Microsoft patches critical zero-click TCP/IP RCE flaw CVE-2024-38063, North Korea’s Lazarus Group exploits zero-day flaw, CVE-2024-38193

Microsoft has patched two critical security flaws in Windows, a zero-click TCP/IP RCE flaw (CVE-2024-38063) and a zero-day flaw (CVE-2024-38193) exploited by North Korea’s Lazarus Group. The zero-click flaw could allow unauthenticated remote code execution attacks on Windows systems with IPv6 enabled, while the zero-day flaw was used by the Lazarus Group to gain system privileges.

CVE-2024-38063 zero-click TCP/IP RCE flaw

The flaw, described as a wormable vulnerability, was patched by Microsoft on August 13, 2024, as part of its monthly security update (KB5041160). The flaw affects all Windows systems with IPv6 enabled and could allow attackers to execute arbitrary code on vulnerable systems without any user interaction.

CVE-2024-38193 zero-day flaw

The zero-day flaw, tracked as CVE-2024-38193, was exploited by the Lazarus Group to gain system privileges on Windows systems. The flaw was patched by Microsoft in June 2024, but details of the vulnerability were only recently disclosed. The Lazarus Group is a state-sponsored actor affiliated with North Korea, known for its sophisticated cyberattacks.

Patch Tuesday updates

Microsoft has urged users to apply the patches immediately to protect against potential attacks. The company’s swift action in addressing these critical security flaws underscores its commitment to enhancing security against sophisticated threats.

1. CVE-2024-38063: A zero-click TCP/IP RCE flaw that could allow unauthenticated remote code execution attacks on Windows systems with IPv6 enabled.
2. CVE-2024-38193: A zero-day flaw exploited by North Korea’s Lazarus Group to gain system privileges on Windows systems.
3. Patch: Microsoft has patched both flaws as part of its monthly security updates.
4. Lazarus Group: A state-sponsored actor affiliated with North Korea, known for its sophisticated cyberattacks.

The patching of these critical security flaws highlights the ongoing battle between tech giants like Microsoft and state-sponsored actors. It underscores the importance of continuous vigilance and swift action in addressing security vulnerabilities to protect users and maintain the integrity of digital systems.

About The Author

Dave W. Shanahan

I’m Dave W. Shanahan, a Microsoft enthusiast with a passion for Windows, Xbox, Microsoft 365 Copilot, Azure, and more. I started MSFTNewsNow.com to keep the world updated on Microsoft news. Based in Massachusetts, you can email me at davewshanahan@gmail.com.

See author's posts