overview

Microsoft has issued patches for over 60 vulnerabilities across its Windows ecosystem. Of particular concern are two critical HyperV vulnerabilities in Microsoft’s hypervisor, CVE-2024-21407 (CVSS 8.1) and CVE-2024-21408 (CVSS 5.5), which expose systems to remote code execution (RCE) and denial-of-service (DoS) attacks. 

CVE-2024-21407 is an RCE vulnerability that allows an authenticated attacker on a guest VM to execute specially crafted file operations, potentially leading to remote code execution on the host server.  

Meanwhile, CVE-2024-21408 is HyperV vulnerability that allows for DoS attacks. In this scenario, user interaction is not necessary, and only minimal privileges are required for the attacker to disrupt the system, potentially leading to a system crash. 

Also, Microsoft Exchange Server faces code execution issues with the vulnerability CVE-2024-26198 (CVSS 8.8). To exploit this vulnerability, the attacker must place a malicious file either in an online directory or on the local network, then persuade a user to open the file, initiating the exploit. 

While there's no evidence of active exploits, it's important for organizations to prioritize updating. Stay vigilant and apply patches as soon as possible.  

 

 

avertium's recommendationS


 

 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with the above vulnerabilities. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

 

 

How Avertium is Protecting Our CUSTOMERS

  • Fusion MXDR is the first MDR offering that fuse together all aspects of security operations into a living, breathing, threat-resistant XDR solution. By fusing insights from threat intelligence, security assessments, and vulnerability management into our MDR approach, Fusion MXDR offers a more informed, robust, and cost-effective approach to cybersecurity – one that is greater than the sum of its parts. 
  • We highly value your feedback. Kindly spare a moment to complete our feedback form, allowing us to enhance our services for our valued customers. 




 

SUPPORTING DOCUMENTATION

CVE-2024-21407 - Security Update Guide - Microsoft - Windows Hyper-V Remote Code Execution Vulnerability 

March Patch Tuesday fixes critical Hyper-V vulnerabilities | TechTarget 

CVE-2024-26198 - Security Update Guide - Microsoft - Microsoft Exchange Server Remote Code Execution Vulnerability 

CVE-2024-21408 - Security Update Guide - Microsoft - Windows Hyper-V Denial of Service Vulnerability 

Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server  - SecurityWeek 

 

Chat With One of Our Experts




windows vulnerability microsoft Flash Notice Microsoft Exchange Server Microsoft Vulnerability High-Severity Vulnerability Blog