enhanced security against this type of fraud. Microsoft has categorized this issue as Exploitation More Likely.
Moreover, a recently published advisory regarding Microsoft SharePoint Server outlines a defense-in-depth approach to mitigate potential redirection threats.
Vocabulary List:
- Vulnerability /ˌvʌl.nəˈbɪl.ɪ.ti/ (noun): The quality or state of being exposed to the possibility of being harmed.
- Unauthorized /ʌnˈɔː.θə.raɪzd/ (adjective): Not having official permission or approval.
- Exploitation /ˌɛk.splɔɪˈteɪ.ʃən/ (noun): The action of making use of a resource or situation for gain.
- Mitigate /ˈmɪt.ɪ.ɡeɪt/ (verb): To make less severe or serious.
- Spoofing /ˈspuːfɪŋ/ (verb): The act of deceiving or tricking by impersonating someone or something.
- Detection /dɪˈtɛkʃən/ (noun): The action of discovering or identifying the presence of something.