On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked as exploited, but Peter Girnus, senior threat researcher with Trend Micro’s Zero Day Initiative (ZDI), has found being leveraged by attackers in the wild. “Threat actors are sending exploits in a zipped file to evade EDR/NDR detection and then using this bug (and others) to bypass MotW,” notes Dustin Childs, head of threat … More
The post Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234) appeared first on Help Net Security.
This article has been indexed from Help Net Security