Security
Headlines
HeadlinesLatestCVEs

Headline

What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday?

What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday? In fact, just that it is being exploited in the wild. There are no write-ups or public exploits yet. The Acknowledgements section in the Microsoft bulletin is empty. It is not clear who reported it and from […]

Alexander V. Leonov
#vulnerability#windows#microsoft#blog

What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday****? In fact, just that it is being exploited in the wild. There are no write-ups or public exploits yet. The Acknowledgements section in the Microsoft bulletin is empty. It is not clear who reported it and from whom we can expect details.

ZDI suggested that this could be an additional fix for a similar July vulnerability Spoofing – Windows MSHTML Platform (CVE-2024-38112). The vulnerability type and component are the same. The July vulnerability was about “.url” file handling and was exploited by the APT group Void Banshee to install the Atlantida Stealer malware. Attackers may have bypassed the initial fix, prompting Microsoft to release a new patch. So far, this is only an assumption. But the vulnerability shouldn’t be ignored despite its low CVSS Base score (6.5).

На русском

Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.

А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.

Related news

New episode “In The Trend of VM” (#9): 4 trending vulnerabilities of October, scandal at The Linux Foundation, social “attack on the complainer”, “Ford’s method” for motivating IT specialists to fix vulnerabilities

New episode “In The Trend of VM” (#9): 4 trending vulnerabilities of October, scandal at The Linux Foundation, social “attack on the complainer”, “Ford’s method” for motivating IT specialists to fix vulnerabilities. The competition for the best question on the topic of VM continues. 😉🎁 📹 Video on YouTube, LinkedIn🗞 Post on Habr (rus)🗒 Digest […]

What NIST’s latest password standards mean, and why the old ones weren’t working

Rather than setting a regular cadence for changing passwords, users only need to change their passwords if there is evidence of a breach.

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based

Patch Tuesday, October 2024 Edition

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 "Sequoia" update that broke many cybersecurity tools.

5 Zero-Days in Microsoft's October Update to Patch Immediately

Threat actors are actively exploiting two of the vulnerabilities, while three others are publicly known and ripe for attack.

5 Zero-Days in Microsoft's October Update to Patch Immediately

Threat actors are actively exploiting two of the vulnerabilities, while three others are publicly known and ripe for attack.

Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities

The two vulnerabilities that Microsoft reports have been actively exploited in the wild and are publicly known are both rated as only being of “moderate” severity.

'Void Banshee' Exploits Second Microsoft Zero-Day

Attackers have been using the Windows MSHTML Platform spoofing vulnerability in conjunction with another zero-day flaw.

Microsoft Discloses 4 Zero-Days in September Update

This month's Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year.

Microsoft's Internet Explorer Gets Revived to Lure in Windows Victims

Though IE was officially retired in June 2022, the vulnerability ramped up in January 2023 and has been going strong since.

It's best to just assume you’ve been involved in a data breach somehow

Telecommunications provider AT&T disclosed earlier this month that adversaries stole a cache of data that contained the phone numbers and call records of “nearly all” of its customers.

Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks

The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer

An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-May 2024, the vulnerability – tracked as CVE-2024-38112 – was used as part of a multi-stage attack

Microsoft Patch Tuesday, July 2024 Edition

Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.

Alexander V. Leonov: Latest News

December Microsoft Patch Tuesday