⚡ Rocket.net – Managed WordPress Hosting

⚡ MiltonMarketing.com  Powered by Rocket.net – Managed WordPress Hosting

Bernard Aybouts - Blog - MiltonMarketing.com

Approx. read time: 1.7 min.

Post: Microsoft and Adobe Roll Out Critical Security Updates to Counter Exploits and Vulnerabilities

Microsoft has officially acknowledged the existence of exploits that circumvent its security measures, spotlighting the urgency during its Patch Tuesday event, which introduced an extensive array of updates aimed at enhancing security. On this occasion, Microsoft brought attention to three specific vulnerabilities that are currently being exploited through malware attacks. The tech giant highlighted a comprehensive list of 72 security flaws within the Windows environment, cautioning users about the potential for remote code execution, bypass of security features, disclosure of sensitive information, and escalation of privileges.

Among the critical vulnerabilities, CVE-2021-43890 was singled out, a bug from 2021, with Microsoft’s security team reporting known attempts to exploit this flaw using malicious packages linked to the Emotet/Trickbot/Bazaloader malware families. Microsoft’s Threat Intelligence has observed a surge in threat actors employing social engineering and phishing to compromise Windows OS users, leading to the deactivation of the ms-appinstaller protocol as a default security measure.

Microsoft also emphasized the significance of two vulnerabilities, CVE-2024-21412 and CVE-2024-21351, which have been exploited in malware campaigns, urging Windows administrators to take these threats seriously. Additionally, an update was released to address a remote code execution vulnerability in Microsoft Office (CVE-2024-21413), which could be exploited through the software’s Preview Pane. This flaw, with a high severity rating of 9.8, could potentially allow attackers to circumvent the Office Protected View and manipulate documents in editing mode instead of the intended protected mode.

In a related development, Adobe issued patches for at least 30 security vulnerabilities across various products, highlighting the risk of unpatched systems to code execution, security feature bypass, and denial-of-service attacks. The updates covered critical issues in Adobe Acrobat and Reader for both Windows and macOS users, with potential consequences including arbitrary code execution, application crashes, and memory leaks. Adobe also drew attention to urgent updates for Adobe Commerce and noted risks associated with Adobe Substance 3D Painter, Adobe FrameMaker Publishing Server, Adobe Audition, and Adobe Substance 3D Designer, although no active exploits have been detected for the vulnerabilities addressed in its February patch collection.

About the Author: Bernard Aybout (Virii8)

Avatar of Bernard Aybout (Virii8)
I am a dedicated technology enthusiast with over 45 years of life experience, passionate about computers, AI, emerging technologies, and their real-world impact. As the founder of my personal blog, MiltonMarketing.com, I explore how AI, health tech, engineering, finance, and other advanced fields leverage innovation—not as a replacement for human expertise, but as a tool to enhance it. My focus is on bridging the gap between cutting-edge technology and practical applications, ensuring ethical, responsible, and transformative use across industries. MiltonMarketing.com is more than just a tech blog—it's a growing platform for expert insights. We welcome qualified writers and industry professionals from IT, AI, healthcare, engineering, HVAC, automotive, finance, and beyond to contribute their knowledge. If you have expertise to share in how AI and technology shape industries while complementing human skills, join us in driving meaningful conversations about the future of innovation. 🚀