At a glance.
- Patch Tuesday notes.
- DragonRank manipulates SEO to promote scam sites.
- New York City man pleads guilty to payment card theft.
Patch Tuesday notes.
Microsoft yesterday issued patches for 79 vulnerabilities, including four actively exploited zero-days, Dark Reading reports. Two of the zero-days (CVE-2024-38226 and CVE-2024-38217) are security bypass vulnerabilities that can be exploited via social engineering. Dark Reading quotes Satnam Narang, senior staff research engineer at Tenable, as saying, "Exploitation of both CVE-2024-38226 and CVE-2024-38217 can lead to the bypass of important security features that block Microsoft Office macros from running." A third zero-day (CVE-2024-38014) is an elevation of privilege flaw affecting Windows Installer that can allow an attacker to gain SYSTEM privileges. The fourth zero-day is a remote code execution vulnerability in the Servicing Stack that's been assigned a CVSS score of 9.8. This vulnerability can allow an attacker to roll back fixes for previously patched flaws in Windows 10, version 1507.
Ivanti has patched a maximum severity remote code execution vulnerability (CVE-2024-29847) affecting its Endpoint Management software, BleepingComputer reports. The company stated, "Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution."
Adobe has released security patches for multiple products, including Acrobat and Reader, Photoshop, ColdFusion, Illustrator, and After Effects, BeyondMachines reports.
SecurityWeek has a summary of patches issued by ICS vendors, including Siemens, Schneider Electric, and ABB. The US Cybersecurity and Infrastructure Security Agency (CISA) has also issued four ICS advisories.