Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities
Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities
08 August 2024
Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the Windows files with older versions.
The vulnerabilities are listed below -
CVE-2024-38202 (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-21302 (CVSS