微软补丁在Patch 星期二更新中积极利用了6个零天弱点。 Microsoft patches six actively exploited zero-day vulnerabilities in Patch Tuesday updates.
微软在周二的补丁更新中为六个积极利用零日弱点的漏洞发布了补丁,包括远程代码执行和特权缺陷提升。 Microsoft has released patches for six actively exploited zero-day vulnerabilities in its Patch Tuesday updates, including Remote Code Execution and elevation of privileges flaws. 受影响的系统包括微软边缘、因特网探索器、视窗服务器和微软办公室。 The affected systems include Microsoft Edge, Internet Explorer, Windows Server, and Microsoft Office. 安全专家建议尽快更新受影响系统,以减轻与这些脆弱性有关的风险。 Security experts recommend updating affected systems as soon as possible to mitigate risks associated with these vulnerabilities. 在6个零日脆弱性中,CVE-2024-38106允许攻击者利用种族条件加上不适当的记忆处理,获得系统一级的特权。 Among the six zero-day vulnerabilities, CVE-2024-38106 allows an attacker to gain system-level privileges by exploiting a race condition combined with improper memory handling.