A critical zero-day security vulnerability, CVE-2024-49138, has been confirmed by Microsoft and is currently under active exploitation. The US Cybersecurity and Infrastructure Security Agency (CISA) has added it to the Known Exploited Vulnerability Catalog, warning that it poses significant risks to Windows users.
The vulnerability, a heap-based buffer overflow issue in the Microsoft Windows Common Log File System driver, affects all Windows OS editions from Server 2008. It is rated “Critical” by Microsoft with a CVSSv3.1 score of 7.8.
Security experts warn that this vulnerability could be exploited by ransomware authors, who will likely take advantage of it to launch fresh attacks. CISA strongly urges organizations to prioritize timely remediation and update their systems now.
In contrast, the only other critical vulnerability with a higher rating (9.0) is CVE-2024-49112, which targets the lightweight directory access protocol and has been allocated an extremely high risk scale of 9.8.
Microsoft has provided mitigations, but experts emphasize that users must update their systems now to avoid exploitation. All Windows users are advised to prioritize their security by updating immediately and not falling victim to misinformation.
Source: https://www.forbes.com/sites/daveywinder/2024/12/12/new-windows-0day-attack-confirmed-homeland-security-says-update-now