Microsoft's December 2024 Patch Tuesday update addresses 71 security vulnerabilities across various products, including Windows, Office, SharePoint Server, Hyper-V, Defender for Endpoint, and System Center Operations Manager. Notably, 16 of these vulnerabilities are rated as critical.
Key Points:
- Actively Exploited Zero-Day Vulnerability:
- CVE-2024-49138: A moderate-severity elevation-of-privilege flaw in the Windows Common Log File System (CLFS) Driver. Exploitation can grant attackers SYSTEM-level privileges, posing significant risks, especially when combined with remote code execution (RCE) vulnerabilities.
- Critical Remote Code Execution Vulnerabilities:
- CVE-2024-49112: An unauthenticated RCE vulnerability in the Windows Lightweight Directory Access Protocol (LDAP). This flaw is particularly concerning due to its high severity and potential for exploitation.
- Additional Critical Vulnerabilities:
- The update also addresses critical RCE vulnerabilities in Hyper-V and the Remote Desktop Protocol (RDP), which could allow attackers to execute arbitrary code remotely.
This update brings Microsoft's total patches for the year to 1,020, marking it as the second-highest annual total after 2020.
Given the active exploitation of CVE-2024-49138 and the critical nature of other vulnerabilities, it's imperative for organizations to prioritize applying these patches to mitigate potential security risks.
