Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988)

On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked as exploited, but Peter Girnus, senior threat researcher with Trend Micro’s Zero Day Initiative (ZDI), has found being leveraged by attackers in the wild. “Threat actors are sending exploits in a zipped file to evade EDR/NDR detection and then using this bug (and others) to bypass MotW,” notes Dustin Childs, head of threat … More →

The post …

actively exploited april attackers bypass bypass vulnerability cisa cve cve-2024 don't miss exploited exploits feature found hot stuff initiative micro microsoft patch patches patch tuesday peter record researcher security security feature bypass security update sonicwall tenable threat threat actors trend trend micro tuesday vulnerabilities vulnerability vulnerability management zdi zero day initiative