September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (CVE-2024-43491) that rolled back earlier CVE fixes. The actively exploited flaws Let’s start with the only one that was previously publicly known: CVE-2024-38217, a vulnerability that allows attackers to bypass Mark of the Web (MotW). Elastic Security researcher Joe Desimone … More
The post Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes appeared first on Help Net Security.