Microsoft issued security fixes for three flaws impacting Windows platform and were being exploited in the wild.
The three flaws were fixed in addition to a total of seven critical vulnerabilities, which were either remote code execution or elevation of privileges flaws.
Along with the fixes, Microsoft also issued patched for a total 79 vulnerabilities, seven of which were rated critical, and one was rated moderate in severity.
The three actively exploited zero-day vulnerabilities in today’s updates are:
Windows installer elevation of privilege vulnerability which allowed attackers to gain system privileges on Windows systems. Windows mark of the web security feature bypass vulnerability, which allowed attackers to use specially crafted filed with non-standard target paths or internal structures to open while bypassed the Windows mark of the web security feature. The third critical vulnerability was identified as Microsoft publisher security feature bypass, which could be used by attackers to bypass the security protections against malicious threats in downloaded documents.
The fixes were issued as part of Microsoft’s September 2024 update.
Published - September 12, 2024 01:02 pm IST