The two zero-day flaws addressed are CVE-2024-30040 and CVE-2024-30051. CVE-2024-30040 is a security features bypass issue in the Windows MSHTML platform, which could allow an attacker to bypass OLE mitigations in Microsoft 365 and Microsoft Office. This vulnerability has been actively exploited, and Microsoft advises patching it as soon as possible.

CVE-2024-30051 is used as part of post-compromise activity to elevate privileges as a local attacker. Typically, zero-day exploitation of an elevation of privilege flaw is often associated with targeted attack campaigns. However, we know that post-patch, threat actors continue to find success using privilege escalation flaws. For instance, a recent joint cybersecurity advisory about the Black Basta ransomware group from CISA, FBI, HHS and MS-ISAC notes the use of multiple privilege escalation flaws by Black Basta affiliates as part of their ransomware activity.

Additionally, there is a critical vulnerability, CVE-2024-30044, which addresses a remote code execution flaw in Microsoft SharePoint Server. This vulnerability requires a specially crafted file to be uploaded to the targeted SharePoint Server and crafted API requests to trigger deserialization of file parameters. While no attacks have been seen in the wild, Microsoft advises patching this vulnerability to prevent potential exploitation.

Microsoft also released security updates for Visual Studio (CVE-2024-30046 and CVE-2024-30045) and republished eight CVEs for third-party software from GitHub and Google Chrome that affect Microsoft products. These updates are important for IT professionals to prioritize, especially considering the challenges of patching development tools and the potential for patches to break specific functionality.

While the number of vulnerabilities addressed in May's Patch Tuesday is lower than usual, the focus on Windows and browser updates is crucial for maintaining security. IT professionals should prioritize patching the two zero-day flaws and the critical SharePoint vulnerability to ensure the protection of their systems. 

Understanding the most common web application vulnerabilities is the first step in safeguarding your digital assets. By familiarizing yourself with these vulnerabilities and using tools like VScanner, even smaller companies can manage the risks associated with web applications. In the world of cyber threats, knowledge and preparation are your best defense.

Discover & Solve Your Domain Vulnerabilities Now ! #VulnerabilityScanner #VScanner #CyberSecurity