Microsoft’s Patch Tuesday for April 2024 was a significant one, with the tech giant releasing an update that rectified a record-breaking number of flaws in Windows 11. The patch addressed approximately 150 vulnerabilities, including 67 remote code execution bugs.
The vulnerabilities affected various versions of Windows 11, namely 23H2, 22H2, and 21H2. The patch not only addressed these flaws but also fixed three critical vulnerabilities deemed to pose significant risk to users. These critical flaws affected Microsoft Defender, a security app designed to protect users’ personal data from online threats.
Two of the vulnerabilities under active exploitation were CVE-2024-26234, a Proxy Driver Spoofing Vulnerability, and CVE-2024-29988, a SmartScreen Prompt Security Feature Bypass Vulnerability. The former was first detected by Sophos in December 2023 and involved an executable signed by a valid Microsoft Hardware Publisher Certificate. The latter allowed bypassing Microsoft Defender SmartScreen, a built-in native feature that checks if a website or file is malicious.
Read more at: mashable.com