Cyber News 🚨🔥

Yesterday was August 2024's patch Tuesday, Microsoft released fixes to 90 security vulnerabilities including six actively exploited zero-days. This Patch Tuesday features 9 critical vulnerabilities including two vulnerabilities with a CVSS score of 9.8, those vulnerabilities are:

• CVE-2024-38140: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
• CVE-2024-38063: Windows TCP/IP Remote Code Execution Vulnerability

Another vulnerability fixed this month is CVE-2024-38189 Microsoft Project Remote Code Execution Vulnerability with a CVSS of 8.8, Microsoft reported that this vulnerability is being actively exploited.

A zero-day vulnerability was also found in the Microsoft Edge browser (CVE-2024-38178, CVSS: 7.5) when Internet Explorer mode is enabled (which is not on by default) yet Microsoft reported that this vulnerability is being actively exploited.

And we will end this post with an interesting vulnerability: CVE-2024-38213, with a CVSS score of 6.5, allows attackers to bypass the "Mark of the Web" feature, a Windows security feature that marks files downloaded from the internet as untrusted.