Microsoft has released its February 2024 Patch Tuesday security updates to fix 73 vulnerabilities across its products, including 2 zero-day vulnerabilities (CVE-2024-21351 and CVE-2024-21412) that are being exploited in-the-wild.

Tracked as CVE-2024-21351, the first of the two zero-days could allow a malicious actor to inject code into SmartScreen and potentially gain code execution.

For the second zero-day vulnerability, Trend Micro’s researcher has observed a malicious campaign attributed to an APT Group tracked as ‘Water Hydra,’ which exploits CVE-2024-21412 to target financial market traders.

It can also be highlighted that on Feb 14, 2024, Microsoft updated the status of CVE-2024-21413 to indicate active exploitation, which is a flaw on Microsoft Outlook referred to as the MonikerLink bug by Check Point Research.

A. List of the Vulnerabilities

Kindly check the link below for the lists of Microsoft CVEs and non-Microsoft CVEs.

  • https://msrc.microsoft.com/update-guide/releaseNote/2024-Feb

CERT-PH recommends the following actions be taken:

  • Kindly review and apply the necessary updates to mitigate future threats.
  • For the malicious campaign of ‘Water Hydra’, kindly see the official published report of Trend Micro. Security administrators may check the Indicator of Compromised section for blocking purposes and to identify potentially malicious activity within your networks and systems.
    • Reference: https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html
  • For additional information, kindly refer to the official report.
    • https://msrc.microsoft.com/update-guide/releaseNote/2024-Feb
    • https://msrc.microsoft.com/update-guide/vulnerability
    • https://blog.checkpoint.com/research/check-point-research-unveils-critical-monikerlink-vulnerability-in-microsoft-outlook-with-a-9-8-cvss-severity-score/