Microsoft Releases Patch Tuesday Update with 73 Vulnerabilities
In the latest Patch Tuesday update from Microsoft, released in February 2024, a total of 73 vulnerabilities were addressed in the company’s software. This includes two Zero-day vulnerabilities actively being exploited by attackers, as well as an ancient vulnerability that has been present in Windows for 24 years.
Out of the vulnerabilities that were fixed, five were classified as “critical,” 65 were categorized as “important,” and three were labeled as “moderate.” Microsoft also addressed 24 vulnerabilities in its Chromium-based browser, Edge.
Two vulnerabilities in particular have garnered significant attention:
- CVE-2024-21351 (CVSS 7.6 rating), which relates to Windows Smartscreen protection bypassing.
- CVE-2024-21412 (CVSS 8.1 rating), which allows for bypassing of protection in Internet shortcut files.
Microsoft has emphasized the severity of CVE-2024-21351, stating that it could allow an attacker to introduce malicious code and potentially lead to data leakage or system malfunctions. CVE-2024-21412, on the other hand, enables unverified attackers to evade defense