VERT Threat Alert: April 2024 Patch Tuesday Analysis

Tripwire VERT

Today’s VERT Alert addresses Microsoft’s April 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-26234 This CVE describes a Proxy Driver Spoofing Vulnerability that, thanks to Microsoft’s new CWE listings , we know is tied to Improper Access Control. From a published Sophos write-up , we know that this is tied to a threat actor that has been working with a valid Microsoft Windows hardware Compatibility Program (WHCP) Certificate that has now been revoked…

The post “VERT Threat Alert: April 2024 Patch Tuesday Analysis” appeared first on TripWire

Source:TripWire – Tyler Reguly