CVE-2024-26234

Microsoft fixes two Windows zero-days exploited in malware attacks By Sergiu Gatlan April 9, 2024 06:06 PM 0 Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. The first, tracked as CVE-2024-26234 and described as a proxy driver spoofing vulnerability, was issued to track a malicious driver signed using a valid Microsoft Hardware Publisher Certificate that was found by Sophos X-O...

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs By Lawrence Abrams April 9, 2024 01:34 PM 0 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for 150 flaws and sixty-seven remote code execution bugs. Only three critical vulnerabilities were fixed as part of today's Patch Tuesday, but there are over sixty-seven remote code execution bugs. More than half of th...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Plus: Adobe, SAP, Fortinet, VMware, Cisco issue pressing updates

Patch Tuesday Microsoft fixed 149 security flaws in its own products this week, and while Redmond acknowledged one of those vulnerabilities is being actively exploited, we've been told another hole is under attack, too. The bug the IT giant said was being abused in the wild is CVE-2024-26234, described as a proxy driver spoofing vulnerability in Windows. This was reported to Redmond by Christopher Budd of Sophos and is rated 6.7 out of 10 on the CVSS severity scale. Microsoft initially listed it...