CVE-2024-43461: Windows MSHTML Platform Spoofing Vulnerability Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-43461 [HIGH] CWE-451 Windows MSHTML Platform Spoofing Vulnerability Windows MSHTML Platform Spoofing Vulnerability Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-43461 [HIGH] CWE-451 Microsoft Windows MSHTML Platform Spoofing Vulnerability Microsoft Windows MSHTML Platform Spoofing Vulnerability Microsoft Windows MSHTML Platform contains a user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112. Affected: Microsoft Windows Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Exploitation References: https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2024-Sep; https://www.zerodayinitiative.com/blog/2024/9/10/the-september-2024-security-update-review; https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43461; https://www.bleepingcomputer.com/news/security/windows-vulnerability-abused-braille-spaces-in-zero-day-atta

CVE-2024-43461 [HIGH] CWE-451 Microsoft Windows MSHTML Platform Spoofing Vulnerability Vulnerability: Microsoft Windows MSHTML Platform Spoofing Vulnerability Affected: Microsoft Windows Microsoft Windows MSHTML Platform contains a user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112. Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43461 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43461 Remediation Due Date: 2024-10-07

CVE-2024-43461 [HIGH] CWE-451 Windows MSHTML Platform Spoofing Vulnerability Windows MSHTML Platform Spoofing Vulnerability FAQ: The Security Updates table indicates that this vulnerability affects all supported versions of Microsoft Windows. Why are IE Cumulative updates listed for Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2? While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. The MSHTML platform is used by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control. The EdgeHTML platform is used by WebView and some UWP applications. The scripting platforms are used by MSHTML and EdgeHTML but can

New Windows zero-day exploited by 11 state hacking groups since 2017 ## New Windows zero-day exploited by 11 state hacking groups since 2017 ## Sergiu Gatlan A Microsoft spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today. While Microsoft has yet to assign a CVE-ID to this vulnerability, Trend Micro is tracking it internally as ZDI-CAN-25373 and said it enables attackers to execute arbitrary code on affected Windows systems. As the researchers found while investigating in-the-wild ZDI-CAN-25373 exploitation, the security flaw has been exploited in widespread attacks by many state-sponsored threat groups and cybercrime gangs , including Evil Corp, APT43 (Kimsuky), Bitter, APT37, Mustang Panda, SideWinder, RedHotel, Konni, and others. Although the campaigns have targeted victims worldwide, they've been

Microsoft Patch Tuesday 2024 Year in Review ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

[HIGH] Microsoft’s October 2024 Patch Tuesday Addresses 117 CVEs (CVE-2024-43572, CVE-2024-43573) ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

CVE-2024-38112 [HIGH] CISA warns of Windows flaw used in infostealer malware attacks ## CISA warns of Windows flaw used in infostealer malware attacks ## Sergiu Gatlan "We released a fix for CVE-2024-38112 in our July 2024 security updates which broke this attack chain," it said. "Customers should both the July 2024 and September 2024 security update to fully protect themselves." Peter Girnus, the Trend Micro Zero Day Initiative (ZDI) threat researcher who reported the security flaw, told BleepingComputer that Void Banshee hackers exploited it in zero-day attacks to install information-stealing malware. The vulnerability enables remote attackers to execute arbitrary code on unpatched Windows systems by tricking the targets into visiting a maliciously crafted webpage or opening a malicious file. "The specific flaw exists within the way Internet Explorer prompts the use

CVE-2024-43461 [HIGH] Windows vulnerability abused braille “spaces” in zero-day attacks ## Windows vulnerability abused braille “spaces” in zero-day attacks ## Lawrence Abrams Void Banshee is an APT hacking group first tracked by Trend Micro that targets organizations in North America, Europe, and Southeast Asia to steal data and for financial gain. ## The CVE-2024-43461 zero-day In July, Check Point Research and Trend Micro both reported on the same attacks that exploited Windows zero-days to infect devices with the Atlantida info-stealer , used to steal passwords, authentication cookies, and cryptocurrency wallets from infected devices. The attacks utilized zero-days tracked as CVE-2024-38112 (fixed in July) and CVE-2024-43461 (fixed this month) as part of the attack chain. The discovery of the CVE-2024-38112 zero-day was attributed to Check Point researcher Haifei Li

[HIGH] Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws ## Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws ## Lawrence Abrams 30 Elevation of Privilege Vulnerabilities 4 Security Feature Bypass Vulnerabilities 23 Remote Code Execution Vulnerabilities 11 Information Disclosure Vulnerabilities 8 Denial of Service Vulnerabilities 3 Spoofing Vulnerabilities To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5043076 cumulative update and Windows 10 KB5043064 update . ## Four zero-days disclosed This month's Patch Tuesday fixes three actively exploited, one of which was publicly disclosed, and another that reintroduces old CVEs so is marked as exploited. Microsoft classifies a zero-day flaw as one that is publicly disclosed or actively exploited whil

The September 2024 Security Update Review # The September 2024 Security Update Review Get the September 2023 security update and review. By: Zero Day Initiative 2024/09/10 Read time: ( words) Save to Folio We’ve reached September and the pumpkin spice floats in the air. While they aren’t pumpkin-spiced, Microsoft and Adobe have released their latest spicy security patches – including some zesty 0-days. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for September 2024 For September, Adobe released eight bulletins covering 28 CVEs in Adobe Acrobat and Reader, ColdFusion, Photoshop, Media Encoder, Audition, After Effects, Premier Pro, and Illustrator.

[HIGH] The September 2024 Security Update Review ## The September 2024 Security Update Review Get the September 2023 security update and review. By: Zero Day Initiative 2024/09/10 Read time: ( words) Save to Folio We’ve reached September and the pumpkin spice floats in the air. While they aren’t pumpkin-spiced, Microsoft and Adobe have released their latest spicy security patches – including some zesty 0-days. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: CVE Title Severity CVSS Public Exploited XI Type CVE-2024-38217 Windows Mark of the Web Security Feature Bypass Vulnerability Important 5.4 Yes Yes 0 SFB CVE-2024-43491 † Microsoft Windows Update Remote