On November 12, 2024, Microsoft rolled out its monthly security updates, addressing an impressive total of 89 vulnerabilities. This marks a significant moment for IT professionals and Windows users, as the updates include four zero-day exploits and four critical flaws that could leave systems open to attack. Let’s break this down and understand the importance of this up-to-date information for your Windows environment.
For more insights and discussions, feel free to join the WindowsForum community where questions and experiences are shared! How do you manage your patching process? Have these updates affected your workflows? Let us know in the comments below!
Source: Spiceworks November 2024 Patch Tuesday – 89 Microsoft CVEs Addressed
What Does This Update Cover?
Breakdown of Vulnerabilities
The November Patch Tuesday saw Microsoft tackle a mixed bag of vulnerabilities, categorically addressing:- 59% Remote Code Execution (RCE)
- 30% Elevation of Privileges (EoP)
- A few Denial of Service (DoS), Spoofing, Security Feature Bypass (SFB), and Information Disclosure vulnerabilities.
Focus: Zero-Day Vulnerabilities
Zero-day vulnerabilities are particularly concerning as they are actively being exploited by attackers. For instance, out of the four zero-days addressed, two were already known to be in the wild, making their resolution critical. Here are specific ones to watch out for:- CVE-2024-43451: A spoofing vulnerability in the New Technology LAN Manager (NTLMv2) protocol could allow attackers to gain access to user hashed passwords. With a CVSS score of 6.5, it's deemed medium in severity, but still poses a real risk.
- CVE-2024-49039: Found in the Windows Task Scheduler, this elevation of privilege vulnerability allows an attacker within a low-privilege AppContainer to elevate their access level. With a CVSS rating of 8.8, this vulnerability is especially dangerous.
- CVE-2024-49040: A critical spoofing vulnerability in Microsoft Exchange Server that permits attackers to impersonate legitimate senders. This vulnerability received a CVSS score of 7.5, implicating a serious risk in email communications.
- CVE-2024-49019: It concerns elevation of privileges in Active Directory Certificate Services, rated high severity (CVSS 7.8), allowing route access potentially leading to domain administrator takeover.
Critical Vulnerabilities Spotlight
The November patch also includes four critical vulnerabilities, among which is:- CVE-2024-43625: This involves a use-after-free vulnerability in Hyper-V that could allow an attacker to gain elevated permissions on a virtual machine.
- CVE-2024-43639: An attack can be initiated by an unauthenticated user exploiting the Windows Kerberos security system, again allowing for remote code execution, posing a severe risk if left unpatched.
High-Risk Categories
Microsoft defined the vulnerabilities as follows:- 52 Remote Code Execution
- 26 Elevation of Privileges
- 4 Denial of Service (DoS)
- 3 Spoofing
- 2 Security Feature Bypass
- 1 Information Disclosure
How to Apply These Updates
For those running Windows systems, it’s essential to regularly check for and apply updates. To do so, follow these steps:- Open Windows Settings: Press
Windows + I. - Go to Update & Security: This option can usually be found at the bottom of the main settings page.
- Check for Updates: Click the "Check for updates" button. Windows will automatically download and install the relevant patches.
- Restart Your Computer: This may be necessary for the updates to take effect.
Final Thoughts
The November 2024 Patch Tuesday is a stark reminder of the increasingly complex cybersecurity landscape. With four high-severity vulnerabilities and four zero-days, the importance of maintaining a secure Windows environment cannot be overstated. For IT professionals and regular users alike, staying informed and proactive about updates is critical in safeguarding sensitive data and system integrity.For more insights and discussions, feel free to join the WindowsForum community where questions and experiences are shared! How do you manage your patching process? Have these updates affected your workflows? Let us know in the comments below!
Source: Spiceworks November 2024 Patch Tuesday – 89 Microsoft CVEs Addressed