Microsoft releases 61 Patch Tuesday updates, warns of zero-day bugs

Cyber Daily May 15, 2024, 06:00 AM UTC

Summary: Microsoft warns of an actively exploited vulnerability among 60+ patches released on Patch Tuesday. Three zero-day vulnerabilities include CVE-2024-30051, granting SYSTEM privileges, CVE-2024-30046 requiring a complex attack, and CVE-2024-30040 actively exploited in Microsoft 365 and Office. Urgent attention is needed for unpatched assets. Adam Barnett from Rapid7 explains the vulnerabilities' details. CVE-2024-30040 requires convincing users to open a malicious file for code execution.

Full article

Article metrics
Significance5.5
Scale8.0
Magnitude7.0
Novelty6.0
Actionability9.0
Immediacy9.0
Positivity3.0
Probability0.0
Credibility7.5

Timeline:

  1. [3.6]
    Microsoft patches zero-day bug used for QakBot malware distribution (TechRadar)
    14d
    Source