Microsoft Releases August 2024 Security Updates

Microsoft has released security updates to address 90 vulnerabilities in Microsoft products. The security updates include ten zero-day vulnerabilities, of which six are actively exploited vulnerabilities and four are publicly disclosed vulnerabilities.

• CVE-2024-38189 - Microsoft Project Remote Code Execution Vulnerability

CVE-2024-38189 is an 'improper input validation' vulnerability in Microsoft Project with a CVSSv3 score of 8.8. Successful exploitation by a remote attacker requires user interaction through opening a malicious Microsoft Office Project file and could lead to arbitrary code execution. This vulnerability is under active exploitation as a zero-day.

• CVE-2024-38178 - Scripting Engine Memory Corruption Vulnerability

CVE-2024-38178 is a 'type confusion' vulnerability in Scripting Engine with a CVSSv3 score of 7.5. Successful exploitation by a remote attacker requires user interaction through clicking a malicious link in Microsoft Edge when in 'Internet Explorer' mode. This vulnerability is under active exploitation as a zero-day.

• CVE-2024-38193 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2024-38193 is a 'use-after-free' vulnerability in the Ancillary Function Driver for WinSock with a CVSSv3 score of 7.8. Successful exploitation by a local attacker could lead to privilege escalation under the context of SYSTEM. This vulnerability is under active exploitation as a zero-day.

• CVE-2024-38106 - Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38106 is a 'sensitive data storage in improperly locked memory' vulnerability in the Windows Kernel with a CVSSv3 score of 7.0. Successful exploitation by a local attacker requires winning a race condition, and could lead to privilege escalation under the context of SYSTEM. This vulnerability is under active exploitation as a zero-day.

• CVE-2024-38107 - Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

CVE-2024-38107 is a 'use-after-free' vulnerability in the Windows Power Dependency Coordinator with a CVSSv3 score of 7.8. Successful exploitation by a local attacker could lead to privilege escalation under the context of SYSTEM. This vulnerability is under active exploitation as a zero-day.

• CVE-2024-38213 - Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-38213 is a 'protection mechanism failure' vulnerability in the Mark of the Web security feature with a CVSSv3 score of 6.5. Successful exploitation by an attacker could allow malicious files to bypass the Windows SmartScreen user experience. This vulnerability is under active exploitation as a zero-day.

• CVE-2024-38063 - Windows TCP/IP Remote Code Execution Vulnerability

CVE-2024-38063 is an 'integer underflow' vulnerability in Microsoft Windows with a CVSSv3 score of 9.8. Successful exploitation by a remote, unauthenticated attacker requires crafting a malicious IPv6 packet, and could lead to arbitrary code execution.

• CVE-2024-38200 - Microsoft Office Spoofing Vulnerability

CVE-2024-38200 is an 'exposure of sensitive information to an unauthorised actor' vulnerability in Microsoft Office with a CVSSv3 score of 6.5. Successful exploitation by a remote attacker requires user interaction and could lead to the theft of NT LAN Manager (NTLM) hashes.

• Multiple Microsoft Office Remote Code Execution Vulnerabilities

Additionally, there are five remote code execution vulnerabilities in Microsoft Office products. Successful exploitation by a remote attacker requires user interaction through opening a malicious file and could lead to arbitrary code execution. These vulnerabilities are:

• CVE-2024-38170 and CVE-2024-38172 in Microsoft Excel
• CVE-2024-38169 in Microsoft Office Visio
• CVE-2024-38173 in Microsoft Outlook. The 'Preview Pane' in Microsoft Outlook is an attack vector for this vulnerability.
• CVE-2024-38171 in Microsoft PowerPoint. The 'Preview Pane' in Microsoft Outlook is an attack vector for this vulnerability.