- Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, addressing a proxy driver spoofing vulnerability and a SmartScreen prompt security feature bypass vulnerability.
- The first vulnerability, CVE-2024-26234, involved a malicious driver signed with a valid Microsoft Hardware Publisher Certificate, initially identified by Sophos X-Ops and reported to Microsoft for remediation.
- The second zero-day, CVE-2024-29988, allowed attackers to bypass the SmartScreen prompt security feature, enabling malware deployment on Windows systems.
- These vulnerabilities were actively exploited by the Water Hydra hacking group, targeting forex and stock trading forums with the DarkMe remote access trojan.
- Microsoft released security updates for a total of 150 vulnerabilities in April 2024, with 67 classified as remote code execution bugs.
Related Video
Published on: June 1, 2022
Description: Want to become a HACKER? ITProTV has you covered: https://ntck.co/itprotv (30% off FOREVER) *affiliate link In this video ...
let’s play with a ZERO-DAY vulnerability “follina”
Related Wikipedia Articles
Topics: No responseResponse
Response may refer to: Call and response (music), musical structure Reaction (disambiguation) Request–response Output or response, the result of telecommunications input Response (liturgy), a line answering a versicle Response (music) or antiphon, a response to a psalm or other part of a religious service Response, a phase in emergency management...
Read more: Response
