Tech News
Microsoft Released November 2024 Patch Tuesday With ~90 Fixes
This week saw the release of the latest monthly updates from Microsoft. The November 2024 Patch Tuesday brought fixes for approximately 90 security vulnerabilities across various Microsoft products.
Addressing Multiple Zero-Day Vulnerabilities
Microsoft’s November Patch Tuesday included patches for several critical vulnerabilities, some of which were publicly known and actively exploited.
One of the most significant vulnerabilities addressed was CVE-2024-43498, a critical remote code execution flaw affecting .NET and Visual Studio. This flaw could be exploited by an unauthenticated, remote attacker to execute malicious code on a vulnerable system. The vulnerability received a CVSS score of 9.8.
While Microsoft did not classify CVE-2024-43498 as a zero-day, ZDI identified it as such due to a report highlighting a similar issue. However, Microsoft did acknowledge two zero-day vulnerabilities:
- CVE-2024-43451 (important; CVSS 6.5): A spoofing vulnerability that could expose a user’s NTLMv2 hash, allowing for fraudulent user authentication. Microsoft confirmed active exploitation of this flaw following public disclosure.
- CVE-2024-49039 (important; CVSS 8.8): A privilege escalation vulnerability in Windows Task Scheduler that was actively exploited before a patch was available.
- CVE-2024-49019 (important; CVSS 7.8): A privilege escalation flaw in Active Directory Certificate Services that could grant an adversary domain administrator privileges.
Other Updates from Microsoft
In addition to the above, Microsoft also addressed three critical vulnerabilities this month:
- CVE-2024-49056 (critical; CVSS 7.3): An authentication bypass vulnerability affecting airlift.microsoft.com.
- CVE-2024-43625 (critical; CVSS 8.1): A privilege escalation issue in the VmSwitch component within Hyper-V.
- CVE-2024-43639 (critical; CVSS 9.8): A remote code execution flaw in Windows Kerberos.
This month, Microsoft addressed a total of 89 security issues, including 84 important severity vulnerabilities and a moderate-severity privilege escalation flaw.
While Microsoft updates are automatically delivered to eligible devices, users should regularly check for updates to ensure they receive all necessary security fixes.
Share your thoughts in the comments below.
Nigeria to honour PM Modi with GCON award
Marner scores in OT, Leafs down Oilers 4-3
Real Heroes: Firefighter HD gets PS5 port in December
Mumbai Airport’s total passenger traffic rises 4 per cent in October, BA
Microsoft Released November 2024 Patch Tuesday With ~90 Fixes
Rangers face delicate decisions paramount to Filip Chytil’s future
Zelda: Echoes of Wisdom – The Blocked Road Guide
Sri Lanka parliamentary election: How the NPP won over country’s ethnic minorities
Oura Ring 4 vs Oura Ring 3: Is now the time to upgrade?
The ultimate retro gift—70,000+ games on the Kinhank Super Console X2 Pro
The Top 20 Motivational Instagram Accounts to Follow (2024)
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
Singapore Airlines CEO set to join board of Air India, BA News, BA
15 of the Best Trike & Tricycles Mums Recommend
Don’t Waste Your Time in Anger, Regrets, Worries and Grudges
Satisfy Your Meat and BBQ Cravings While in Texas
Mastering data privacy in the age of AI
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
Soccer team’s drone at center of Paris Olympics spying scandal
Our new fixed tours are your ultimate Aussie & Kiwi adventure!
-
Motivation5 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Tech News5 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Destination2 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Toys5 months ago15 of the Best Trike & Tricycles Mums Recommend
-
Self Development5 months agoDon’t Waste Your Time in Anger, Regrets, Worries and Grudges
-
Guides & Tips4 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Tech News4 months agoMastering data privacy in the age of AI
-
Gaming3 months agoThe Criterion Collection announces November 2024 releases, Seven Samurai 4K and more