Microsoft has issued an urgent alert regarding an actively exploited zero-day vulnerability in the Windows Management Console, tracked as CVE-2024-43572. This remote code execution (RCE) flaw is being abused by attackers using malicious Microsoft Saved Console (MSC) files to execute arbitrary code on targeted Windows systems.
The vulnerability, which carries a CVSS severity score of 7.8/10, is part of the widely used Microsoft Management Console (MMC), a key Windows component for system configuration and monitoring. It is one of the headline issues in Microsoft’s latest Patch Tuesday release, which addresses a total of 119 vulnerabilities across the Windows ecosystem.
Despite the active exploitation of this flaw, Microsoft has not provided indicators of compromise (IOCs) or telemetry data to help security teams detect potential infections. This marks the 23rd zero-day Microsoft has responded to this year before a patch became available.
Alongside CVE-2024-43572, Microsoft has also flagged another urgent vulnerability, CVE-2024-43573, in the Windows MSHTML platform. This platform, used by Internet Explorer mode in Microsoft Edge and other applications, has been frequently targeted by ransomware groups and nation-state attackers. CVE-2024-43573 is also under active exploitation.
The October Patch Tuesday release includes critical patches for several remote code execution vulnerabilities, including:
* Visual Studio Code extension for Arduino
* Remote Desktop Protocol Server (CVE-2024-43582)
* Microsoft Configuration Manager (CVE-2024-43468)
Other notable fixes address publicly known issues, such as a Winlogon privilege escalation vulnerability (CVE-2024-43583), a Windows Hyper-V security bypass flaw (CVE-2024-20659), and a code execution bug in the Windows cURL implementation.
In parallel, Adobe released critical security updates for multiple products, including a patch for 25 vulnerabilities in Adobe Commerce. Two of these vulnerabilities carry a CVSS score of 9.8/10, posing a serious risk of code execution, privilege escalation, and security bypass attacks on Windows and macOS platforms.
With the ongoing exploitation of these flaws, Microsoft urges Windows users to prioritize patching these vulnerabilities to safeguard their systems from potential attacks.