[Solved] CVE-2024-35250 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

In December 2024, the Cybersecurity and Infrastructure Security Agency (CISA) identified active exploitation of the CVE-2024-35250 vulnerability, despite it being initially disclosed in June 2024. This Windows Kernel-Mode Driver vulnerability can allow attackers to gain elevated privileges, posing significant risks to affected systems. This blog will guide you through the necessary steps to ensure that your system is secure by installing the essential security updates released in June.

Understanding CVE-2024-35250

CVE-2024-35250 is a critical vulnerability that affects the Windows Kernel-Mode Driver. Exploiting this vulnerability allows attackers to execute arbitrary code with SYSTEM privileges, potentially leading to system crashes, data breaches, and unauthorized access. Given its severity and the fact that it’s actively being exploited, it’s crucial to take immediate action to secure your systems.

Importance of Timely Updates

Security updates, also known as patches, are essential for maintaining the integrity and security of your system. These updates address known vulnerabilities, including CVE-2024-35250, and provide necessary fixes to protect your system from attacks. Delaying the installation of these updates can leave your system vulnerable and exposed to potential threats.

Steps to Ensure Proper Installation of June Security Updates

To safeguard your system against the CVE-2024-35250 vulnerability, it’s imperative to ensure that the relevant June security updates are installed correctly. Here’s how you can do it:

1. Check for Available Updates
First, you need to check for any available updates on your system. Follow these steps:

Open Settings: Click on the Start menu and select Settings (gear icon).

Go to Update & Security: In the Settings window, click on Update & Security.

Check for Updates: Click the Check for updates button. Windows will scan for available updates and display a list of updates that need to be installed.

2. Install the June Security Updates
Once you’ve checked for updates, make sure to install the specific security updates released in June. The key updates include:

KB5012170: This update specifically addresses the CVE-2024-35250 vulnerability. It is crucial to install this update to mitigate the risk associated with this vulnerability.

Other June Security Updates: Ensure that all other security updates released in June are installed as well, as they may contain additional important fixes.

3. Manual Installation from the Microsoft Update Catalog
In some cases, automatic updates may not be available or fail to install. In such scenarios, you can manually download and install the updates from the Microsoft Update Catalog. Here’s how:

Visit the Microsoft Update Catalog: Go to the Microsoft Update Catalog.

Search for KB5012170: In the search bar, enter “KB5012170” and press Enter. This will display the specific update you need.

Download the Update: Click on the Download button next to the update. Choose the appropriate version for your system (32-bit or 64-bit).

Install the Update: Once the update is downloaded, run the installer and follow the on-screen instructions to complete the installation.

4. Verify Installation
After installing the updates, it’s important to verify that they were installed correctly. Here’s how to do this:

Check Update History: Open the Update & Security settings and click on View update history. This will display a list of installed updates. Ensure that KB5012170 and other June updates are listed as successfully installed.

Restart Your System: A system restart is often required to apply the updates fully. Restart your computer if prompted, and ensure that the updates are applied.

Additional Security Best Practices
In addition to installing the necessary updates, consider implementing the following best practices to enhance your system’s security:

Enable Automatic Updates: Enable automatic updates to ensure that your system receives the latest security patches promptly. This minimizes the risk of missing critical updates.

Use Strong Passwords: Ensure that your accounts are protected with strong, unique passwords. Consider using a password manager to generate and store complex passwords.

Enable Multi-Factor Authentication (MFA): Implement MFA for an added layer of security. This requires additional verification steps, such as a code sent to your mobile device, before accessing your accounts.

Regularly Backup Your Data: Regularly back up your important data to an external storage device or a cloud service. This ensures that you can recover your data in case of a security incident.

Stay Informed: Keep yourself informed about the latest security threats and best practices. Subscribe to security blogs, newsletters, and follow reputable cybersecurity organizations.

Addressing Issues with Updates

Sometimes, updates may not install correctly due to various reasons such as network issues, conflicts with existing software, or corrupted files. If you encounter any issues, follow these steps:

Run Windows Update Troubleshooter: Windows has a built-in troubleshooter that can help identify and fix issues with Windows Update. You can find it in the Update & Security settings under Troubleshoot.

Repair Component Store: Use the DISM tool to repair the component store. Open Command Prompt as Administrator and run:

bash
DISM /Online /Cleanup-Image /RestoreHealth /Source:wim:”D:\sources\install.wim”:4 /LimitAccess
Replace D:\sources\install.wim with the correct path to your Windows installation media.

Run System File Checker (SFC): After running