Man
Professional
- Messages
- 3,106
- Reaction score
- 665
- Points
- 113
Microsoft protects users from 0Day attacks, leaving hackers less and less likely to be hacked.
Microsoft's November Patch Tuesday fixes 91 vulnerabilities. Among them are four zero-day vulnerabilities, two of which have already been actively exploited in attacks. The update fixes four critical issues - two of them allowed attackers to remotely execute code, and the other two provided the ability to escalate privileges.
Categories of vulnerabilities fixed in November:
At the same time, the list does not include 2 vulnerabilities in the Edge browser, which were fixed earlier, on November 7.
To learn more about the non-security updates released today, you can check out the dedicated pages about the new cumulative updates Windows 11 KB5046617 and KB5046633, as well as the Windows 10 KB5046613 update.
Zero-day vulnerabilities
Of the four zero-day vulnerabilities patched in Patch Tuesday in November, two have already been actively exploited by attackers, and three have been publicly disclosed. Microsoft classifies the zero-day vulnerability as a problem that is already known about or actively exploited, while an official fix has not yet been released.
Actively exploited vulnerabilities:
Publicly disclosed vulnerabilities not exploited in attacks:
Microsoft's patches are aimed at preventing further exploitation of these vulnerabilities and strengthening user security in the face of increased cybercriminal activity. This page provides a complete list of vulnerabilities fixed in the November 2024 Patch Tuesday updates.
In October Patch Tuesday, Microsoft fixed 118 vulnerabilities, two of which were actively exploited by attackers. Three of the vulnerabilities identified are critical, 113 are classified as important, and two are classified as moderate.
Source
Microsoft's November Patch Tuesday fixes 91 vulnerabilities. Among them are four zero-day vulnerabilities, two of which have already been actively exploited in attacks. The update fixes four critical issues - two of them allowed attackers to remotely execute code, and the other two provided the ability to escalate privileges.
Categories of vulnerabilities fixed in November:
- 26 Elevation of Privilege vulnerabilities
- 2 Security Feature Bypass vulnerabilities;
- 52 vulnerabilities in Remote Code Execution;
- 1 Information Disclosure vulnerability;
- 4 Denial of Service vulnerabilities;
- 3 Spoofing vulnerabilities.
At the same time, the list does not include 2 vulnerabilities in the Edge browser, which were fixed earlier, on November 7.
To learn more about the non-security updates released today, you can check out the dedicated pages about the new cumulative updates Windows 11 KB5046617 and KB5046633, as well as the Windows 10 KB5046613 update.
Zero-day vulnerabilities
Of the four zero-day vulnerabilities patched in Patch Tuesday in November, two have already been actively exploited by attackers, and three have been publicly disclosed. Microsoft classifies the zero-day vulnerability as a problem that is already known about or actively exploited, while an official fix has not yet been released.
Actively exploited vulnerabilities:
- CVE-2024-43451 (CVSS score: 6.5) - NTLM Hash
Disclosure Vulnerability The vulnerability could allow a remote attacker to obtain user NTLMv2 hashes with minimal interaction with a malicious file. According to Microsoft, even a simple action such as selecting (single-clicking) or viewing (right-clicking) a file can lead to a data breach. - CVE-2024-49039 (CVSS score: 8.8) – Privilege escalation vulnerability in Windows
Task Scheduler A specially crafted application could escalate the privilege level to a medium integrity level, allowing a hacker to execute code or access resources at a higher integrity level than the AppContainer runtime.
Publicly disclosed vulnerabilities not exploited in attacks:
- CVE-2024-49040 (CVSS score: 7.5) - Spoofing vulnerability in Microsoft Exchange Server
An issue could allow spoofing of the sender address in email sent to local recipients. After the update, Microsoft will warn users about suspicious emails by adding a notification to them: "Warning: This email may be suspicious. Check the source before opening links or attachments". - CVE-2024-49019 (CVSS score: 7.8) - Active Directory Certificate Services
Privilege escalation vulnerability This flaw allows domain administrator privileges to be obtained through the use of built-in v1 certificates. The problem is related to certificate templates, where the origin of the subject name is a request, and the rights to enroll certificates are granted to a wide range of users.
Microsoft's patches are aimed at preventing further exploitation of these vulnerabilities and strengthening user security in the face of increased cybercriminal activity. This page provides a complete list of vulnerabilities fixed in the November 2024 Patch Tuesday updates.
In October Patch Tuesday, Microsoft fixed 118 vulnerabilities, two of which were actively exploited by attackers. Three of the vulnerabilities identified are critical, 113 are classified as important, and two are classified as moderate.
Source
