Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024 | Computer Weekly
Briefly

from ComputerWeekly.com2 months ago
Microsoft has issued fixes addressing a total of 89 new Common Vulnerabilities and Exposures (CVEs), including four critical issues and one classified as a full zero-day.
ComputerWeekly.comhttps://www.computerweekly.com/news/366615675/Microsoft-fixes-89-CVEs-on-penultimate-Patch-Tuesday-of-2024
CVE-2024-43451 is a spoofing vulnerability in NTLM Hash that could lead to 'total loss of confidentiality,' as user authentication hashes are exposed to attackers.
ComputerWeekly.comhttps://www.computerweekly.com/news/366615675/Microsoft-fixes-89-CVEs-on-penultimate-Patch-Tuesday-of-2024
NTLM is an outdated security protocol that still presents significant risks, with its improper handling of file interactions being exploited without full file execution.
ComputerWeekly.comhttps://www.computerweekly.com/news/366615675/Microsoft-fixes-89-CVEs-on-penultimate-Patch-Tuesday-of-2024
The vulnerability's severity might seem low, yet its potential impact is significant, as it may allow attackers to authenticate as users with minimal interaction.
ComputerWeekly.comhttps://www.computerweekly.com/news/366615675/Microsoft-fixes-89-CVEs-on-penultimate-Patch-Tuesday-of-2024
Read at ComputerWeekly.com
#microsoft #cybersecurity #vulnerability-assessment #patch-tuesday #ntlm
[
|
]