CVE-2024-38202

Summary

CVE-2024-38202: Microsoft has addressed an elevation of privilege vulnerability in Windows Update. This issue allows an attacker with basic user privileges to potentially reintroduce previously mitigated vulnerabilities or bypass Virtualization Based Security (VBS) features. For exploitation, the attacker needs a privileged user to perform a system restore, which inadvertently triggers the vulnerability. Microsoft released a security update on October 8, 2024, and customers can download it from the CVE's security updates table. Additional steps may be necessary to protect Windows Recovery Environment (WinRE) for certain Windows versions. Customers unable to apply the update right away can find guidance in the Recommended Actions section to minimize risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.