Home > Security Bulletins > Microsoft Patch Tuesday – November 2024

Microsoft Patch Tuesday – November 2024

Microsoft

Summary

November’s Microsoft Patch Tuesday has security updates to fix 4 zero-day vulnerabilities with 2 of them being actively-exploited, 4 critical vulnerabilities and a total of 89 vulnerabilities.

The patches this month break down as follows:

  • 52 Remote code execution vulnerabilities
  • 26 Elevation of privilege vulnerabilities
  • 4 Denial of Service vulnerabilities
  • 3 Spoofing vulnerabilities
  • 2 Security feature bypass vulnerabilities
  • 1 Information disclosure vulnerabilities

The most important patches are:

CVE-2024-49039 – Windows Task Scheduler Elevation of Privilege Vulnerability. A specially crafted application could be executed that elevates privilege to Medium Integrity level.

“In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment,” explained Microsoft. CVSS 3.1: 8.8 (High)

CVE-2024-43451 – NTLM Hash Disclosure Spoofing Vulnerability

Microsoft has fixed a vulnerability that exposes NTLM hashes to remote attackers with minimal interaction with a malicious file.

“This vulnerability discloses a user’s NTLMv2 hash to the attacker who could use this to authenticate as the user,” explained Microsoft. CVSS 3.1: 6.5 (Medium)

 

More information can be found here.