Microsoft has recently issued security updates aimed at tackling 61 high-risk vulnerabilities, two of which are deemed critical. The release comes amidst growing concerns about potential cyber threats targeting vulnerable systems.
Of particular concern is the possibility for cyber threat actors to exploit these vulnerabilities to gain control over affected systems. The UAE Cyber Security Council has advised the implementation of these updates to safeguard against potential breaches or leaks of personal information and data.
A joint report by the UAE Cyber Security Council and CPX Holding reveals a troubling reality: the UAE currently harbors 155,000 cyber assets vulnerable to exploitation, with 40 percent of them aged over five years. This underscores the critical need for robust cybersecurity measures, especially in the face of escalating cyber threats such as ransomware attacks.
Key vulnerabilities addressed in the Microsoft update include:
CVE-2024-21334: A remote code execution vulnerability impacting Open Management Infrastructure (OMI).
CVE-2024-21400: A privilege escalation vulnerability affecting Microsoft Azure Kubernetes Service Confidential Container.
CVE-2024-21407: A remote code execution vulnerability targeting Windows Hyper-V.
CVE-2024-21426: A remote code execution vulnerability affecting Microsoft SharePoint.
Individuals and organizations affected by these vulnerabilities are strongly advised to review Microsoft’s March 2024 Security Update Summary and apply the necessary updates promptly.