TLDR:
- Microsoft released a Patch Tuesday update with 79 vulnerabilities, 7 of which are critical.
- Three of the vulnerabilities have been exploited in the wild.
Microsoft’s September 2024 Patch Tuesday update included fixes for various vulnerabilities affecting Windows products. Among the 79 vulnerabilities, seven were considered critical by Microsoft, with three already being exploited in the wild. These exploited vulnerabilities include issues with Windows Update and Installer, potentially granting attackers full system access. Admins are advised to install specific updates to address these bugs. Additionally, other vulnerabilities impacting Microsoft Office Publisher and a security feature called “Mark of the Web” were highlighted. The Patch Tuesday update also included new additions to CISA’s Known Exploited Vulnerabilities list, emphasizing the importance of promptly applying these patches for better cybersecurity.