Microsoft Patch Tuesday April 2024

Microsoft has released a new Patch Tuesday. This month there are a total of 150 vulnerabilities patches, 3 of which were marked critical 2 of those are zero-days.

CVE-2024-26234 (CVSS 3.1,  medium): this vulnerability is a proxy driver spoofing vulnerability, Sophos shared that a malicious driver is being signed with a valid Microsoft Hardware Publisher Certificate. The purpose is to deploy a backdoor disclosed by Stairwell.

CVE-2024-29988 (CVSS 3.1, high): SmartScreen prompt security feature bypass. This was reported by Peter Girnus from Trend Micro and Dmitrij Lenz and Vlad Stolyarov by Google threat analysis group. This vulnerability is related to CVE-2024-21412, this vulnerability was incorrectly patched resulting in not a fully resolved vulnerability, this patch is to address a second part of exploit chain.

The main list of patches are:

• 31 Elevation of Privilege Vulnerabilities
• 29 Security Feature Bypass Vulnerabilities
• 67 Remote Code Execution Vulnerabilities
• 13 Information Disclosure Vulnerabilities
• 7 Denial of Service Vulnerabilities
• 3 Spoofing Vulnerabilities

More information can be found here.