Governance & Risk Management , Incident & Breach Response , Patch Management

Breach Roundup: Microsoft's August Patch Contains 90 Fixes

Also: Azure Health Bot Vulnerabilities Expose Risks in Cloud-Based Chatbots
Breach Roundup: Microsoft's August Patch Contains 90 Fixes
Image: Shutterstock

Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week, Microsoft released its August patch of 90 fixes, flaws were discovered in Azure Health Bot, Orion lost $60 million in a BEC scam, Schlatter Industries was hit by malware, Microsoft said it will discontinue Paint 3D in November and Russia restricted access to Signal.

See Also: Cyber Insurance Assessment Readiness Checklist

Microsoft Fixes 90 Security Flaws in August Patch

Microsoft released updates to fix 90 security vulnerabilities across Windows and related software, including six zero-day flaws currently being exploited.

Three zero-day vulnerabilities - CVE-2024-38106, CVE-2024-38107 and CVE-2024-38193 - allow attackers to gain system-level privileges, though their exploitation complexity varies. Another zero-day, CVE-2024-38178, is a remote code execution flaw in Edge's Internet Explorer Mode.

CVE-2024-38213 is a zero-day that allows malware to bypass the "mark of the web" security feature. The final zero-day, CVE-2024-38189, affects Microsoft Project and exploits VBA Macros, but only if users disable security warnings.

Flaws in Azure Health Bot Expose Cloud-Based Chatbot Risks

Multiple privilege escalation vulnerabilities in Microsoft Azure's Health Bot service exposed the platform to potential server-side request forgery and cross-tenant resource access attacks. The computing giant patched the flaw, tracked as CVE-2024-38109, in the August patch dump.

The Azure AI Health Bot Service, used by healthcare organizations to create virtual health assistants, integrates internal processes and sensitive health information. Tenable researchers found that if exploited, the vulnerabilities could grant unauthorized access to manage resources across different Azure tenants. This would allow attackers to access internal metadata services and gain tokens for managing resources belonging to other Azure customers.

Tenable researchers found vulnerabilities in the Data Connections function, which allows integration of external APIs, including those using the Fast Healthcare Interoperability Resources format. Attackers could exploit the issues by configuring a data connection to respond with redirect codes that leaked access tokens from the IMDS.

Orion Loses $60M in BEC Scam

Luxembourg-based chemicals and manufacturing giant Orion SA lost $60 million in a business email compromise scam. The company discovered the theft on Saturday and reported the incident to U.S. regulators. The scam involved a nonexecutive employee who unknowingly transferred funds to accounts controlled by criminals. Orion expects a one-time, pre-tax loss of $60 million if the funds cannot be recovered.

The FBI is investigating, and Orion plans to pursue recovery efforts, potentially involving insurance claims.

BEC schemes typically involve impersonation or email phishing to trick employees with financial access into transferring funds to criminals' accounts. Despite some law enforcement successes, FBI data shows more than $43 billion in losses from BEC and email account compromise scams between 2016 and 2022.

Schlatter Industries Hit by Malware

Swiss engineering firm Schlatter Industries reported a Friday cyberattack on its IT network, characterizing it as a professional attempt to "blackmail Schlatter," reported Reuters. Specific details were not disclosed. Schlatter alerted authorities and is working to restore system functionality while investigating potential data theft.

Microsoft to Discontinue Paint 3D App in November

Microsoft announced that Paint 3D will be discontinued on Nov. 4 and will be removed from the Microsoft Store. Released in 2016 as a modern replacement for Paint, Paint 3D was preinstalled on some Windows 10 devices but not on Windows 11. Microsoft advises switching to Paint, Photos and 3D Viewer for 2D and 3D editing.

Russia Blocks Signal

Russian telecommunications regulator Roskomnadzor restricted access to messaging app Signal, telling Moscow-based Interfax that the end-to-end encrypted app could be used for terrorism and "extremist purposes." The Russian government is in an ongoing crackdown against political dissent that intensified after the launch of its full-scale invasion of Ukraine in February 2022. Nonprofit organization Freedom House rated Russia as "not free."

Signal acknowledged the block and advised users to enable censorship circumvention tools. Android users in Russia that don't already have Signal installed can access the Signal website directly through the Tor Browser to install the app.

Other Coverage From Last Week


About the Author

Anviksha More

Anviksha More

Senior Subeditor, ISMG Global News Desk

More has seven years of experience in journalism, writing and editing. She previously worked with Janes Defense and the Bangalore Mirror.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.