This month marked the release of Microsoft’s last scheduled updates. With the December 2024 Patch Tuesday update bundle, Microsoft addressed 71 security issues across various products. Users must update their devices promptly to enjoy peaceful holidays.
Bunch Of Critical Vulnerabilities And A Zero-Day Got Patched
Microsoft recently patched a zero-day affecting its Windows Common Log File System Driver. Identified as CVE-2024-49138, the vulnerability is primarily a privilege escalation issue, allowing an authorized adversary to gain SYSTEM privileges.
The Redmond giant confirmed that it detected active exploitation of this vulnerability, which was publicly disclosed before the fix. However, the firm didn’t share any details regarding the nature of such exploits. This flaw received an important severity rating and a CVSS score of 7.8.
Besides, the tech giant also addressed 16 critical vulnerabilities, all of which allowed remote code execution. Of these, 9 critical flaws (CVSS 8.1) affected the Windows Remote Desktop Services, 2 impacted the Windows Lightweight Directory Access Protocol (LDAP), and 2 others affected the Microsoft Message Queuing (MSMQ). In addition, Microsoft patched a single critical vulnerability in the Lightweight Directory Access Protocol (LDAP) Client, Windows Hyper-V, and Windows Local Security Authority Subsystem Service (LSASS).
The most severe of these vulnerabilities is CVE-2024-49112 (CVSS 9.8), affecting both LDAP clients and servers running vulnerable Windows versions. Exploiting the flaw requires an unauthenticated, remote adversary to send maliciously crafted RPC calls to the target LDAP server domain controller, or to trick the victim user into performing a domain lookup for the attacker’s domain or connect to a malicious LDAP server, to target an LDAP client. Once done, the attacker could execute arbitrary codes within the context of the LDAP service.
Other Important Patch Tuesday December Updates From Microsoft
Alongside the vulnerabilities listed above, Microsoft also addressed 54 other security flaws affecting different products. These include 14 remote code execution vulnerabilities, 26 privilege escalation issues, 5 denial of service flaws, 7 information disclosure issues, and 2 spoofing vulnerabilities.
The products receiving the most security fixes include Microsoft Office, Microsoft SharePoint, Windows Mobile Broadband Driver, Windows Routing and Remote Access Service (RRAS), Windows Wireless Wide Area Network Service (WwanSvc) and Wireless Wide Area Network Service (WwanSvc).
While Microsoft ensures automatic patching of all eligible systems, users should check their systems manually for updates to receive all security fixes in time.
Let us know your thoughts in the comments.
