Microsoft Releases Security Updates for Multiple Products - 20240214002

LSerki · Feb 14, 2024 · eabe405 · eabe405
1 parent e371263
commit eabe405
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/docs/advisories/20240214002-Microsoft-Releases-Multiple-Updates.md b/docs/advisories/20240214002-Microsoft-Releases-Multiple-Updates.md
@@ -0,0 +1,23 @@
+# Microsoft Releases Security Updates for Multiple Products - 20240214002
+
+## Overview
+
+Microsoft has released security updates to address vulnerabilities in multiple products including **Internet Shortcut Files Security Feature Bypass Vulnerability**. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
+
+## What is vulnerable?
+
+| Product(s) Affected | Summary | Severity     | CVSS |
+| ------------------- | ------- | ------------ | ---- |
+| **Internet Shortcut Files Security Feature Bypass Vulnerability** | CVE-2024-21412 | **High** | 8.1  |
+| [**February 2024 Security Updates**](https://msrc.microsoft.com/update-guide/releaseNote/2024-Feb) |  | |  |
+
+
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer [Patch Management](../guidelines/patch-management.md))
+
+## Additional References
+
+- [CISA - Microsoft Releases Security Updates for Multiple Products](https://www.cisa.gov/news-events/alerts/2024/02/13/microsoft-releases-security-updates-multiple-products)
+- [Internet Shortcut Files Security Feature Bypass Vulnerability](https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21412)