Lately is Microsoft’s October 2024 Patch Tuesday, which incorporates safety updates for 118 flaws, together with 5 publicly disclosed zero-days, two of which might be actively exploited.
This Patch Tuesday mounted 3 crucial vulnerabilities, all faraway code execution flaws.
The selection of insects in every vulnerability class is indexed underneath:
28 Elevation of Privilege vulnerabilities
7 Safety Function Bypass vulnerabilities
43 Faraway Code Execution vulnerabilities
6 Knowledge Disclosure vulnerabilities
26 Denial of Provider vulnerabilities
7 Spoofing vulnerabilities
This depend does no longer come with 3 Edge flaws that had been in the past mounted on October third.
To be told extra concerning the non-security updates launched these days, you’ll be able to evaluation our devoted articles at the new Home windows 11 KB5044284 and KB5044285 cumulative updates and the Home windows 10 KB5044273 replace.
4 zero-days disclosed
This month’s Patch Tuesday fixes 5 zero-days, two of which have been actively exploited in assaults, and all 5 had been publicly disclosed.
Microsoft classifies a zero-day flaw as one this is publicly disclosed or actively exploited whilst no professional repair is to be had.
The 2 actively exploited zero-day vulnerabilities in these days’s updates are:
CVE-2024-43573 – Home windows MSHTML Platform Spoofing Vulnerability
Whilst Microsoft has no longer shared any detailed details about this trojan horse or how it is exploited, they did state it concerned the MSHTML platform, in the past utilized by Web Explorer and Legacy Microsoft Edge, whose elements are nonetheless put in in Home windows.
“Whilst Microsoft has introduced retirement of the Web Explorer 11 utility on sure platforms and the Microsoft Edge Legacy utility is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are nonetheless supported,” defined Microsoft.
“The MSHTML platform is utilized by Web Explorer mode in Microsoft Edge in addition to different packages thru WebBrowser keep watch over. The EdgeHTML platform is utilized by WebView and a few UWP packages. The scripting platforms are utilized by MSHTML and EdgeHTML however may also be utilized by different legacy packages.”
Whilst no longer showed, this can be a bypass of a prior vulnerability that abused MSHTML to spoof document extensions in indicators displayed when opening information. A identical MSHTML spoofing flaw used to be disclosed ultimate month when assaults applied Braille characters in filenames to spoof PDF information.
Microsoft has no longer shared who disclosed the vulnerability.
CVE-2024-43572 – Microsoft Control Console Faraway Code Execution Vulnerability
This flaw allowed malicious Microsoft Stored Console (MSC) information to accomplish faraway code execution on susceptible gadgets.
Microsoft mounted the flaw via combating untrusted MSC information from being opened.
“The protection replace will save you untrusted Microsoft Stored Console (MSC) information from being opened to offer protection to consumers in opposition to the dangers related to this vulnerability,” defined Microsoft.
It’s unknown how this flaw used to be actively exploited in assaults.
Microsoft says the trojan horse used to be disclosed via “Andres and Shady”.
Microsoft says that either one of those had been additionally publicly disclosed.
The opposite 3 vulnerabilities that had been publicly disclosed however no longer exploited in assaults are:
CVE-2024-6197 – Open Supply Curl Faraway Code Execution Vulnerability
Microsoft mounted a libcurl faraway code execution flaw that might motive instructions to be completed when Curl makes an attempt to connect with a malicious server.
“The susceptible code trail may also be caused via a malicious server providing a particularly crafted TLS certificates,” explains a Curl safety advisory.
Microsoft mounted the flaw via updating the libcurl library utilized by the Curl executable bundled with Home windows.
The flaw used to be came upon via a safety researcher named “z2_,” who shared technical main points in a HackerOne document.
CVE-2024-20659 – Home windows Hyper-V Safety Function Bypass Vulnerability
Microsoft mounted a UEFI bypass that might permit attackers to compromised the hypervisor and kernel.
“This Hypervisor vulnerability pertains to Digital Machines inside a Unified Extensible Firmware Interface (UEFI) host device,” explains Microsoft.
“On some particular {hardware} it may well be imaginable to avoid the UEFI, which might result in the compromise of the hypervisor and the safe kernel.”
Microsoft says that an attacker wishes bodily get right of entry to to the instrument and will have to reboot it to take advantage of the flaw.
The flaw used to be came upon via Francisco Falcón and Iván Arce of Quarkslab however it isn’t recognized the place it used to be publicly disclosed.
CVE-2024-43583 – Winlogon Elevation of Privilege Vulnerability
Microsoft mounted an elevation of privileges flaw that might give attackers SYSTEM privileges in Home windows.
To be safe from this flaw, Microsoft says that admins will have to take further movements.
