Microsoft Tackles Zero-Day Vulnerabilities in October Security Update

Wednesday, 9 October 2024, 09:54
Zero-day vulnerabilities have been a significant focus in Microsoft's October security update. This month's update addresses two actively exploited vulnerabilities, highlighting ongoing risks for Windows security users and organizations.
Csoonline
Microsoft Tackles Zero-Day Vulnerabilities in October Security Update

Zero-Day Vulnerabilities in Focus

In the October update, Microsoft patches two prominent zero-day vulnerabilities after they were found to be actively exploited.

Details of the Vulnerabilities

  • CVE-2024-43573: A spoofing flaw affecting MSHTML, posing risks despite its moderate CVSS rating of 6.5.
  • CVE-2024-43572: A more severe remote code execution (RCE) vulnerability in Microsoft Management Console (MMC), rated important with a CVSS score of 7.8.

With Microsoft emphasizing the need for users to avoid opening untrusted files, the update aims to bolster Windows security amidst these continuing threats.

This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.

Related posts

Newsletter

Get the most reliable and up-to-date financial news with our curated selections. Subscribe to our newsletter for convenient access and enhance your analytical work effortlessly.

Subscribe