As of late is Microsoft’s November 2024 Patch Tuesday, which incorporates safety updates for 91 flaws, together with 4 zero-days, two of which can be actively exploited.
This Patch Tuesday fastened 4 important vulnerabilities, which come with two far off code execution and two elevation of privileges flaws.
The choice of insects in every vulnerability class is indexed underneath:
26 Elevation of Privilege vulnerabilities
2 Safety Function Bypass vulnerabilities
52 Far off Code Execution vulnerabilities
1 Data Disclosure vulnerability
4 Denial of Provider vulnerabilities
3 Spoofing vulnerabilities
This depend does now not come with two Edge flaws that have been up to now fastened on November seventh.
To be told extra in regards to the non-security updates launched lately, you’ll be able to evaluate our devoted articles at the new Home windows 11 KB5046617 and KB5046633 cumulative updates and the Home windows 10 KB5046613 replace.
4 zero-days disclosed
This month’s Patch Tuesday fixes 4 zero-days, two of that have been actively exploited in assaults, and 3 have been publicly disclosed.
Microsoft classifies a zero-day flaw as one this is publicly disclosed or actively exploited whilst no reputable repair is to be had.
The 2 actively exploited zero-day vulnerabilities in lately’s updates are:
CVE-2024-43451 – NTLM Hash Disclosure Spoofing Vulnerability
Microsoft has fastened a vulnerability that exposes NTLM hashes to far off attackers with minimum interplay with a malicious document.
“This vulnerability discloses a person’s NTLMv2 hash to the attacker who may just use this to authenticate because the person,” defined Microsoft.
“Minimum interplay with a malicious document by way of a person akin to deciding on (single-click), examining (right-click), or acting an motion as opposed to opening or executing may just cause this vulnerability,” endured Microsoft.
Microsoft says Israel Yeshurun of ClearSky Cyber Safety came upon this vulnerability and that it used to be publicly disclosed, however didn’t proportion any longer main points.
CVE-2024-49039 – Home windows Job Scheduler Elevation of Privilege Vulnerability
A specifically crafted utility may well be finished that elevates privilege to Medium Integrity degree.
“On this case, a a success assault may well be carried out from a low privilege AppContainer. The attacker may just raise their privileges and execute code or get right of entry to sources at the next integrity degree than that of the AppContainer execution atmosphere,” defined Microsoft.
Microsoft says that exploiting this vulnerability would permit attackers to execute RPC purposes which can be typically limited to privileged accounts.
The flaw used to be came upon by way of Vlad Stolyarov and Bahare Sabouri of Google’s Risk Research Staff.
It’s not identified how the flaw used to be exploited in assaults.
The opposite 3 vulnerabilities that have been publicly disclosed however now not exploited in assaults are:
CVE-2024-49040 – Microsoft Alternate Server Spoofing Vulnerability
Microsoft has fastened a Microsoft Alternate vulnerability that permits danger actors to spoof the sender’s e-mail cope with in emails to native recipients.
“Microsoft is conscious about a vulnerability (CVE-2024-49040) that permits attackers to run spoofing assaults in opposition to Microsoft Alternate Server,” explains a comparable advisory by way of Microsoft.
“The vulnerability is led to by way of the present implementation of the P2 FROM header verification, which occurs in delivery.”
Beginning with this month’s Microsoft Alternate safety updates, Microsoft is now detecting and flagging spoofed emails with an alert prepended to the e-mail frame that states, “Realize: This e-mail seems to be suspicious. Don’t consider the tips, hyperlinks, or attachments on this e-mail with out verifying the supply thru a relied on manner.”
Microsoft says the flaw used to be came upon by way of Slonser at Solidlab, who publicly disclosed the flaw on this article.
CVE-2024-49019 – Energetic Listing Certificates Services and products Elevation of Privilege Vulnerability
Microsoft fastened a flaw that permits attackers to realize area administrator privileges by way of abusing integrated default model 1 certificates templates.
“Take a look at in case you have revealed any certificate created the use of a model 1 certificates template the place the Supply of matter identify is about to “Equipped within the request” and the Sign up permissions are granted to a broader set of accounts, akin to area customers or area computer systems,” explains Microsoft.
“An instance is the integrated Internet Server template, however it isn’t prone by way of default because of its limited Sign up permissions.”
The flaw used to be came upon by way of Lou Scicchitano, Scot Berner, and Justin Bollinger with TrustedSec, who disclosed the “EKUwu” vulnerability in October.
“The usage of integrated default model 1 certificates templates, an attacker can craft a CSR to incorporate utility insurance policies which can be most popular over the configured Prolonged Key Utilization attributes specified within the template,” reads TrustedSec’s file.
“The one requirement is enrollment rights, and it may be used to generate consumer authentication, certificates request agent, and codesigning certificate the use of the WebServer template.”
As defined above, CVE-2024-43451 used to be additionally publicly disclosed.
Contemporary updates from different firms
Different distributors who launched updates or advisories in November 2024 come with:
Adobe launched safety updates for a large number of programs, together with Photoshop, Illustrator, and Trade.
