Patch Tuesday Clear your Microsoft system administrator's diary: The batch of fixes in Redmond's July Patch Tuesday is a dud, with at least two bugs under active exploitation.
Microsoft Hyper V Role on Windows Server 2019 | Install Virtual Machine [HYPER V TUTORIAL 01]
Tuesday's software updates address more than 130 Microsoft CVEs.
The first of two vulnerabilities with security under active exploitation — CVE-2024-38080 — is a Windows Hyper-V elevation of privilege vulnerability with a 7.8-out-of-10 CVSS rating, which Microsoft deemed "important."
We don't know how widespread exploitation of this is, although Microsoft notes that "an attacker who successfully exploited this vulnerability could gain system privileges." Plus, as Zero Day Initiative's Dustin Childs pointed out, this exploit would prove quite useful for ransomware. If you are running Hyper-V, test and deploy this update.