“To handle this vulnerability, make sure that a Microsoft first-party IME is enabled in your instrument,” explains Microsoft.
“By way of doing so, you’ll be able to assist offer protection to your instrument from doable vulnerabilities related to a third-party (3P) IME all over the check in procedure.”
Microsoft says wh1tc & Zhiniang Peng of pwnull came upon the failings.
Contemporary updates from different corporations
Different distributors who launched updates or advisories in October 2024 come with:
The October 2024 Patch Tuesday Safety Updates
Beneath is the entire checklist of resolved vulnerabilities within the October 2024 Patch Tuesday updates.
To get right of entry to the whole description of every vulnerability and the methods it impacts, you’ll be able to view the complete document right here.
Tag
CVE ID
CVE Identify
Severity
.NET and Visible Studio
CVE-2024-38229
.NET and Visible Studio Faraway Code Execution Vulnerability
Essential
.NET and Visible Studio
CVE-2024-43485
.NET and Visible Studio Denial of Provider Vulnerability
Essential
.NET, .NET Framework, Visible Studio
CVE-2024-43484
.NET, .NET Framework, and Visible Studio Denial of Provider Vulnerability
Essential
.NET, .NET Framework, Visible Studio
CVE-2024-43483
.NET, .NET Framework, and Visible Studio Denial of Provider Vulnerability
Essential
Azure CLI
CVE-2024-43591
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
Essential
Azure Track
CVE-2024-38097
Azure Track Agent Elevation of Privilege Vulnerability
Essential
Azure Stack
CVE-2024-38179
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
Essential
BranchCache
CVE-2024-43506
BranchCache Denial of Provider Vulnerability
Essential
BranchCache
CVE-2024-38149
BranchCache Denial of Provider Vulnerability
Essential
Code Integrity Guard
CVE-2024-43585
Code Integrity Guard Safety Function Bypass Vulnerability
Essential
DeepSpeed
CVE-2024-43497
DeepSpeed Faraway Code Execution Vulnerability
Essential
Web Small Pc Methods Interface (iSCSI)
CVE-2024-43515
Web Small Pc Methods Interface (iSCSI) Denial of Provider Vulnerability
Essential
Microsoft ActiveX
CVE-2024-43517
Microsoft ActiveX Knowledge Gadgets Faraway Code Execution Vulnerability
Essential
Microsoft Configuration Supervisor
CVE-2024-43468
Microsoft Configuration Supervisor Faraway Code Execution Vulnerability
Essential
Microsoft Defender for Endpoint
CVE-2024-43614
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
Essential
Microsoft Edge (Chromium-based)
CVE-2024-9369
Chromium: CVE-2024-9369 Inadequate knowledge validation in Mojo
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-9370
Chromium: CVE-2024-9370 Beside the point implementation in V8
Unknown
Microsoft Edge (Chromium-based)
CVE-2024-7025
Chromium: CVE-2024-7025 Integer overflow in Format
Unknown
Microsoft Graphics Part
CVE-2024-43534
Home windows Graphics Part Knowledge Disclosure Vulnerability
Essential
Microsoft Graphics Part
CVE-2024-43508
Home windows Graphics Part Knowledge Disclosure Vulnerability
Essential
Microsoft Graphics Part
CVE-2024-43556
Home windows Graphics Part Elevation of Privilege Vulnerability
Essential
Microsoft Graphics Part
CVE-2024-43509
Home windows Graphics Part Elevation of Privilege Vulnerability
Essential
Microsoft Control Console
CVE-2024-43572
Microsoft Control Console Faraway Code Execution Vulnerability
Essential
Microsoft Administrative center
CVE-2024-43616
Microsoft Administrative center Faraway Code Execution Vulnerability
Essential
Microsoft Administrative center
CVE-2024-43576
Microsoft Administrative center Faraway Code Execution Vulnerability
Essential
Microsoft Administrative center
CVE-2024-43609
Microsoft Administrative center Spoofing Vulnerability
Essential
Microsoft Administrative center Excel
CVE-2024-43504
Microsoft Excel Faraway Code Execution Vulnerability
Essential
Microsoft Administrative center SharePoint
CVE-2024-43503
Microsoft SharePoint Elevation of Privilege Vulnerability
Essential
Microsoft Administrative center Visio
CVE-2024-43505
Microsoft Administrative center Visio Faraway Code Execution Vulnerability
Essential
Microsoft Easy Certificates Enrollment Protocol
CVE-2024-43544
Microsoft Easy Certificates Enrollment Protocol Denial of Provider Vulnerability
Essential
Microsoft Easy Certificates Enrollment Protocol
CVE-2024-43541
Microsoft Easy Certificates Enrollment Protocol Denial of Provider Vulnerability
Essential
Microsoft WDAC OLE DB supplier for SQL
CVE-2024-43519
Microsoft WDAC OLE DB supplier for SQL Server Faraway Code Execution Vulnerability
Essential
Microsoft Home windows Speech
CVE-2024-43574
Microsoft Speech Utility Programming Interface (SAPI) Faraway Code Execution Vulnerability
Essential
OpenSSH for Home windows
CVE-2024-43615
