CVE-2024-43491: Servicing Stack Vulnerability in Windows 10 Version 1507 Affecting Optional Components

Microsoft has identified a critical vulnerability (CVE-2024-43491) in the Servicing Stack for Windows 10, version 1507, which affects the Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions. This vulnerability allows attackers to exploit certain issues that were previously fixed in Optional Components for Windows 10, version 1507. The problem persists in systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or any other subsequent updates until August 2024.

The vulnerability has been addressed in the September 2024 Servicing stack update (SSU KB5043936) and the September 2024 Windows security update (KB5043083). To resolve this issue, install both updates in the aforementioned order.

Exploit Details

An attacker who successfully exploits this vulnerability could roll back the fixes for some of the vulnerabilities affecting Optional Components on Windows 10, version 1507 systems. This would essentially render the previous updates useless, allowing the attacker to exploit the system.

The following PowerShell command could be used to check whether a system is vulnerable

Get-Hotfix -id KB5035858, KB5043936, KB5043083

If the command returns that KB5035858 (OS Build 10240.20526) is installed but KB5043936 and KB5043083 are not, then the system is vulnerable, and you need to install the September 2024 Servicing stack update (SSU KB5043936) and the September 2024 Windows security update (KB5043083) in that order.

For more information, please refer to the following resources

- Microsoft Security Advisory CVE-2024-43491
- KB5035858 Update Release Notes
- KB5043936 SSU Release Notes
- KB5043083 Windows Security Update Release Notes

Please note that Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017, for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions remain supported. It is strongly recommended to migrate to a newer, supported version of Windows as soon as possible to benefit from the latest security updates and features.

Timeline

Published on: 09/10/2024 17:15:36 UTC
Last modified on: 09/14/2024 02:03:46 UTC