Windows 0-Day Exploits CVE-2024-38202 and CVE-2024-21302 Now on GitHub
Ayotunde Tayo-Balogun
Cybersecurity Leader - Engineering, Compliance, and People (FIIM, CISA, CISM, Project+, CC, CIW Security Analyst, Security+)
For more Technical details as disclosed by Alon Leviev click here.
CVE-2024-38202 (CVSS 7.3): A Windows Backup privilege escalation flaw allows attackers with basic user privileges to reverse previously applied security patches or bypass Virtualization Based Security (VBS) features.
CVE-2024-21302 (CVSS 6.7): A Windows Secure Kernel Mode vulnerability that enables attackers with admin privileges to replace system files with outdated, vulnerable versions.
Microsoft confirms there are no known exploits in the wild, but with proof-of-concept code now publicly available, the risk of exploitation is rising. It’s crucial for all users and admins to implement the recommended mitigations in the advisories while awaiting full security updates.
The tool “Windows Downdate” is now open-source on GitHub. While it aims to help security professionals understand and mitigate these vulnerabilities, it also presents a heightened risk as anyone can potentially weaponize it.
Feel free to reach out to TechMonks at [email protected] for tailored cybersecurity solutions to meet your business needs!
#cybersecurity #infosec #windowssecurity #vulnerability #CVE