Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/03/2024 Updated: 11/04/2024

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

This vulnerability allows local malicious users to escalate privileges on affected installations of Microsoft Office. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Office Performance Monitor executable. By creating a symbolic link, an attacker can abuse the process to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs

BleepingComputer • Lawrence Abrams • 12 Mar 2024

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs By Lawrence Abrams March 12, 2024 01:52 PM 1 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution and denial of service flaws. The number of bugs in ea...

CVE-2024-26199

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect