Böngésszen szolgáltatóknak szóló tartalmaink között.
2024. Szep. 11.
Biztonsági szemle
Microsoft September 2024 Patch Tuesday, (Tue, Sep 10th)
Today, Microsoft released its scheduled September set of patches. This update addresses 79 different vulnerabilities. Seven of these vulnerabilities are rated critical. Four vulnerabilities are already being exploited and have been made public.
NA - CVE-2024-23716 - In DevmemIntPFNotify of devicemem_server.c,...
In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution...
NA - CVE-2024-40650 - In wifi_item_edit_content of styles.xml , there...
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for FRP state. This could lead to local escalation of privilege with no additional execution privileges...
NA - CVE-2024-40652 - In onCreate of SettingsHomepageActivity.java,...
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. This could lead to local...
NA - CVE-2024-40654 - In multiple locations, there is a possible...
In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User...
NA - CVE-2024-40655 - In bindAndGetCallIdentification of...
In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass. This could lead to...
