Microsoft April 2024 Security Updates: Zero-Day Exploited, Critical Vulnerabilities Addressed

/HIGH
SCW incdisraelvulnerabilityadvisoryalert
Microsoft April 2024 Security Updates: Zero-Day Exploited, Critical Vulnerabilities Addressed

The Israel National Cyber Directorate (INCD) has issued a critical alert regarding Microsoftโ€™s April 2024 security updates. On April 14th, Microsoft released approximately 163 security updates addressing vulnerabilities across its supported software. Additionally, 78 security updates were published for the Chromium-based Edge browser.

Of significant concern, one vulnerability is already being actively exploited in the wild as a zero-day. Details of another vulnerability have been publicly disclosed, increasing its potential for exploitation. The INCD highlights that 8 vulnerabilities are classified as critical, with 7 of these potentially allowing for remote code execution (RCE). Furthermore, 19 vulnerabilities are deemed highly likely to be exploited by attackers, and 20 vulnerabilities specifically enable RCE.

The INCD strongly advises organizations to thoroughly test these updates in a controlled environment before deploying them across their networks. Prompt installation of these patches is crucial to mitigate the risk posed by these actively exploited and critical vulnerabilities.

Attached Files:

What This Means For You

  • Prioritize patching the zero-day vulnerability and the 7 critical RCE vulnerabilities identified by the INCD, as these pose the most immediate and severe threat.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1200 Hardware Additions Persistence T1059.001 PowerShell Execution

๐Ÿ›ก๏ธ Detection Rules

7 rules ยท 6 SIEM formats

7 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free โ€” export to any SIEM format via the Intel Bot.

high T1190 Initial Access

Web Application Exploitation Attempt โ€” Microsoft

Sigma YAML โ€” free preview
โœ“ Sigma ยท Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Export via Bot โ†’

Indicators of Compromise

IDTypeIndicator
Microsoft April 2024 Security Updates Remote Code Execution 7 vulnerabilities potentially allowing for remote code execution (RCE)
Microsoft April 2024 Security Updates Remote Code Execution 20 vulnerabilities specifically enable RCE
Microsoft April 2024 Security Updates Vulnerability one vulnerability is already being actively exploited in the wild as a zero-day
Microsoft April 2024 Security Updates Vulnerability Details of another vulnerability have been publicly disclosed
Microsoft April 2024 Security Updates Vulnerability 8 vulnerabilities are classified as critical

By Shimi's Cyber World Editorial

Source & Attribution
Source PlatformINCD
ChannelIsrael National Cyber Directorate
Channel IDincd
Message ID1988
PublishedApril 17, 2026 at 15:00 UTC
Original Linkhttps://www.gov.il/he/pages/alert_1988

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.