Microsoft December 2024 Patch Tuesday

   Aralık 10, 2024  Posted in CyberSecurityNews


Microsoft Patch Tuesday December 2024

Microsoft released a security as part of the December Patch Tuesday that addressed 72 vulnerabilities, including 30 classified as critical Remote Code Execution (RCE) vulnerabilities.

These fixes are crucial for securing Windows operating systems and related software against potential exploitation.

Key Highlights of December 2024 Patch Tuesday Updates:

A recent security update has addressed a total of 71 vulnerabilities across various platforms,, including 30 remote code execution vulnerabilities and 28 elevation of privilege vulnerabilities, which represent critical risks to system security. Additionally, it resolves 4 denial of service vulnerabilities, 1 spoofing vulnerability, and 7 information disclosure vulnerabilities. The update also includes 1 defense-in-depth improvement, further enhancing overall system protection.

Additionally, the update resolved other issues such as elevation of privilege vulnerabilities, security feature bypasses, and more.

The affected platforms include a wide range of Windows versions, from modern systems like Windows 11 and Windows 10 to older systems such as Windows Server 2008 and various Windows Server variants.

Critical Remote Code Execution Vulnerabilities

This month’s patch includes fixes for CVE-2024-49116, a highly critical RCE vulnerability impacting multiple versions of Windows Server. Exploiting this flaw could allow attackers to execute arbitrary code remotely, potentially granting full system control.

Here are some of the products affected by CVE-2024-49116:

  • Windows Server 2025 (Server Core Installation)
  • Windows Server 2022, 23H2 Edition (Server Core installation)
  • Windows Server 2022
  • Windows Server 2019
  • Windows Server 2012 R2

Additionally, an RCE vulnerability with CVE-2024-49112 impacts Windows 10 Version 1809 for both x64 and 32-bit systems.

Elevation of Privilege Vulnerabilities

Microsoft also addressed multiple Elevation of Privilege (EoP) vulnerabilities, which are critical in preventing attackers from gaining unauthorized access to higher system privileges.

Key Elevation of Privilege updates include:

  • CVE-2024-49138: Affects Windows 11 Version 22H2 and Windows 10 Version 21H2 across various architectures.
  • CVE-2024-49110: A significant EoP vulnerability affecting Windows Server 2025, Windows 11 Version 24H2, and other platforms.
  • CVE-2024-49077: Impacts Windows Server 2022 23H2 Edition, as well as Windows 11 Version 23H2 systems.

For Windows 11, Version 22H2 addressed CVE-2024-49138 and CVE-2024-49081, targeting Elevation of Privilege risks. Version 23H2 resolved CVE-2024-49077, also related to Privilege Elevation. Additionally, Version 24H2 tackled CVE-2024-49110, a key Elevation of Privilege vulnerability.

In Windows 10, Version 22H2 fixed CVE-2024-49081, addressing Elevation of Privilege flaws. Version 21H2 resolved both CVE-2024-49081 and CVE-2024-49138 to mitigate privilege escalation threats.

For Windows Server, critical vulnerabilities were addressed in multiple versions.

  • Windows Server 2025 patched CVE-2024-49116 (Remote Code Execution) and CVE-2024-49077 (Elevation of Privilege).
  • Windows Server 2022 resolved both RCE and EoP vulnerabilities, including CVE-2024-49116 and CVE-2024-49081.
  • Windows Server 2012 and 2012 R2 fixed CVE-2024-49088 (Elevation of Privilege) and CVE-2024-49080 (Remote Code Execution)
  • Windows Server 2008 and 2008 R2 addressed critical Privilege Escalation vulnerabilities such as CVE-2024-49088.

With many vulnerabilities marked as Important or Critical, these updates are essential to prevent potential exploitation. Organizations and individuals are urged to apply these updates promptly through Windows Update or other tools to safeguard against security threats.

Microsoft’s December 2024 Patch Tuesday emphasizes consistently updating systems to mitigate vulnerabilities. With cyberattacks’ growing sophistication, addressing critical issues like Remote Code execution vulnerabilities and Elevation of Privilege flaws is paramount.

Apply these patches immediately through Windows Update or other deployment tools to ensure your systems are up to date. For more details, refer to Microsoft’s official security update documentation.

72 Vulnerabilities Fixed in Microsoft Patch Tuesday December 2024

CVE Number CVE Title Impact
CVE-2024-49106 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49108 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49115 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49117 Windows Hyper-V Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49119 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49120 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49122 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49123 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49124 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49126 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49132 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49112 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49116 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49118 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49127 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49128 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-43594 System Center Operations Manager Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49057 Microsoft Defender for Endpoint on Android Spoofing Vulnerability Spoofing
CVE-2024-49059 Microsoft Office Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49064 Microsoft SharePoint Information Disclosure Vulnerability Information Disclosure
CVE-2024-49068 Microsoft SharePoint Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49069 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49070 Microsoft SharePoint Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49074 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49084 Windows Kernel Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49085 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49086 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability Information Disclosure
CVE-2024-49089 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49091 Windows Domain Name Service Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49092 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49093 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49094 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49096 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Denial of Service
CVE-2024-49097 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49098 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Information Disclosure
CVE-2024-49099 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Information Disclosure
CVE-2024-49101 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49102 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49103 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Information Disclosure
CVE-2024-49104 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49107 WmsRepair Service Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49111 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49121 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Denial of Service
CVE-2024-49125 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49129 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Denial of Service
CVE-2024-49142 Microsoft Access Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-43600 Microsoft Office Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49062 Microsoft SharePoint Information Disclosure Vulnerability Information Disclosure
CVE-2024-49063 Microsoft/Muzic Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49065 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49072 Windows Task Scheduler Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49075 Windows Remote Desktop Services Denial of Service Vulnerability Denial of Service
CVE-2024-49076 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49077 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49078 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49079 Input Method Editor (IME) Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49080 Windows IP Routing Management Snapin Remote Code Execution Vulnerability Remote Code Execution
CVE-2024-49081 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49082 Windows File Explorer Information Disclosure Vulnerability Information Disclosure
CVE-2024-49083 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49088 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49090 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49095 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49109 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49110 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49113 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Denial of Service
CVE-2024-49114 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Elevation of Privilege
CVE-2024-49138 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege
ADV240002 Microsoft Office Defense in Depth Update Defense in Depth

Microsoft has published a complete list of patched vulnerabilities, which provides detailed information about the exploitation methods, vulnerability descriptions, and other information. 

All users should update their products to the latest version to prevent threat actors from exploiting these vulnerabilities.



Source link