Skip to main content

Security Alert: Urgent Microsoft Windows Patches

Date:
2024-05-15 14:26:00
Status:
Closed
Brief Description:
Zero-day vulnerabilities in the Microsoft Windows operating system may allow privilege escalation and code execution and are being exploited in known ransomware attacks. Patch now.
Current Status:
Updates have been pushed.
Services Affected:
Certified Desktop
Full Description:
Microsoft’s May 2024 updates, released on May 14, fix three zero-day vulnerabilities in Microsoft Windows desktop and server operating systems. One zero-day vulnerability in the Desktop Window Manager component of Microsoft may allow privilege escalation with low effort and is confirmed by multiple sources as being exploited in known ransomware attacks by multiple threat actors. Patch now.
 
Certified Desktop customers:
Updates will be made available today with an installation deadline of 4:00 pm on Wednesday, May 22.

Users who do not have a managed computer should apply Windows updates as soon as possible. See “Microsoft – Update Windows” in the references below.

References:
Dark Reading: https://www.darkreading.com/vulnerabilities-threats/microsoft-windows-dwm-zero-day-mass-exploit  
Enter a full description of the incident. This will appear in the "see all information" view of this alert.
CIT TDX ID: