Skip to content

On February 2024, Microsoft’s Patch Tuesday saw the release of updates addressing 73 vulnerabilities, including two critical zero-day flaws that were actively exploited. Among these vulnerabilities, five were rated as critical, 66 as important, and two as moderate, spanning a wide range of Microsoft products from Windows and Azure to Microsoft Office and Exchange Server.

The critical issues included a notable elevation of privilege vulnerability in Microsoft Exchange Server and remote code execution vulnerabilities in various components. Two zero-day vulnerabilities, CVE-2024-21351 and CVE-2024-21412, were particularly concerning due to their active exploitation, involving a security feature bypass in Windows SmartScreen and Internet Shortcut Files, respectively.

These updates underscore the importance of timely patch management as a cornerstone of cyber security hygiene to mitigate potential attacks and safeguard systems against exploitation.

For more detailed insights and technical analysis, you can read more at the following sites: The Hacker News, BleepingComputer, and Tenable’s blog.