Microsoft Tackles Zero-Day Vulnerabilities in October Security Update
Wednesday, 9 October 2024, 09:54
Zero-Day Vulnerabilities in Focus
In the October update, Microsoft patches two prominent zero-day vulnerabilities after they were found to be actively exploited.
Details of the Vulnerabilities
- CVE-2024-43573: A spoofing flaw affecting MSHTML, posing risks despite its moderate CVSS rating of 6.5.
- CVE-2024-43572: A more severe remote code execution (RCE) vulnerability in Microsoft Management Console (MMC), rated important with a CVSS score of 7.8.
With Microsoft emphasizing the need for users to avoid opening untrusted files, the update aims to bolster Windows security amidst these continuing threats.
This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.