Cisco releases safety updates for a couple of merchandise, together with Cisco Telephones, Nexus Dashboard, Id Services and products Engine, and extra.
Citrix releases safety updates for NetScaler ADC and NetScaler Gateway vulnerabilities. Additionally they launched an replace for the Citrix Digital Apps and Desktops reported by way of Watchtowr.
Dell releases safety updates for code execution and safety bypass flaws in SONiC OS.
D-Hyperlink releases a safety replace for a important DSL6740C flaw that permits amendment of account passwords.
Google launched Chrome 131, which incorporates 12 safety fixes. No zero-days.
Ivanti releases safety updates for twenty-five vulnerabilities in Ivanti Attach Protected (ICS), Ivanti Coverage Protected (IPS), Ivanti Protected Get entry to Shopper (ISAC).
SAP releases safety updates for a couple of merchandise as a part of November Patch Day.
Schneider Electrical releases safety updates for flaws in Modicon M340, Momentum, and MC80 merchandise.
Siemens launched a safety replace for a important 10/10 flaw in TeleControl Server Elementary tracked as CVE-2024-44102.
The November 2024 Patch Tuesday Safety Updates
Beneath is the entire checklist of resolved vulnerabilities within the November 2024 Patch Tuesday updates.
To get right of entry to the overall description of every vulnerability and the programs it impacts, you’ll be able to view the complete file right here.
Tag
CVE ID
CVE Name
Severity
.NET and Visible Studio
CVE-2024-43499
.NET and Visible Studio Denial of Provider Vulnerability
Necessary
.NET and Visible Studio
CVE-2024-43498
.NET and Visible Studio Far off Code Execution Vulnerability
Important
Airlift.microsoft.com
CVE-2024-49056
Airlift.microsoft.com Elevation of Privilege Vulnerability
Important
Azure CycleCloud
CVE-2024-43602
Azure CycleCloud Far off Code Execution Vulnerability
Necessary
LightGBM
CVE-2024-43598
LightGBM Far off Code Execution Vulnerability
Necessary
Microsoft Defender for Endpoint
CVE-2024-5535
OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overread
Necessary
Microsoft Edge (Chromium-based)
CVE-2024-10826
Chromium: CVE-2024-10826 Use after loose in Circle of relatives Reports
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-10827
Chromium: CVE-2024-10827 Use after loose in Serial
Unknown
Microsoft Alternate Server
CVE-2024-49040
Microsoft Alternate Server Spoofing Vulnerability
Necessary
Microsoft Graphics Element
CVE-2024-49031
Microsoft Place of business Graphics Far off Code Execution Vulnerability
Necessary
Microsoft Graphics Element
CVE-2024-49032
Microsoft Place of business Graphics Far off Code Execution Vulnerability
Necessary
Microsoft Place of business Excel
CVE-2024-49029
Microsoft Excel Far off Code Execution Vulnerability
Necessary
Microsoft Place of business Excel
CVE-2024-49026
Microsoft Excel Far off Code Execution Vulnerability
Necessary
Microsoft Place of business Excel
CVE-2024-49027
Microsoft Excel Far off Code Execution Vulnerability
Necessary
Microsoft Place of business Excel
CVE-2024-49028
Microsoft Excel Far off Code Execution Vulnerability
Necessary
Microsoft Place of business Excel
CVE-2024-49030
Microsoft Excel Far off Code Execution Vulnerability
Necessary
Microsoft Place of business SharePoint
ADV240001
Microsoft SharePoint Server Protection in Intensity Replace
None
Microsoft Place of business Phrase
CVE-2024-49033
Microsoft Phrase Safety Function Bypass Vulnerability
Necessary
Microsoft PC Supervisor
CVE-2024-49051
Microsoft PC Supervisor Elevation of Privilege Vulnerability
Necessary
Microsoft Digital Laborious Power
CVE-2024-38264
Microsoft Digital Laborious Disk (VHDX) Denial of Provider Vulnerability
Necessary
Microsoft Home windows DNS
CVE-2024-43450
Home windows DNS Spoofing Vulnerability
Necessary
Function: Home windows Energetic Listing Certificates Services and products
CVE-2024-49019
Energetic Listing Certificates Services and products Elevation of Privilege Vulnerability
Necessary
Function: Home windows Hyper-V
CVE-2024-43633
Home windows Hyper-V Denial of Provider Vulnerability
Necessary
Function: Home windows Hyper-V
CVE-2024-43624
Home windows Hyper-V Shared Digital Disk Elevation of Privilege Vulnerability
Necessary
SQL Server
CVE-2024-48998
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-48997
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-48993
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49001
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49000
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-48999
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49043
Microsoft.SqlServer.XEvent.Configuration.dll Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-43462
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-48995
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-48994
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-38255
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-48996
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-43459
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49002
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49013
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49014
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49011
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49012
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49015
