CVE-2024-38014 - Microsoft Windows Installer Improper Privilege Management Vulnerability

项目:Microsoft

产品:Windows

添加日期:2024-09-10到期日:2024-10-01最后更新:June 21, 2025

漏洞名称

Microsoft Windows Installer Improper Privilege Management Vulnerability

描述

Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.

已知用于勒索软件活动吗?

Unknown

采集行动

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

其他说明

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014

https://nvd.nist.gov/vuln/detail/CVE-2024-38014

相关新闻文章

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows FlawsSeptember 11, 2024

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixesSeptember 10, 2024

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flawsSeptember 10, 2024

相关 CWE