Summary:
On August 14, 2024, Microsoft issued patches for six actively exploited vulnerabilities as part of its regular Patch Tuesday updates. These flaws affect Microsoft Project, various Windows products, and the Windows Scripting Engine. Notably, one high-severity vulnerability in Microsoft Project (CVE-2024-38189) could allow remote code execution if a victim opens a malicious file. Other significant flaws include memory corruption in the Scripting Engine (CVE-2024-38178) and elevation-of-privilege bugs in the Windows Ancillary Function Driver and Power Dependency Coordinator (CVE-2024-38193, CVE-2024-38107).

Security Officer Comments:
Additionally, Microsoft addressed a flaw in Windows Kernel (CVE-2024-38106) and a moderate-severity issue in Windows Mark of the Web (CVE-2024-38213). The updates also included fixes for other serious vulnerabilities, such as a remote code execution flaw in Windows TCP/IP (CVE-2024-38063). The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to apply these patches within three weeks.

Suggested Corrections:
To effectively manage vulnerabilities, organizations should establish a patch management policy that includes a regular update schedule and assigns responsibilities. Maintain an inventory of assets and prioritize patches based on severity. Test patches in a staging environment to ensure compatibility before deployment. Use automated tools for systematic patch application and monitor progress to address any issues. Communicate with stakeholders about updates and provide training on best practices. After deployment, verify installations and conduct audits to ensure effectiveness. Continuously review and improve the policy to adapt to new threats and technological changes.

Link(s):
https://duo.com/decipher/microsoft-fixes-six-actively-exploited-bugs