Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in the wild.
This vulnerability, first released on July 9, 2024, and last updated on September 17, 2024, poses a significant risk due to its potential for information disclosure.
The vulnerability has a CVSS score of 5.9 and stems from a weakness identified as CWE-1037: Processor Optimization Removal or Modification of Security-critical Code, which will lead to unauthorized information disclosure
The attack vector for CVE-2024-37985 is characterized as local, which indicates physical access is required. Also, no privileges or user interaction are necessary for an attack to be successful, which increases the potential risk. This flaw requires advanced technical skills to exploit
The scope of this vulnerability is marked as “changed,” suggesting that successful exploitation could impact other components beyond the initially targeted system.
The evolution of the exploit code for CVE-2024-37985 is labeled as “unproven,” meaning that while exploitation has been observed in the wild, no publicly available exploit code has been confirmed.
An official fix to address this vulnerability has been released by Microsoft, and users and organizations urged to apply updates promptly to mitigate potential risks.