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49018
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49021
Microsoft SQL Server Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49016
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49017
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49010
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49005
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49007
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49003
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49004
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49006
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49009
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
SQL Server
CVE-2024-49008
SQL Server Local Shopper Far off Code Execution Vulnerability
Necessary
TorchGeo
CVE-2024-49048
TorchGeo Far off Code Execution Vulnerability
Necessary
Visible Studio
CVE-2024-49044
Visible Studio Elevation of Privilege Vulnerability
Necessary
Visible Studio Code
CVE-2024-49050
Visible Studio Code Python Extension Far off Code Execution Vulnerability
Necessary
Visible Studio Code
CVE-2024-49049
Visible Studio Code Far off Extension Elevation of Privilege Vulnerability
Average
Home windows CSC Provider
CVE-2024-43644
Home windows Shopper-Aspect Caching Elevation of Privilege Vulnerability
Necessary
Home windows Defender Software Keep watch over (WDAC)
CVE-2024-43645
Home windows Defender Software Keep watch over (WDAC) Safety Function Bypass Vulnerability
Necessary
Home windows DWM Core Library
CVE-2024-43636
Win32k Elevation of Privilege Vulnerability
Necessary
Home windows DWM Core Library
CVE-2024-43629
Home windows DWM Core Library Elevation of Privilege Vulnerability
Necessary
Home windows Kerberos
CVE-2024-43639
Home windows Kerberos Far off Code Execution Vulnerability
Important
Home windows Kernel
CVE-2024-43630
Home windows Kernel Elevation of Privilege Vulnerability
Necessary
Home windows NT OS Kernel
CVE-2024-43623
Home windows NT OS Kernel Elevation of Privilege Vulnerability
Necessary
Home windows NTLM
CVE-2024-43451
NTLM Hash Disclosure Spoofing Vulnerability
Necessary
Home windows Package deal Library Supervisor
CVE-2024-38203
Home windows Package deal Library Supervisor Data Disclosure Vulnerability
Necessary
Home windows Registry
CVE-2024-43641
Home windows Registry Elevation of Privilege Vulnerability
Necessary
Home windows Registry
CVE-2024-43452
Home windows Registry Elevation of Privilege Vulnerability
Necessary
Home windows Protected Kernel Mode
CVE-2024-43631
Home windows Protected Kernel Mode Elevation of Privilege Vulnerability
Necessary
Home windows Protected Kernel Mode
CVE-2024-43646
Home windows Protected Kernel Mode Elevation of Privilege Vulnerability
Necessary
Home windows Protected Kernel Mode
CVE-2024-43640
Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability
Necessary
Home windows SMB
CVE-2024-43642
Home windows SMB Denial of Provider Vulnerability
Necessary
Home windows SMBv3 Shopper/Server
CVE-2024-43447
Home windows SMBv3 Server Far off Code Execution Vulnerability
Necessary
Home windows Job Scheduler
CVE-2024-49039
Home windows Job Scheduler Elevation of Privilege Vulnerability
Necessary
Home windows Telephony Provider
CVE-2024-43628
Home windows Telephony Provider Far off Code Execution Vulnerability
Necessary
Home windows Telephony Provider
CVE-2024-43621
Home windows Telephony Provider Far off Code Execution Vulnerability
Necessary
Home windows Telephony Provider
CVE-2024-43620
Home windows Telephony Provider Far off Code Execution Vulnerability
Necessary
Home windows Telephony Provider
CVE-2024-43627
Home windows Telephony Provider Far off Code Execution Vulnerability
Necessary
Home windows Telephony Provider
CVE-2024-43635
Home windows Telephony Provider Far off Code Execution Vulnerability
Necessary
Home windows Telephony Provider
CVE-2024-43622
Home windows Telephony Provider Far off Code Execution Vulnerability
Necessary
Home windows Telephony Provider
CVE-2024-43626
Home windows Telephony Provider Elevation of Privilege Vulnerability
Necessary
Home windows Replace Stack
CVE-2024-43530
Home windows Replace Stack Elevation of Privilege Vulnerability
Necessary
Home windows USB Video Motive force
CVE-2024-43643
Home windows USB Video Magnificence Device Motive force Elevation of Privilege Vulnerability
Necessary
Home windows USB Video Motive force
CVE-2024-43449
Home windows USB Video Magnificence Device Motive force Elevation of Privilege Vulnerability
Necessary
Home windows USB Video Motive force
CVE-2024-43637
Home windows USB Video Magnificence Device Motive force Elevation of Privilege Vulnerability
Necessary
Home windows USB Video Motive force
CVE-2024-43634
Home windows USB Video Magnificence Device Motive force Elevation of Privilege Vulnerability
Necessary
Home windows USB Video Motive force
CVE-2024-43638
Home windows USB Video Magnificence Device Motive force Elevation of Privilege Vulnerability
Necessary
Home windows VMSwitch
CVE-2024-43625
Microsoft Home windows VMSwitch Elevation of Privilege Vulnerability
Important
Home windows Win32 Kernel Subsystem
CVE-2024-49046
Home windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Necessary
Replace 9/11/24: Up to date to give an explanation for that simplest 3 flaws have been actively exploited and why CVE-2024-43491 used to be marked as exploited.
