CVE-2024-38080 and CVE-2024-38112 are 2 of 10 information security vulnerabilities that exist in Microsoft products and are being attacked by hackers.
Specifically, the vulnerability with code CVE-2024-38080 exists in Windows Hyper-V, allowing attackers to escalate privileges; the vulnerability CVE-2024-38112 in Windows MSHTML Platform allows attackers to perform spoofing attacks.
The Department of Information Security has sent a warning about this incident to specialized IT and information security units of ministries, branches and localities; state-owned corporations and groups; joint stock commercial banks and financial institutions.
According to the warning, from 139 information security vulnerabilities existing in Microsoft products that have just been patched by this technology company, experts from the Department of Information Security recommend that agencies, organizations and businesses nationwide pay special attention to 10 vulnerabilities with high and serious impacts.
In addition to the two vulnerabilities mentioned above, there are eight more vulnerabilities that allow attackers to execute code remotely, including: Three vulnerabilities CVE-2024-38074, CVE-2024-38076 and CVE-2024-38077 exist in Windows Remote Desktop Licensing Service; vulnerability CVE-2024-38060 in Windows Imaging Component; three vulnerabilities CVE-2024-38023, CVE-2024-38024, CVE-2024-38094 in Microsoft SharePoint Server; vulnerability CVE-2024-38021 in Microsoft Office.
To ensure the security of the unit's information system and contribute to ensuring the security of Vietnam's cyberspace, the Department of Information Security recommends that agencies, organizations and enterprises nationwide conduct inspections, reviews and identify computers using the Windows operating system that are likely to be affected by the above-mentioned high-level and serious information security vulnerabilities.
In case of being affected, units need to urgently update the patch to promptly avoid the risk of cyber attacks from exploiting information security vulnerabilities.
“The best solution is to update the patch for the above information security vulnerabilities according to the manufacturer's instructions,” the expert from the Department of Information Security emphasized.
In addition, agencies, organizations and businesses are also required to strengthen monitoring and prepare response plans when detecting signs of exploitation and cyber attacks; at the same time, regularly monitor warning channels of authorities and large organizations on information security to promptly detect risks of cyber attacks.
When needing support, units can contact the Information Security Department's focal point, the National Cyber Security Monitoring Center - NCSC, by phone: 02432091616 and email '[email protected]'.
Source: https://kinhtedothi.vn/san-pham-microsoft-dang-bi-hacker-tan-cong.html
![[Photo] President Luong Cuong receives Ethiopian Prime Minister Abiy Ahmed Ali](https://vstatic.vietnam.vn/vietnam/resource/IMAGE/2025/4/16/504685cac833417284c88a786739119c)
![[Photo] Many practical activities of the 9th Vietnam-China border defense friendship exchange](https://vstatic.vietnam.vn/vietnam/resource/IMAGE/2025/4/16/3016ed3ef51049219574230056ddb741)
![[Photo] National Assembly Chairman Tran Thanh Man meets with Ethiopian Prime Minister Abiy Ahmed Ali](https://vstatic.vietnam.vn/vietnam/resource/IMAGE/2025/4/16/c196dbc1755d46e4ae7b506c5c15be55)
![[Photo] Opening of the 4th Summit of the Partnership for Green Growth and the Global Goals](https://vstatic.vietnam.vn/vietnam/resource/IMAGE/2025/4/16/488550ff07ce4cd9b68a2a9572a6e035)
![[Photo] President Luong Cuong meets 100 typical examples of the Deeds of Kindness Program](https://vstatic.vietnam.vn/vietnam/resource/IMAGE/2025/4/16/ce8300edfa7e4afbb3d6da8f2172d580)
Comment (0)