Microsoft’s April 2024 Patch Tuesday: Updates for 150 Vulnerabilities and Two Zero-Days

In a significant security update, Microsoft has released its April 2024 Patch Tuesday updates, which address a hefty 150 vulnerabilities across its suite of products. This update is particularly noteworthy not only for the sheer volume of vulnerabilities it covers but also because it includes fixes for two zero-day vulnerabilities that are currently being exploited by cybercriminals. Read on to learn more.  

What are the critical vulnerabilities mentioned in Microsoft’s April 2024 Patch Tuesday?  

Among the vulnerabilities patched, 67 are remote code execution (RCE) bugs, which are particularly concerning as they allow attackers to execute arbitrary code remotely on a victim’s machine. A notable number of these RCE vulnerabilities affect Microsoft SQL drivers due to a common flaw. Additionally, the update includes patches for 26 Secure Boot bypasses, with two originating from Lenovo.

The update also addresses three critical vulnerabilities in Microsoft Defender for IoT, identified as CVE-2024-29053, CVE-2024-21323, and CVE-2024-21322. These vulnerabilities are classified as remote code execution issues and pose a significant risk to IoT environments. 

Tell me more about the zero-days 

The two zero-day vulnerabilities patched in this update are particularly alarming because they have been actively exploited in the wil 

  • CVE-2024-26234: This Proxy Driver Spoofing Vulnerability has been used by attackers to install backdoors on devices, giving them unauthorized access and control. 
  • CVE-2024-29988: The SmartScreen Prompt Security Feature Bypass Vulnerability allows attackers to circumvent Microsoft Defender’s SmartScreen prompts, which are designed to warn users about running untrusted files. This vulnerability has been linked to the Water Hydra threat group, known for spearphishing attacks that deploy the DarkMe Remote Access Trojan.

What is Nuspire doing? 

In response to these updates, Nuspire is taking proactive measures by applying patches as soon as they are released, following vendor recommendations. Additionally, Nuspire is actively threat hunting within client environments to detect any signs of compromise that may be related to these vulnerabilities. 

What should I do? 

Organizations that use Microsoft products must act swiftly to secure their systems against these vulnerabilities. The following steps are crucial: 

  • Review and Apply Patches: It is imperative to prioritize the installation of the April 2024 Patch Tuesday updates. Delaying these updates could leave systems exposed to the risk of exploitation. 
  • Focus on Critical and Actively Exploited Vulnerabilities: Special attention should be given to the three critical vulnerabilities and the two zero-days that are currently being exploited. These vulnerabilities represent the most immediate and severe threats and should be addressed as a priority. 

In light of these Microsoft Patch Tuesday updates, the importance of robust vulnerability management has never been clearer. Don’t let your organization be caught off guard by vulnerabilities and zero-day exploits. With Nuspire’s Vulnerability Management Services, you gain comprehensive protection through proactive vulnerability scanning, prioritized patch management and expert guidance tailored to your unique security needs.  

Have you registered for our next event?