Tracked as CVE-2024-30080, the flaw in MSMQ allows remote code execution with elevated privileges by sending a crafted packet. Microsoft highlights exploitation risks and advises disabling the service.
The severity of CVE-2024-30080 is evident as it received a CVSS score of 9.8, indicating high risk. Over a million hosts have port 1801 open, making them vulnerable to attack.
CVE-2023-50868, a zero-day vulnerability in DNSSEC by ATHENE group, also drew attention. It showcases diverse risks in third-party software that need prompt attention and response.
Microsoft's acknowledgment of these critical vulnerabilities underscores the urgent need for IT administrators to prioritize patch installations to avoid potential exploitation and breaches.
Collection
[
|
...
]