Microsoft OpenSSH for Home windows Faraway Code Execution Vulnerability
Essential
OpenSSH for Home windows
CVE-2024-43581
Microsoft OpenSSH for Home windows Faraway Code Execution Vulnerability
Essential
OpenSSH for Home windows
CVE-2024-38029
Microsoft OpenSSH for Home windows Faraway Code Execution Vulnerability
Essential
Outlook for Android
CVE-2024-43604
Outlook for Android Elevation of Privilege Vulnerability
Essential
Energy BI
CVE-2024-43612
Energy BI Document Server Spoofing Vulnerability
Essential
Energy BI
CVE-2024-43481
Energy BI Document Server Spoofing Vulnerability
Essential
Faraway Desktop Shopper
CVE-2024-43533
Faraway Desktop Shopper Faraway Code Execution Vulnerability
Essential
Faraway Desktop Shopper
CVE-2024-43599
Faraway Desktop Shopper Faraway Code Execution Vulnerability
Essential
Position: Home windows Hyper-V
CVE-2024-43521
Home windows Hyper-V Denial of Provider Vulnerability
Essential
Position: Home windows Hyper-V
CVE-2024-20659
Home windows Hyper-V Safety Function Bypass Vulnerability
Essential
Position: Home windows Hyper-V
CVE-2024-43567
Home windows Hyper-V Denial of Provider Vulnerability
Essential
Position: Home windows Hyper-V
CVE-2024-43575
Home windows Hyper-V Denial of Provider Vulnerability
Essential
RPC Endpoint Mapper Provider
CVE-2024-43532
Faraway Registry Provider Elevation of Privilege Vulnerability
Essential
Provider Material
CVE-2024-43480
Azure Provider Material for Linux Faraway Code Execution Vulnerability
Essential
Sudo for Home windows
CVE-2024-43571
Sudo for Home windows Spoofing Vulnerability
Essential
Visible C++ Redistributable Installer
CVE-2024-43590
Visible C++ Redistributable Installer Elevation of Privilege Vulnerability
Essential
Visible Studio
CVE-2024-43603
Visible Studio Collector Provider Denial of Provider Vulnerability
Essential
Visible Studio Code
CVE-2024-43488
Visible Studio Code extension for Arduino Faraway Code Execution Vulnerability
Essential
Visible Studio Code
CVE-2024-43601
Visible Studio Code for Linux Faraway Code Execution Vulnerability
Essential
Home windows Ancillary Serve as Driving force for WinSock
CVE-2024-43563
Home windows Ancillary Serve as Driving force for WinSock Elevation of Privilege Vulnerability
Essential
Home windows BitLocker
CVE-2024-43513
BitLocker Safety Function Bypass Vulnerability
Essential
Home windows Not unusual Log Record Machine Driving force
CVE-2024-43501
Home windows Not unusual Log Record Machine Driving force Elevation of Privilege Vulnerability
Essential
Home windows Cryptographic Products and services
CVE-2024-43546
Home windows Cryptographic Knowledge Disclosure Vulnerability
Essential
Home windows cURL Implementation
CVE-2024-6197
Open Supply Curl Faraway Code Execution Vulnerability
Essential
Home windows EFI Partition
CVE-2024-37982
Home windows Resume Extensible Firmware Interface Safety Function Bypass Vulnerability
Essential
Home windows EFI Partition
CVE-2024-37976
Home windows Resume Extensible Firmware Interface Safety Function Bypass Vulnerability
Essential
Home windows EFI Partition
CVE-2024-37983
Home windows Resume Extensible Firmware Interface Safety Function Bypass Vulnerability
Essential
Home windows Hyper-V
CVE-2024-30092
Home windows Hyper-V Faraway Code Execution Vulnerability
Essential
Home windows Kerberos
CVE-2024-43547
Home windows Kerberos Knowledge Disclosure Vulnerability
Essential
Home windows Kerberos
CVE-2024-38129
Home windows Kerberos Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-43502
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-43511
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-43520
Home windows Kernel Denial of Provider Vulnerability
Essential
Home windows Kernel
CVE-2024-43527
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-43570
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel
CVE-2024-37979
Home windows Kernel Elevation of Privilege Vulnerability
Essential
Home windows Kernel-Mode Drivers
CVE-2024-43554
Home windows Kernel-Mode Driving force Knowledge Disclosure Vulnerability
Essential
Home windows Kernel-Mode Drivers
CVE-2024-43535
Home windows Kernel-Mode Driving force Elevation of Privilege Vulnerability
Essential
Home windows Native Safety Authority (LSA)
CVE-2024-43522
Home windows Native Safety Authority (LSA) Elevation of Privilege Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43555
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43540
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43536
Home windows Cell Broadband Driving force Faraway Code Execution Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43538
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43525
Home windows Cell Broadband Driving force Faraway Code Execution Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43559
