November Patch Tuesday: Urgent Windows Zero-Day Vulnerabilities to Address

  • Thread Author
As we navigate the ever-evolving landscape of cybersecurity, November brings a chill to the air —and it’s coming from three zero-day vulnerabilities in Windows that demand immediate attention. Microsoft's November Patch Tuesday serves up a hearty meal of 89 vulnerabilities, including these urgent zero-day flaws, ensuring that IT admins will have their hands full as they brace for another round of updates and fixes.

What’s on the Table: The Current Vulnerabilities​

This month’s patch cycle includes three critical vulnerabilities that Windows users must address right away to protect their systems:
  1. CVE-2024-43451: This NTLM Hash Disclosure Spoofing vulnerability is potentially ripe for exploitation by malicious actors.
  2. CVE-2024-49019: An elevation of privilege issue linked to Active Directory Certificate Services that can leave systems wide open if not patched.
  3. CVE-2024-49039: A Windows Task Scheduler elevation of privilege vulnerability, also critical to address.
These vulnerabilities have been disclosed, meaning attackers could already have the code to exploit them. Given the urgency of the situation, applying these updates should be at the forefront of any system administrator’s agenda.

Patch Tuesday: The Essentials​

Every month, Microsoft releases updates on what is known as Patch Tuesday, a day dedicated to addressing security and operational vulnerabilities across its many platforms, including Windows, SQL Server, and Microsoft Office. This month’s release touches on various products, with notable patches for:
  • Windows 10 and 11: These patches include critical and important updates to ensure overall system integrity.
  • Microsoft SQL Server: This month sees a staggering 31 patches addressing significant security vulnerabilities rooted in buffer overflows and memory management issues.
  • Microsoft Office: Six updates aimed at various applications, ensuring that users can operate securely without the threat of exploitation from newly disclosed vulnerabilities.
With each release, Microsoft offers a variety of guidance documents to help users navigate the sometimes complicated testing processes associated with these updates.

Major Changes and Known Issues​

Interestingly, some previous issues have now been rectified. Users reported complications starting the SSH service on updated Windows 11 machines. A workaround has been recommended, which involves adjusting file and directory permissions on the SSH program directories. This highlights how vigilant IT admins must be regarding system permissions and configurations.
Additionally, a major revision was introduced this month concerning CVE-2013-390, a vulnerability dating back to 2013. This fixes a critical flaw related to signature validations that can let malefactors exploit the system if left unchecked. Given its age and importance, admins are urged to revisit this issue and apply the necessary updates.

Recommendations for IT Admins: What to Do Next?​

With so many vulnerabilities to juggle, it can feel overwhelming. Here is a streamlined guide for administrators:

Immediate Actions​

  • Patch ASAP: Focus on the zero-day flaws first (CVE-2024-43451, CVE-2024-49019, CVE-2024-49039).
  • Review Older CVEs: Pay attention to critical updates like CVE-2013-390 that may now have new patches available.

Testing​

  • Network Integrity: Test your VPNs, network sharing, and connections to ensure they’re functioning correctly after updates.
  • File System Functionality: Verify that applications that rely heavily on the NTFileCopyChunk API still perform correctly following installation.

Monitoring Changes​

  • Stay Updated: As more patches are released, including those for third-party software that may impact Windows (like Google Chrome), keep a close tab on those updates too. Recent patches for the Chromium engine, which underpins both Edge and Chrome, must be included in your deployment schedule.

The Bigger Picture: A Call for Vigilance​

As cyberattacks become more sophisticated, the importance of diligence in applying security updates cannot be overstated. This month’s Patch Tuesday serves as a stark reminder that even the most benign-looking systems can harbor vulnerabilities ready to be exploited.
Organizations relying on Microsoft products should prioritize these updates and prepare thorough testing regimens to ensure that existing operational capabilities remain intact. With the right foresight and proactive measures, cyber threats can be mitigated, allowing businesses to operate with peace of mind.
In a world driven by technology, the onus is on us to stay one step ahead — so let's not leave our systems exposed; the stakes are just too high. What updates are you planning to prioritize this month? Let’s dive into the discussions below!

Source: Computerworld For November, Patch Tuesday includes three Windows zero-day fixes