Published on: 08 August 2024
Microsoft has released out-of-band security advisories to address the vulnerabilities in Microsoft Windows and Server. An attacker exploiting these vulnerabilities could perform a system restore on a patched Windows system, making the fixed vulnerabilities being reintroduced.
Reports indicated that the technical details of vulnerabilities (CVE-2024-21302 and CVE-2024-38202) in Microsoft Windows and Server were publicly disclosed. Patches are yet to be available but Microsoft has provided workarounds to mitigate the risk. System administrators and users are advised to observe the advisories and immediately apply the recommended workarounds to mitigate the elevated risk of cyber attacks.
Successful exploitation of the vulnerabilities could lead to elevation of privilege, information disclosure or tampering on an affected system.
While patches for affected systems are yet available, temporary measure is provided by Microsoft to mitigate the risk of exploitation. System administrators and end users of affected systems should follow the recommendations listed below and take immediate actions to mitigate the risk:
Restrict the access or modification of files related to system backups
Ensure the privileges used to perform backup and restore operations are granted to the system administrators only
Details of the workarounds provided by Microsoft can be found in the following URL:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202