Today is Microsoft's December 2024 Patch Tuesday, that includes security updates for 71 defects, consisting of one actively made use of zero-day vulnerability.
This Patch Tuesday repaired sixteen crucial vulnerabilities, all of which are remote code execution defects.
This count does not consist of 2 Edge defects that were formerly repaired on December 5 and 6th.
This month's Patch Tuesday repairs one actively made use of, openly revealed zero-day vulnerability.
Microsoft categorizes a zero-day defect as one that is openly revealed or actively made use of while no main repair is readily available.
CVE-2024-49138 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft has actually repaired an actively made use of zero-day that permits opponents to acquire SYSTEM advantages on Windows gadgets.
No info has actually been launched regarding how the defect was made use of in attacks.
As it was found by the Advanced Research Team with CrowdStrike, we will likely see a report about its exploitation in the future.
BleepingComputer called CrowdStrike to find out more however has actually not yet gotten a reaction.
Below is the total list of dealt with vulnerabilities in the December 2024 Patch Tuesday updates.
To access the complete description of each vulnerability and the systems it impacts, you can see the complete report here.
Tag CVE ID CVE Title Severity GitHub CVE-2024-49063 Microsoft/Muzic Remote Code Execution Vulnerability Important Microsoft Defender for Endpoint CVE-2024-49057 Microsoft Defender for Endpoint on Android Spoofing Vulnerability Important Microsoft Edge (Chromium-based) CVE-2024-12053 Chromium: CVE-2024-12053 Type Confusion in V8 Unknown Microsoft Edge (Chromium-based) CVE-2024-49041 Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Microsoft Office ADV240002 Microsoft Office Defense in Depth Update Moderate Microsoft Office CVE-2024-49059 Microsoft Office Elevation of Privilege Vulnerability Important Microsoft Office CVE-2024-43600 Microsoft Office Elevation of Privilege Vulnerability Important Microsoft Office Access CVE-2024-49142 Microsoft Access Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2024-49069 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Publisher CVE-2024-49079 Input Method Editor (IME) Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2024-49064 Microsoft SharePoint Information Disclosure Vulnerability Important Microsoft Office SharePoint CVE-2024-49062 Microsoft SharePoint Information Disclosure Vulnerability Important Microsoft Office SharePoint CVE-2024-49068 Microsoft SharePoint Elevation of Privilege Vulnerability Important Microsoft Office SharePoint CVE-2024-49070 Microsoft SharePoint Remote Code Execution Vulnerability Important Microsoft Office Word CVE-2024-49065 Microsoft Office Remote Code Execution Vulnerability Important Role: DNS Server CVE-2024-49091 Windows Domain Name Service Remote Code Execution Vulnerability Important Role: Windows Hyper-V CVE-2024-49117 Windows Hyper-V Remote Code Execution Vulnerability Critical System Center Operations Manager CVE-2024-43594 System Center Operations Manager Elevation of Privilege Vulnerability Important Windows Cloud Files Mini Filter Driver CVE-2024-49114 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2024-49088 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2024-49138 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2024-49090 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows File Explorer CVE-2024-49082 Windows File Explorer Information Disclosure Vulnerability Important Windows IP Routing Management Snapin CVE-2024-49080 Windows IP Routing Management Snapin Remote Code Execution Vulnerability Important Windows Kernel CVE-2024-49084 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel-Mode Drivers CVE-2024-49074 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49121 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49124 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability Critical Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49112 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49113 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49127 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-49126 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability Critical Windows Message Queuing CVE-2024-49118 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical Windows Message Queuing CVE-2024-49122 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical Windows Message Queuing CVE-2024-49096 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Important Windows Mobile Broadband CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important Windows Mobile Broadband CVE-2024-49077 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important Windows Mobile Broadband CVE-2024-49083 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important Windows Mobile Broadband CVE-2024-49092 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important Windows Mobile Broadband CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability Important Windows Mobile Broadband CVE-2024-49110 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important Windows Mobile Broadband CVE-2024-49078 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2024-49095 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2024-49097 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows Remote Desktop CVE-2024-49132 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49115 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49116 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49123 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49129 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Important Windows Remote Desktop Services CVE-2024-49075 Windows Remote Desktop Services Denial of Service Vulnerability Important Windows Remote Desktop Services CVE-2024-49128 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49106 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49108 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49119 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Remote Desktop Services CVE-2024-49120 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical Windows Resilient File System (ReFS) CVE-2024-49093 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2024-49085 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2024-49086 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2024-49089 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2024-49125 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2024-49104 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2024-49102 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important Windows Task Scheduler CVE-2024-49072 Windows Task Scheduler Elevation of Privilege Vulnerability Important Windows Virtualization-Based Security (VBS) Enclave CVE-2024-49076 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49081 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49103 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49111 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49109 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49101 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49094 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49098 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Important Windows Wireless Wide Area Network Service CVE-2024-49099 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Important WmsRepair Service CVE-2024-49107 WmsRepair Service Elevation of Privilege Vulnerability Important ยป …
Find out more
