Service Notices

All Notices > Security Notices > Microsoft Releases February 2024 Security Updates

Microsoft Releases February 2024 Security Updates

Feb 19, 2024 GMT+08:00

I. Overview

Microsoft has released its February 2024 Security Updates. A total of 73 security vulnerabilities have been disclosed, among which 5 are marked as important vulnerabilities. Attackers can exploit this vulnerability to remotely execute code, obtain sensitive information, and bypass security functions. Affected applications include Microsoft Windows, Microsoft Office, Microsoft Dynamics, and Azure.

For details, visit the Microsoft official website:

https://msrc.microsoft.com/update-guide/releaseNote/2024-Feb

The following vulnerabilities have been exploited by attackers:

Internet shortcut file security feature bypass vulnerability (CVE-2024-21412): 0-day vulnerability. To trigger the vulnerability, an unauthenticated remote attacker could send a specially crafted malicious file to the targeted user and induce the user to open the file. Successful exploitation of the vulnerability can bypass security checks. This vulnerability has been exploited in the wild, and the risk is high.

Microsoft exchange server elevation of privilege vulnerability (CVE-2024-21410): 0-day vulnerability. An attacker who successfully exploited this vulnerability could relay a user's leaked Net-NTLMv2 hash against a vulnerable Exchange Server and authenticate as the user. This vulnerability has been exploited in the wild, and the risk is high.

Windows SmartScreen security feature bypass vulnerability (CVE-2024-21351): 0-day vulnerability. To trigger the vulnerability, an attacker could send a specially crafted malicious file to a targeted user and induce the user to open the file. Successful exploitation of this vulnerability can bypass the SmartScreen security features. This vulnerability has been exploited in the wild, and the risk is high.

7 vulnerabilities (such as CVE-2024-21345, CVE-2024-21357, and CVE-2024-21378) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Products such as Microsoft Windows, Microsoft Office, Microsoft Dynamics and Azure.

IV. Vulnerability Details

CVE No.

Vulnerability

Severity

Description

CVE-2024-21357

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Important

Attackers can exploit this vulnerability by sending specially crafted malicious requests to the target server. Successful exploitation of this vulnerability can cause remote code execution on the target system.

CVE-2024-21413

Microsoft Outlook Remote Code Execution Vulnerability

Important

Attackers can exploit this vulnerability by making malicious links that bypass the Office Protected View and inducing users to click them. Successful exploitation of the vulnerability can lead to local NTLM credential leakage and remote code execution.

CVE-2024-21380

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability

Important

An authenticated remote attacker could induce a target user to click a specially crafted URL to trigger the vulnerability. Successful exploitation of the vulnerability can obtain high privileges, including read, write, and delete functionality.

CVE-2024-21410

Microsoft Exchange Server Elevation of Privilege Vulnerability

Important

An attacker who successfully exploited this vulnerability could relay a user's leaked Net-NTLMv2 hash against a vulnerable Exchange Server and authenticate as the user.

CVE-2024-20684

Windows Hyper-V Denial of Service Vulnerability

Important

Successful exploitation of this vulnerability will allow attackers to perform denial of service (DoS) attacks on Hyper-V hosts.

(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)

V. Security Recommendations

1. Use Windows Update or download patches from the following address to fix the vulnerabilities:

https://msrc.microsoft.com/update-guide

2. Back up data remotely to protect your data.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.