This week marked the arrival of the month-to-month scheduled updates from Microsoft. With November 2024 Patch Tuesday, Microsoft addressed round 90 totally different safety vulnerabilities throughout numerous merchandise.
A number of Zero-Day Vulnerabilities Addressed
With November Patch Tuesday, Microsoft addressed a number of critical vulnerabilities, together with some publicly recognized and actively exploited flaws, affecting totally different providers.
A very powerful of those vulnerabilities is CVE-2024-43498. Microsoft outlined it as a critical-severity distant code execution vulnerability affecting .NET and Visible Studio. An unauthenticated, distant attacker might exploit the flaw by sending maliciously crafted requests to the goal .NET net app or importing a malicious file on a susceptible system. This vulnerability obtained a CVSS rating of 9.8. Though Microsoft didn’t point out it as a zero-day, ZDI believes it’s one, as they discovered a report highlighting an analogous subject.
Nonetheless, the tech big did admit the next two flaws as zero-day vulnerabilities.
- CVE-2024-43451 (vital; CVSS 6.5): A spoofing vulnerability that would disclose a consumer’s NTLMv2 hash, permitting fraudulent consumer authentication by an adversary. Exploiting the flaw required the attacker to trick the goal consumer into clicking or interacting with a maliciously crafted file. Microsoft confirmed that it detected energetic exploitation of the flaw following public disclosure.
- CVE-2024-49039 (vital; CVSS 8.8): A privilege escalation vulnerability in Home windows Process Scheduler that was attacked earlier than a repair might arrive. Exploiting the flaw required the attacker to run a maliciously crafted app on the goal system. As soon as finished, the attacker might achieve elevated privileges and execute RPC capabilities.
- CVE-2024-49019 (vital; CVSS 7.8): A privilege escalation flaw in Lively Listing Certificates Providers. Microsoft confirmed public disclosure of the flaw earlier than a repair, but they didn’t detect any exploitation makes an attempt. Exploiting this vulnerability might give an adversary area administrator privileges. Microsoft listed a number of measures of their advisory to mitigate the flaw.
Different Patch Tuesday November Updates From Microsoft
Aside from the above, Microsoft additionally addressed three important vulnerabilities this month. These embody,
- CVE-2024-49056 (important; CVSS 7.3): An authentication bypass vulnerability affected airlift.microsoft.com. Exploiting the flaw might let a licensed attacker achieve elevated privileges.
- CVE-2024-43625 (important; CVSS 8.1): A privilege escalation subject affecting the VmSwitch element inside Hyper-V.
- CVE-2024-43639 (important; CVSS 9.8): A distant code execution flaw affecting Home windows Kerberos.
This month, Microsoft patched 89 safety points, together with 84 vulnerabilities of vital severity and a single moderate-severity privilege escalation flaw.
Whereas Microsoft updates routinely attain all eligible units, customers should test their techniques manually for any updates to obtain all safety fixes in time.
Tell us your ideas within the feedback.
