Patch Tuesday Alert: Microsoft Security Flaws and Windows 10 Vulnerabilities

As we dive into yet another installment of Patch Tuesday, the air is thick with a mix of urgency and trepidation. Microsoft has revealed a significant snag in its security updates—one that has broken aspects of Windows 10 patching. This misstep is alarming, especially when it’s compounded by the revelation that several vulnerabilities are already being actively exploited. Buckle up, Windows users; the latest round of updates is not just routine maintenance but an urgent call to safeguard your systems. Microsoft's Recent Patch Overview On September 10, Microsoft unleashed fixes for over 70 vulnerabilities that span across its extensive range of products, including Windows, Office, Azure, Dynamics Business Central, SQL Server, and many others. Among these, three vulnerabilities have been marked as critical and are currently under active exploitation. Here's a peek at the hotly debated issues:

1. CVE-2024-38014 – A privilege escalation flaw in Windows Installer rated 7.8, which can grant an attacker SYSTEM privileges, discovered by SEC Consult Vulnerability Lab.
2. CVE-2024-38226 – A security bypass in Publisher 2016 and Office versions 2019 and 2021, allowing attackers to bypass essential macro protections, rated at 7.4.
3. CVE-2024-38217 – Allowing a bypass of Microsoft's Mark of the Web identification engine, a showpiece security system that helps protect users by marking untrusted downloads. Loading these updates not only involves running the gauntlet of common patch woes but adds to the anxiety of whether they will inadvertently degrade system functionality. Discovering the Faulty Patching Process Among the most pressing concerns, however, is CVE-2024-43491, affecting Windows 10 version 1507—an iteration so ancient it already fell out of mainstream support back in 2017. Yet curiously, some systems still cling to life on this version, particularly those running Windows 10 Enterprise 2015 LTSB and IoT models. This vulnerability stands at a staggering 9.8 on the CVSS scale, indicating its severity. It essentially allows installed updates to roll back, secretly uninstalling past security patches, thereby exposing systems to further attacks. Why Did This Happen? Microsoft's revelation points to a programming blunder in the servicing stack of Windows 10 version 1507. If any security updates released between March and August 2024 were installed, the system mistakenly characterized previously patched components as "not applicable," reverting them to their original—vulnerable—state. The issue is a cautionary tale in the fast-paced world of software updates, emphasizing how an ostensibly minor coding error can cascade into a calamitous security scenario. This particular oversight underscores the inherent risk in complacency surrounding software maintenance. The rollback affects various components, including .NET Framework, Internet Explorer, and Remote Desktop services, which are integral to the functionality of many business operations. Restoration Steps and Future Precautions To rectify the detours caused by this blunder, Microsoft advises affected users to install the September 2024 Servicing Stack Update (KB5043936) and the related Security Update (KB5043083) without delay. For those automatically applying updates, this may have already happened, but it’s prudent for all users to confirm. A word of caution: reports indicate that applying these updates may disrupt dual-boot systems running Windows and Linux. As always, careful review of the update impacts is essential before proceeding, especially for critical systems in production environments. The Broader Security Landscape Beyond Microsoft, other major players like Adobe, Intel, and SAP have also announced various critical vulnerabilities and patches this month, contributing to this overwhelming security landscape dominated by the dual threat of outdated systems and new exploitation vectors.
   • Adobe reported fixing 19 critical and numerous important issues across its suite, yet downplayed the risk, classifying all as Priority 3—suggesting no active exploits were targeting them.
   • Intel, on the other hand, released patches for several vulnerabilities concerning UEFI firmware (including one critical denial of service vulnerability), urging users to act on systems affected by significantly outdated firmware.
   • SAP issued its own security notes detailing critical vulnerabilities that need addressing, particularly for its Business Intelligence Platform. CISA (Cybersecurity and Infrastructure Security Agency) continues to raise alarms about vulnerabilities within Ivanti's software, warning administrators to swiftly apply necessary updates as many of these pitfalls remain unaddressed in enterprise settings. What This Means for Windows Users For the everyday user, the chaos swirling around this month’s Patch Tuesday serves as a stark reminder of the importance of robust patch management and cybersecurity hygiene. It’s a call to arms to regularly update systems, assess the impact of updates, and remain vigilant against the ever-changing landscape of cyber threats. The bigger picture hints at a troubling trend: as more vulnerabilities come to light and active exploits rise, the potential for serious breaches increases. Vigilance and timely application of security updates will never be more critical than in these perilous times. Recap and Key Takeaways
4. Increased Vulnerabilities: Microsoft patched over 70 flaws, with critical vulnerabilities being exploited in the wild.
5. Severe Bugs: Key bug CVE-2024-43491 affects a legacy version of Windows, silently rolling back security updates—essentially allowing attackers to breach defenses.
6. Proactive Measures: Users are advised to install the September updates and monitor dual-boot systems carefully.
7. Wider Threats: Security alerts are echoing through Adobe, Intel, and other major players signaling that vigilance is necessary across all platforms. Patch Tuesday no longer feels like an uneventful routine; it’s a security battleground. For Windows users, it’s time to turn the page and ensure systems are fortified against potential cyber incursions. Stay tuned, stay secured, and remember: every update is a lifeline. Source: The Register Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack