Geek Feed

MHTML Exploited By APT Group Void Banshee

July 17, 2024July 17, 2024 geekfeed0Tagged CVE-2024-38112, exploit, mhtml, microsoft, rce vulnerability, windows

Security experts have uncovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-38112, within the MHTML protocol handler. This vulnerability, dubbed ZDI-CAN-24433, was reported from CVE-2024-38112 to Microsoft upon discovery (and later patched by the tech giant), with evidence suggesting it was actively exploited by the advanced persistent threat (APT) group Void Banshee. Known […]

2 mins read

Microsoft Fixes Four Zero-Days in July Patch

July 14, 2024July 14, 2024 geekfeed0Tagged CVE-2024-35264, CVE-2024-37985, CVE-2024-38080, CVE-2024-38112, microsoft, patch, windows, zero day

Sysadmins have a busy time ahead this month after Microsoft issued updates for over 140 CVEs, including four zero-day vulnerabilities. The zero-days are as follows: RCE Vulnerabilities Microsoft patched five critical RCE vulnerabilities in this July’s Patch Tuesday. First, a SharePoint vulnerability CVE-2024-38023 has been identified. “[It] could allow an authenticated attacker with site owner […]

2 mins read