Zero Day Initiative | Blog
Follow
The August 2024 Security Update Review
Adobe Security Updates for August 2024- Adobe released patches for 11 security bulletins, addressing 71 CVEs in various software, including Acrobat, Photoshop, and Illustrator.
- The update for Adobe Commerce includes several fixes for critical code execution bugs.
- None of the vulnerabilities are known to be actively exploited or publicly known.Microsoft Security Updates for August 2024- Microsoft released 90 new CVEs in various products, with four reported through the ZDI program.
- Of the 102 total CVEs, seven are rated critical, 79 are important, and one is moderate in severity.
- Four of the vulnerabilities, including CVE-2024-38178, are under active exploit and have public proof-of-concepts available.
- The patch for Windows 11 v24H2 also includes a fix for the exploited vulnerability CVE-2024-38178.
- CVE-2024-38189 marks a rare code execution vulnerability in Microsoft Project, which is actively exploited and requires macros to be enabled.Additional Notes- Microsoft also released patches for third-party vulnerabilities in Redhat's grub2 and Shim.
- Adobe categorizes these updates as a deployment priority rating of 3.