Microsoft September Patch Tuesday Patched 4 Zero-Day Flaws

The scheduled Patch Tuesday updates for September 2024 have been released for all Microsoft products. The tech giant has addressed some significant security issues with this update, particularly four zero-day vulnerabilities. It is crucial for users to update their devices promptly to protect against potential threats.

Multiple Zero-Day Vulnerabilities Fixed With Latest Updates

The most notable security fixes in September Patch Tuesday addressed five significant vulnerabilities affecting various Microsoft products. Below is a quick list of them:

• CVE-2024-38217 (CVSS 5.4): An important severity vulnerability impacting the Windows Mark of the Web functionality. Although the threat level was reduced due to public disclosure before a fix, users should still be cautious.
• CVE-2024-43491 (CVSS 9.8): This critical severity vulnerability is a remote code execution issue affecting Windows Update. Users are urged to install the necessary updates promptly to address this threat.
• CVE-2024-38226 (CVSS 7.3): A security feature bypass affecting Microsoft Publisher that requires local authenticated access to exploit.
• CVE-2024-38014 (CVSS 7.8): A privilege escalation vulnerability in Windows Installer that could grant SYSTEM privileges to an attacker.
• CVE-2024-43461 (CVSS 8.8): A spoofing vulnerability in the Windows MSHTML platform that has similarities to a previously patched flaw.

Other Important Patch Tuesday September Updates From Microsoft

In addition to the crucial vulnerabilities mentioned above, Microsoft also addressed 74 other vulnerabilities with a total of 79 security fixes. These include critical severity issues affecting various Microsoft products, along with important and moderate severity vulnerabilities.

Feel free to share your thoughts in the comments section.