You are here

HomeJohn Lister › Microsoft Issues Mega-Security Patch

Microsoft Issues Mega-Security Patch

John Lister's picture
by John Lister on April, 24 2024 at 03:04PM EDT

Microsoft has released one of the biggest Patch Tuesday updates ever. It includes 149 security fixes, including two "zero day bugs".

Some reports suggest this is the most fixes in any monthly Microsoft update while others suggest it is "merely" the biggest in the past seven years. Either way, this is not a month for anyone who chooses to install Windows security fixes manually to hang about.

Three of the fixes are for bugs Microsoft classes as "critical", meaning attackers could exploit them without requiring any action by the user. Almost all the rest are "important," meaning the attacker would need to trick the user into an action such as opening a file or clicking a link. (Source: thehackernews.com)

Hackers Headstart

Security updates will often tip would-be attackers off about potential targets, kicking off a race to get computers patches before the attackers are able to create and deploy a way to exploit the vulnerability.

With a "zero day" bug, the attackers already know about the vulnerability and are exploiting it before the fix is released. That's the case with at least two vulnerabilities this time. One, codenamed CVE-2024-26234, is described as a "proxy driver spoofing vulnerability." In simpler language, attackers managed to hide spy software inside a legitimate application to take advantage of it being certified by Microsoft. The spy software can then monitor network traffic on the computer, among other things.

The other, codenamed CVE-2024-29988, is a bug that could let attackers bypass SmartScreen. That's the Windows pop-up message that warns users when they are about to run an unknown file. That's a significant defense against malware distribution. (Source: helpnetsecurity.com)

Security Tools Compromised

The update also includes 26 fixes for flaws related to SecureBoot, which aims to stop attackers from running malware on a computer before Windows has even started up. It's notable that many of the vulnerabilities discovered and fixed in this update involve Microsoft's own security measures rather than in general applications.

The good news is that for anyone on default settings, Windows should install the fixes and update security automatically. However, it may be worth manually restarting to complete the update right away rather than waiting until the end of the working day.

What's Your Opinion?

Are you surprised to see so many fixes in one month? Does it make you concerned that Microsoft software is too buggy? Or is it simply a sign of a better job spotting problems?

Filed under:
Security
| Tags:
microsoft
,
update
,
security
,
windows
,
attackers
,
patch tuesday
Rate this article: 
Average: 4.3 (6 votes)

Comments

dbrumley3077's picture

Submitted by dbrumley3077 on Wed, 04/24/2024 - 20:54

Which Windows version(s) are covered by this patch ?

Dennis Faas's picture

Submitted by Dennis Faas on Thu, 04/25/2024 - 12:33

If you look up the CVE-2024-26234, it says Windows 10, 11, and Server 2008+. In general it's best to install the updates as they become available. As always, make a disk image backup prior to installing updates in case something goes wrong and you want to revert the changes.

Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.