Microsoft Monthly Security Update (February 2024)
[Updated on 2024-02-16]
Exploit in the wild has been detected for CVE-2024-21410, affecting Microsoft Exchange Server. The vulnerability could be exploited by sending a crafted request to steal user’s NTLM hash.
Proof of Concept exploit code is publicly available for CVE-2024-21413, affecting Microsoft Outlook. The vulnerability could be exploited by clicking on a malicious URL and execute arbitrary code.
[Updated on 2024-02-29]
Exploit in the wild has been detected for CVE-2024-21338, affecting Microsoft Windows. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
Microsoft has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes |
| Browser |  Medium Risk | Remote Code Execution | |
| Azure | Medium Risk | Remote Code Execution Elevation of Privilege Spoofing | |
| Developer Tools | Medium Risk | Remote Code Execution Denial of Service | |
| Windows |  High Risk | Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Restriction Bypass Spoofing | CVE-2024-21351 is being exploited in the wild. The vulnerability allows a malicious actor to inject code into SmartScreen and potentially gain code execution, which could potentially lead to some data exposure, lack of system availability, or both.
CVE-2024-21412 is being exploited in the wild. The vulnerability could bypass Mark of the Web (MoTW) warnings in Windows.
[Updated on 2024-02-29] CVE-2024-21338 is being exploited in the wild. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. |
| Extended Security Updates (ESU) | Medium Risk | Denial of Service Information Disclosure Remote Code Execution Elevation of Privilege Spoofing | |
| Microsoft Dynamics | Medium Risk | Spoofing Information Disclosure | |
| Microsoft Office | High Risk | Remote Code Execution Elevation of Privilege Information Disclosure | [Updated on 2024-02-16] CVE-2024-21413 Proof-Of-Concept is available in public. The vulnerability could be exploited by clicking a malicious URL and execute arbitrary code. |
| System Center | Medium Risk | Elevation of Privilege | |
| Exchange Server | High Risk | Elevation of Privilege | [Updated on 2024-02-16] CVE-2024-21410 is being exploited in the wild. The vulnerability could be exploited by sending a crafted request to steal user’s NTLM hash. |
| Mariner |  Low Risk |
Number of ‘Extremely High Risk’ product(s): 0
Number of ‘High Risk’ product(s): 3
Number of ‘Medium Risk’ product(s): 6
Number of ‘Low Risk’ product(s): 1
Evaluation of overall ‘Risk Level’: High Risk
RISK: High Risk
TYPE: Operating Systems – Windows OS
Impact
- Remote Code Execution
- Security Restriction Bypass
- Elevation of Privilege
- Denial of Service
- Information Disclosure
- Spoofing
System / Technologies affected
- Browser
- Azure
- Developer Tools
- Windows
- Extended Security Updates (ESU)
- Microsoft Dynamics
- Microsoft Office
- System Center
- Exchange Server
- Mariner
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor.
Vulnerability Identifier
Source
Related Link
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
