Skip to content
BLOG

Patch Tuesday February 2024

Brock Bingham candid headshot
Brock Bingham|February 13, 2024
PatchTuesday orange
PatchTuesday orange
Sections

We’re a couple of weeks into February, and if you were hoping for a slew of patches as an early Valentine's Day gift, you’re in luck!

While I prefer chocolates, Microsoft shows it cares by showering its users with a plethora of updates. I guess protecting us from cyberthreats that would potentially derail our Valentine's Day plans (which probably involve video games and calorie-rich foods) is a sweet gesture. 

Let’s take a look at some of Patch Tuesday highlights. 

  • Total exploits patched: 77 

  • Critical patches: 5 

  • Already known or exploited: 2 

Some highlights (or lowlights) 

  • CVE-2024-21410: First up for our special Valentine's Day edition of Patch Tuesday is a Microsoft Exchange Server vulnerability that could lead to an elevation of privilege. With a CVSS score of 9.8, a rating of critical, and a network attack vector, this is one that should be patched rather quickly if you don’t already have Extended Protection for Authentication (EPA) enabled. 

  • CVE-2024-21413: Not to be outdone by the previous vulnerability, CVE-2024-21413 is a remote code execution vulnerability that targets Outlook. A successful attack could allow a bad actor to bypass the Office Protected View and open straight into editing mode instead of protected mode. And yes, the preview pane is an attack vector. Luckily, the information for this vulnerability isn’t already publicly known or exploited in the wild. 

  • CVE-2024-21412: Last, and kind of least in this list, is an internet shortcut files security feature bypass vulnerability. With a network attack vector and a low complexity, what really makes this stand out is that it’s already being exploited in the wild. However, user interaction is required, so maybe now is a good time to schedule another security training for your users. 

Wrapping up 

Don’t let patch deployments spoil your special Valentine's Day plans. Discover the power of automated patch management, which is not only possible but super simple to implement with tools like PDQ Connect and PDQ Deploy & Inventory

To help you remember where you can turn for easy patch management, I’ve written this poem for you. 

Roses are red, 

Violets are blue, 

Patch management is easy

With a little help from PDQ.

Loading...

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles

Illustration of computer with shield and lock that represents security

How to read a vulnerability scan report

SECURITY

Security green

What is attack surface management?

SECURITY

Illustration that shows logo of PDQ Connect

PDQ Connect announces custom fields

PRODUCT