Vulnerability Alerts in Microsoft Products: NCSC Recommendations

The National Cyber Security Center (NCSC) of Vietnam, as part of AIS, periodically evaluates and warns about vulnerabilities in Microsoft products. This follows Microsoft’s release of information regarding new patch versions and vulnerabilities.

On October 8, Microsoft published a report detailing 121 new vulnerabilities, which includes 117 in its own software and four in third-party products that could potentially impact Microsoft users.

After reviewing the vulnerabilities listed by Microsoft, NCSC has urged Vietnamese agencies, organizations, and businesses to concentrate on nine vulnerabilities that pose significant threats.

Among these nine, seven are capable of Remote Code Execution (RCE) attacks. Notably, CVE-2024-43468 affects ‘Microsoft Configuration Manager,’ CVE-2024-43582 is linked to ‘Remote Desktop Protocol Server,’ CVE-2024-43572 involves ‘Microsoft Management Console,’ and CVE-2024-43504 affects ‘Microsoft Excel.’ Additional vulnerabilities in ‘Microsoft Office’ (CVE-2024-43576, CVE-2024-43616) and CVE-2024-43505 in ‘Microsoft Office Visio’ are also included.

Additionally, CVE-2024-43583 related to ‘Microsoft Winlogon’ could allow privilege escalation, while CVE-2024-43573, associated with ‘Windows MSHTML Platform,’ enables phishing attacks.

Out of these nine vulnerabilities, experts noted that CVE-2024-43583 is publicly disclosed, while CVE-2024-43572 and CVE-2024-43573 are actively being exploited.

These vulnerabilities pose serious risks as they could be exploited by attackers, leading to information security breaches that impact the systems of various organizations and businesses.

Consequently, AIS recommends that agencies and companies in Vietnam review their Windows operating systems to check for potential vulnerabilities.

If vulnerabilities are identified, the recommended course of action is to update to the latest patches as advised by Microsoft.

AIS has also urged organizations in Vietnam to enhance their monitoring and prepare to respond to potential exploitation or attacks. Keeping abreast of reports from government bodies and major institutions regarding cybersecurity is crucial for identifying risks.

In September 2024, NCSC’s remote monitoring and scanning tools detected 1,600 vulnerabilities across 5,000 publicly accessible systems on the internet.

That same month, NCSC identified 12 newly reported vulnerabilities with high-risk levels that could be leveraged against domestic bodies and organizations, affecting widely used software across various entities.