About the Vulnerability
Introduction
Script engine, a script parsing engine developed by Microsoft for web browsers, is responsible for executing scripts on web pages.
Summary
On August 14, 2024, Sangfor FarSight Labs received notification that a script engine component contains information of memory breakdown vulnerability(CVE-2024-38178), classified as high in threat level.
Attackers need to lure the victim into using the Edge browser in IE mode to access the attacker's malicious link, exploiting the vulnerability to craft malicious data execution remote code to attack without authorization, ultimately executing commands on the victim's system.
Affected Versions
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Solutions
Remediation Solutions
Check the System Version
Press the combination key “Win-R”, and type “winver” in the dialog of the pop-up window “Run”, then click “OK”
Official Solution
Affected users are strongly advised to update the version to fix the vulnerability.
Download link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178
Method of putting patches/updating:
Click “Settings” - “Windows Update” - “Check for updates”.
Temporary Solution
This temporary remediation suggestion comes with certain risks; it is recommended that users carefully consider adopting the temporary repair solution based on the characteristics of their business systems:
Enter“edge://settings/defaultbrowser”in the address field of edge browser.
Under “Internet Explorer compatibility”, select “Don’t allow” in “Allow sites to be reloaded in Internet Explorer mode(IE mode)” and restart the browser.
Timeline
On August 14, 2024, Sangfor FarSight Labs received notification that the security patches has been officially released by Microsoft.
On August 14, 2024, Sangfor FarSight Labs released a vulnerability alert.
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178
