JPCERT-AT-2024-0008 JPCERT/CC 2024-04-10 <<< JPCERT/CC Alert 2024-04-10 >>> Microsoft Releases April 2024 Security Updates https://www.jpcert.or.jp/english/at/2024/at230007.html I. Overview Microsoft has released April 2024 Security Updates to address the vulnerabilities in their products. Remote attackers leveraging these vulnerabilities may be able to execute arbitrary code. It is recommended to check the information provided by Microsoft and apply the updates. Microsoft Corporation April 2024 Security Updates https://msrc.microsoft.com/update-guide/en-us/releaseNote/2024-Apr Microsoft Corporation Microsoft Security Updates for April 2024 (Monthly) (Japanese) https://msrc.microsoft.com/blog/2024/04/202404-security-update/ According to Microsoft, among the vulnerabilities, the following vulnerability has been confirmed to be exploited in the wild. Please consider applying the security update programs by referring to the information provided by Microsoft. Also, Sophos published a blog detailing how they had reported the issue to Microsoft. CVE-2024-26234 Proxy Driver Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26234 Sophos Smoke and (screen) mirrors: A strange signed backdoor https://news.sophos.com/en-us/2024/04/09/smoke-and-screen-mirrors-a-strange-signed-backdoor/ II. Solution Please apply the security update programs through Microsoft Update, Windows Update, etc. as soon as possible. Microsoft Update Catalog https://www.catalog.update.microsoft.com/ Windows Update: FAQ https://support.microsoft.com/en-us/help/12373/windows-update-faq III. References Microsoft Corporation Release Notes https://msrc.microsoft.com/update-guide/ If you have any information regarding this alert, please contact JPCERT/CC. ====================================================================== JPCERT Coordination Center (Early Warning Group) MAIL: ew-info@jpcert.or.jp https://www.jpcert.or.jp/english/