Microsoft Patch Tuesday, December 2024, Patch for 16 Critical Security Flaws


In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical flaws.

This December update marks a crucial milestone in Microsoft’s ongoing efforts to enhance the security of its products and protect users from potential cyber threats.

Critical Vulnerabilities Patched

The 16 critical vulnerabilities patched this month primarily affect Windows Remote Desktop Services, Windows Hyper-V, and the Lightweight Directory Access Protocol (LDAP) Client.

– Advertisement –
SIEM as a Service

If exploited, these flaws could lead to remote code execution, potentially allowing attackers to gain full control of affected systems.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Among the most severe vulnerabilities are:

  • CVE-2024-49106, CVE-2024-49108, and CVE-2024-49115: Remote Code Execution Vulnerabilities in Windows Remote Desktop Services
  • CVE-2024-49117: A Remote Code Execution vulnerability in Windows Hyper-V
  • CVE-2024-49124: A Remote Code Execution vulnerability in the Lightweight Directory Access Protocol (LDAP) Client

Microsoft urges users and system administrators to apply these patches immediately to mitigate the risk of potential attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-43451 to its Known Exploited Vulnerabilities Catalog, emphasizing the urgency of patching this flaw.

In addition to the critical and zero-day vulnerabilities, Microsoft has patched a wide range of important security issues across its product lineup. These include:

  • 30 Remote Code Execution vulnerabilities
  • 28 Elevation of Privilege vulnerabilities
  • 4 Denial of Service vulnerabilities
  • 1 Spoofing vulnerabilities
  • 7 Information Disclosure vulnerability
  • 1 Defense in Depth

Impact on Enterprise Systems

The December Patch Tuesday update is particularly significant for enterprise users. IT administrators should prioritize testing and deploying these patches, especially those affecting Windows Server, Exchange Server, and Active Directory services.

72 Vulnerabilities Fixed in Microsoft Patch Tuesday, December

CVE Number CVE Title Impact
CVE-2024-49106 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49108 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49115 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49117 Windows Hyper-V Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49119 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49120 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49122 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49123 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49124 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49126 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49132 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49112 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49116 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49118 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49127 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49128 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-43594 System Center Operations Manager Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49057 Microsoft Defender for Endpoint on Android Spoofing Vulnerability Spoofing
CVE-2024-49059 Microsoft Office Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49064 Microsoft SharePoint Information Disclosure Vulnerability Information Disclosure
CVE-2024-49068 Microsoft SharePoint Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49069 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49070 Microsoft SharePoint Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49074 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49084 Windows Kernel Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49085 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49086 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability Information Disclosure
CVE-2024-49089 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49091 Windows Domain Name Service Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49092 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49093 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49094 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49096 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Denial of Service
CVE-2024-49097 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49098 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Information Disclosure
CVE-2024-49099 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Information Disclosure
CVE-2024-49101 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49102 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49103 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Information Disclosure
CVE-2024-49104 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49107 WmsRepair Service Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49111 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49121 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Denial of Service
CVE-2024-49125 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49129 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Denial of Service
CVE-2024-49142 Microsoft Access Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-43600 Microsoft Office Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49062 Microsoft SharePoint Information Disclosure Vulnerability Information Disclosure
CVE-2024-49063 Microsoft/Muzic Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49065 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49072 Windows Task Scheduler Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49075 Windows Remote Desktop Services Denial of Service Vulnerability Denial of Service
CVE-2024-49076 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49077 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49078 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49079 Input Method Editor (IME) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49080 Windows IP Routing Management Snapin Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49081 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49082 Windows File Explorer Information Disclosure Vulnerability Information Disclosure
CVE-2024-49083 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49088 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49090 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49095 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49109 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49110 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49113 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Denial of Service
CVE-2024-49114 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49138 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege
ADV240002 Microsoft Office Defense in Depth Update Defense in Depth

Microsoft has also announced a preview program for hotpatching both Windows 11 Enterprise 24H2 and Windows 365 Enterprise. This new model aims to reduce required reboots from twelve to four per year, potentially minimizing downtime for enterprise systems.

As we approach the end of 2024, Microsoft continues to advance its Secure Future Initiative. The company is preparing for the release of a new operating system in 2025, coinciding with Windows 10 entering Extended Security Update (ESU) support.

This new OS is expected to feature a more secure kernel, tighter controls on applications and drivers, and enhanced AI capabilities.

The December 2024 Patch Tuesday underscores the ongoing importance of prompt security updates. As cyber threats continue to evolve, regular patching remains a critical defense against potential exploits.

Users and organizations are strongly advised to apply these updates as soon as possible to ensure the security and integrity of their systems.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free



Source link