CVE-2024-38014 - Microsoft Windows Installer Improper Privilege Management Vulnerability

Vulnerability Name

Microsoft Windows Installer Improper Privilege Management Vulnerability

Description

Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014

https://nvd.nist.gov/vuln/detail/CVE-2024-38014

Related News Articles

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows FlawsSeptember 11, 2024

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixesSeptember 11, 2024

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flawsSeptember 11, 2024