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43561
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43558
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43542
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43557
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43526
Home windows Cell Broadband Driving force Faraway Code Execution Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43543
Home windows Cell Broadband Driving force Faraway Code Execution Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43523
Home windows Cell Broadband Driving force Faraway Code Execution Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43524
Home windows Cell Broadband Driving force Faraway Code Execution Vulnerability
Essential
Home windows Cell Broadband
CVE-2024-43537
Home windows Cell Broadband Driving force Denial of Provider Vulnerability
Essential
Home windows MSHTML Platform
CVE-2024-43573
Home windows MSHTML Platform Spoofing Vulnerability
Reasonable
Home windows Netlogon
CVE-2024-38124
Home windows Netlogon Elevation of Privilege Vulnerability
Essential
Home windows Community Cope with Translation (NAT)
CVE-2024-43562
Home windows Community Cope with Translation (NAT) Denial of Provider Vulnerability
Essential
Home windows Community Cope with Translation (NAT)
CVE-2024-43565
Home windows Community Cope with Translation (NAT) Denial of Provider Vulnerability
Essential
Home windows NT OS Kernel
CVE-2024-43553
NT OS Kernel Elevation of Privilege Vulnerability
Essential
Home windows NTFS
CVE-2024-43514
Home windows Resilient Record Machine (ReFS) Elevation of Privilege Vulnerability
Essential
Home windows On-line Certificates Standing Protocol (OCSP)
CVE-2024-43545
Home windows On-line Certificates Standing Protocol (OCSP) Server Denial of Provider Vulnerability
Essential
Home windows Print Spooler Elements
CVE-2024-43529
Home windows Print Spooler Elevation of Privilege Vulnerability
Essential
Home windows Faraway Desktop
CVE-2024-43582
Faraway Desktop Protocol Server Faraway Code Execution Vulnerability
Essential
Home windows Faraway Desktop Licensing Provider
CVE-2024-38262
Home windows Faraway Desktop Licensing Provider Faraway Code Execution Vulnerability
Essential
Home windows Faraway Desktop Products and services
CVE-2024-43456
Home windows Faraway Desktop Products and services Tampering Vulnerability
Essential
Home windows Resilient Record Machine (ReFS)
CVE-2024-43500
Home windows Resilient Record Machine (ReFS) Knowledge Disclosure Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43592
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43589
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-38212
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43593
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-38261
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43611
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43453
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-38265
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43607
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43549
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43608
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Routing and Faraway Get entry to Provider (RRAS)
CVE-2024-43564
Home windows Routing and Faraway Get entry to Provider (RRAS) Faraway Code Execution Vulnerability
Essential
Home windows Scripting
CVE-2024-43584
Home windows Scripting Engine Safety Function Bypass Vulnerability
Essential
Home windows Safe Channel
CVE-2024-43550
Home windows Safe Channel Spoofing Vulnerability
Essential
Home windows Safe Kernel Mode
CVE-2024-43516
Home windows Safe Kernel Mode Elevation of Privilege Vulnerability
Essential
Home windows Safe Kernel Mode
CVE-2024-43528
Home windows Safe Kernel Mode Elevation of Privilege Vulnerability
Essential
Home windows Shell
CVE-2024-43552
Home windows Shell Faraway Code Execution Vulnerability
Essential
Home windows Requirements-Based totally Garage Control Provider
CVE-2024-43512
Home windows Requirements-Based totally Garage Control Provider Denial of Provider Vulnerability
Essential
Home windows Garage
CVE-2024-43551
Home windows Garage Elevation of Privilege Vulnerability
Essential
Home windows Garage Port Driving force
CVE-2024-43560
Microsoft Home windows Garage Port Driving force Elevation of Privilege Vulnerability
Essential
Home windows Telephony Server
CVE-2024-43518
Home windows Telephony Server Faraway Code Execution Vulnerability
Essential
Winlogon
CVE-2024-43583
Winlogon Elevation of Privilege Vulnerability
Essential
Replace 9/11/24: Up to date to provide an explanation for that best 3 flaws had been actively exploited and why CVE-2024-43491 used to be marked as exploited.