November 2024 Patch Tuesday: 89 Vulnerabilities Addressed Including 4 Zero-Day Exploits

  • Thread Author
On November 12, 2024, Microsoft rolled out its monthly security updates, addressing an impressive total of 89 vulnerabilities. This marks a significant moment for IT professionals and Windows users, as the updates include four zero-day exploits and four critical flaws that could leave systems open to attack. Let’s break this down and understand the importance of this up-to-date information for your Windows environment.

What Does This Update Cover?​

Breakdown of Vulnerabilities​

The November Patch Tuesday saw Microsoft tackle a mixed bag of vulnerabilities, categorically addressing:
  • 59% Remote Code Execution (RCE)
  • 30% Elevation of Privileges (EoP)
  • A few Denial of Service (DoS), Spoofing, Security Feature Bypass (SFB), and Information Disclosure vulnerabilities.
In comparison, this update is about 25% smaller than last month’s Patch Tuesday, which dealt with 117 vulnerabilities. However, the threat posed by this month's findings should not be underestimated, given the critical ones that are present.

Focus: Zero-Day Vulnerabilities​

Zero-day vulnerabilities are particularly concerning as they are actively being exploited by attackers. For instance, out of the four zero-days addressed, two were already known to be in the wild, making their resolution critical. Here are specific ones to watch out for:
  1. CVE-2024-43451: A spoofing vulnerability in the New Technology LAN Manager (NTLMv2) protocol could allow attackers to gain access to user hashed passwords. With a CVSS score of 6.5, it's deemed medium in severity, but still poses a real risk.
  2. CVE-2024-49039: Found in the Windows Task Scheduler, this elevation of privilege vulnerability allows an attacker within a low-privilege AppContainer to elevate their access level. With a CVSS rating of 8.8, this vulnerability is especially dangerous.
Among other noteworthy vulnerabilities includes:
  • CVE-2024-49040: A critical spoofing vulnerability in Microsoft Exchange Server that permits attackers to impersonate legitimate senders. This vulnerability received a CVSS score of 7.5, implicating a serious risk in email communications.
  • CVE-2024-49019: It concerns elevation of privileges in Active Directory Certificate Services, rated high severity (CVSS 7.8), allowing route access potentially leading to domain administrator takeover.

Critical Vulnerabilities Spotlight​

The November patch also includes four critical vulnerabilities, among which is:
  • CVE-2024-43625: This involves a use-after-free vulnerability in Hyper-V that could allow an attacker to gain elevated permissions on a virtual machine.
  • CVE-2024-43639: An attack can be initiated by an unauthenticated user exploiting the Windows Kerberos security system, again allowing for remote code execution, posing a severe risk if left unpatched.

High-Risk Categories​

Microsoft defined the vulnerabilities as follows:
  • 52 Remote Code Execution
  • 26 Elevation of Privileges
  • 4 Denial of Service (DoS)
  • 3 Spoofing
  • 2 Security Feature Bypass
  • 1 Information Disclosure
These figures indicate a pressing need for Windows users to ensure their systems are up-to-date with the latest security patches to mitigate potential threats.

How to Apply These Updates​

For those running Windows systems, it’s essential to regularly check for and apply updates. To do so, follow these steps:
  1. Open Windows Settings: Press Windows + I.
  2. Go to Update & Security: This option can usually be found at the bottom of the main settings page.
  3. Check for Updates: Click the "Check for updates" button. Windows will automatically download and install the relevant patches.
  4. Restart Your Computer: This may be necessary for the updates to take effect.

Final Thoughts​

The November 2024 Patch Tuesday is a stark reminder of the increasingly complex cybersecurity landscape. With four high-severity vulnerabilities and four zero-days, the importance of maintaining a secure Windows environment cannot be overstated. For IT professionals and regular users alike, staying informed and proactive about updates is critical in safeguarding sensitive data and system integrity.
For more insights and discussions, feel free to join the WindowsForum community where questions and experiences are shared! How do you manage your patching process? Have these updates affected your workflows? Let us know in the comments below!

Source: Spiceworks November 2024 Patch Tuesday – 89 Microsoft CVEs Addressed