內容說明：

CISA於7/8至7/14在Known Exploited Vulnerabilities Catalog(KEV)中發布3個已遭駭客利用之漏洞。

影響平台：

受影響廠商與產品名稱如下：
Rejetto｜HTTP File Server
Microsoft｜Windows Hyper-V
Microsoft｜Windows MSHTML Platform

處置建議：

修補說明請參考以下官方連結：
Rejetto｜HTTP File Server
https://github.com/rejetto/hfs?tab=readme-ov-file#installation
https://www.rejetto.com/hfs/
Microsoft｜Windows Hyper-V
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080
Microsoft｜Windows MSHTML Platform
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112

CVE編號：

CVE-2024-23692
CVE-2024-38080
CVE-2024-38112

參考資料：

https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://nvd.nist.gov/vuln/detail/CVE-2024-23692
https://nvd.nist.gov/vuln/detail/CVE-2024-38080
https://nvd.nist.gov/vuln/detail/CVE-2024-38112
https://github.com/rejetto/hfs?tab=readme-ov-file#installation
https://www.rejetto.com/hfs/
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112

新聞來源：https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alerts/1564/
發布日期：26/07/2024