This month, we’ve got 3 zero-days when it comes to WINDOWS and we even have Mac in the discussion this time.
According to KrebsOnSecurity, there are at least 60 different fixes this time. Two of the vulnerabilities are already being used in attacks, and of course, Chrome is also getting fixed in the web browser space.
One of the CVE’s is an elevation bug in a chore library of Windows. It takes advantage of social engineering whether its email or social media to get a foothold on to your system.
The second is dealing with mshtml, which is deeply tied to the default browser in windows and has a security bypass.
QakBot takes advantage of the second vulnerability, should we be surprised of this? QakBot was first on the scene as a banking trojan all the way back in 2007. Don’t know if I talked about it then, but it is definitely interesting how malware such as this can use things like any CVE out there to leverage its dirty work.
A third CVE is the only one that earned a critical rating by Microsoft. CVE-2024-30044, is a CVE that deals with a flaw in Sharepoint.
For complete details in cluding Adobe and Mac discussion, please read Brian’s article titled Patch Tuesday, May 2024 Edition and make it a great day!
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.