Microsoft has released its May 2024 Patch Tuesday security updates to fix 60 vulnerabilities across its products, including two vulnerabilities that were detected being exploited in the wild.

Tracked as CVE-2024-30051, the first exploited vulnerability is in the Windows DWM Core Library and could allow an adversary to gain SYSTEM-level privileges. Additionally, based on the findings of Kaspersky security researcher, multiple threat actors were seen exploiting it in mid-April to deliver Qakbot and other malware.

While the second exploited vulnerability, tracked as CVE-2024-30040, bypasses OLE mitigations in Microsoft 365 and Microsoft Office. This could allow an unauthenticated attacker to gain code execution by convincing a user to open a malicious document, at which point the attacker could execute arbitrary code in the context of the user.

_____________________________

A. List of the Vulnerabilities

Kindly check the link below for the lists of Microsoft CVEs and non-Microsoft CVEs.

• https://msrc.microsoft.com/update-guide/releaseNote/2024-May

_____________________________

B. Actions to be Taken

CERT-PH recommends the following actions be taken:

• Kindly review and apply the necessary updates to mitigate future threats.
• For additional information, kindly refer to the official report.
  • https://msrc.microsoft.com/update-guide/releaseNote/2024-May
  • https://msrc.microsoft.com/update-guide/vulnerability