In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical flaws.
This December update marks a crucial milestone in Microsoft’s ongoing efforts to enhance the security of its products and protect users from potential cyber threats.
Critical Vulnerabilities Patched
The 16 critical vulnerabilities patched this month primarily affect Windows Remote Desktop Services, Windows Hyper-V, and the Lightweight Directory Access Protocol (LDAP) Client.
If exploited, these flaws could lead to remote code execution, potentially allowing attackers to gain full control of affected systems.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
Among the most severe vulnerabilities are:
- CVE-2024-49106, CVE-2024-49108, and CVE-2024-49115: Remote Code Execution Vulnerabilities in Windows Remote Desktop Services
- CVE-2024-49117: A Remote Code Execution vulnerability in Windows Hyper-V
- CVE-2024-49124: A Remote Code Execution vulnerability in the Lightweight Directory Access Protocol (LDAP) Client
Microsoft urges users and system administrators to apply these patches immediately to mitigate the risk of potential attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-43451 to its Known Exploited Vulnerabilities Catalog, emphasizing the urgency of patching this flaw.
In addition to the critical and zero-day vulnerabilities, Microsoft has patched a wide range of important security issues across its product lineup. These include:
- 30 Remote Code Execution vulnerabilities
- 28 Elevation of Privilege vulnerabilities
- 4 Denial of Service vulnerabilities
- 1 Spoofing vulnerabilities
- 7 Information Disclosure vulnerability
- 1 Defense in Depth
Impact on Enterprise Systems
The December Patch Tuesday update is particularly significant for enterprise users. IT administrators should prioritize testing and deploying these patches, especially those affecting Windows Server, Exchange Server, and Active Directory services.
72 Vulnerabilities Fixed in Microsoft Patch Tuesday, December
CVE Number | CVE Title | Impact |
CVE-2024-49106 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49108 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49115 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49117 | Windows Hyper-V Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49119 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49120 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49122 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49123 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49124 | Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49126 | Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49132 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49112 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49116 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49118 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49127 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49128 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-38033 | PowerShell Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-43594 | System Center Operations Manager Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49057 | Microsoft Defender for Endpoint on Android Spoofing Vulnerability | Spoofing |
CVE-2024-49059 | Microsoft Office Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49064 | Microsoft SharePoint Information Disclosure Vulnerability | Information Disclosure |
CVE-2024-49068 | Microsoft SharePoint Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49069 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49070 | Microsoft SharePoint Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49073 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49074 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49084 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49085 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49086 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49087 | Windows Mobile Broadband Driver Information Disclosure Vulnerability | Information Disclosure |
CVE-2024-49089 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49091 | Windows Domain Name Service Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49092 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49093 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49094 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49096 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Denial of Service |
CVE-2024-49097 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49098 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Information Disclosure |
CVE-2024-49099 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Information Disclosure |
CVE-2024-49101 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49102 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49103 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Information Disclosure |
CVE-2024-49104 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49107 | WmsRepair Service Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49111 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49121 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Denial of Service |
CVE-2024-49125 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49129 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Denial of Service |
CVE-2024-49142 | Microsoft Access Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-43600 | Microsoft Office Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49062 | Microsoft SharePoint Information Disclosure Vulnerability | Information Disclosure |
CVE-2024-49063 | Microsoft/Muzic Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49065 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49072 | Windows Task Scheduler Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49075 | Windows Remote Desktop Services Denial of Service Vulnerability | Denial of Service |
CVE-2024-49076 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49077 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49078 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49079 | Input Method Editor (IME) Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49080 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | Remote Code Execution |
CVE-2024-49081 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49082 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure |
CVE-2024-49083 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49088 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49090 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49095 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49109 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49110 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49113 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Denial of Service |
CVE-2024-49114 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
CVE-2024-49138 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
ADV240002 | Microsoft Office Defense in Depth Update | Defense in Depth |
Microsoft has also announced a preview program for hotpatching both Windows 11 Enterprise 24H2 and Windows 365 Enterprise. This new model aims to reduce required reboots from twelve to four per year, potentially minimizing downtime for enterprise systems.
As we approach the end of 2024, Microsoft continues to advance its Secure Future Initiative. The company is preparing for the release of a new operating system in 2025, coinciding with Windows 10 entering Extended Security Update (ESU) support.
This new OS is expected to feature a more secure kernel, tighter controls on applications and drivers, and enhanced AI capabilities.
The December 2024 Patch Tuesday underscores the ongoing importance of prompt security updates. As cyber threats continue to evolve, regular patching remains a critical defense against potential exploits.
Users and organizations are strongly advised to apply these updates as soon as possible to ensure the security and integrity of their systems.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free