Microsoft have released a security advisory on the 13th of November 2024 in line with their regular monthly patch schedule which includes a number of updates to address vulnerabilities in ten (10) medium risk and one (1) low risk products.
These updates address vulnerabilities which may impact services through Denial of Service, Elevation of Privilege, Remote Code Execution, Security Restriction Bypass, Information Disclosure and Spoofing.
For more information please see: Microsoft Security Update
This release consists of security updates for the following products, features and roles:
- .NET and Visual Studio
- Airlift.microsoft.com
- Azure CycleCloud
- Azure Database for PostgreSQL
- LightGBM
- Microsoft Exchange Server
- Microsoft Graphics Component
- Microsoft Office Excel
- Microsoft Office Word
- Microsoft PC Manager
- Microsoft Virtual Hard Drive
- Microsoft Windows DNS
- Role: Windows Hyper-V
- SQL Server
- TorchGeo
- Visual Studio
- Visual Studio Code
- Windows Active Directory Certificate Services
- Windows CSC Service
- Windows Defender Application Control (WDAC)
- Windows DWM Core Library
- Windows Kerberos
- Windows Kernel
- Windows NT OS Kernel
- Windows NTLM
- Windows Package Library Manager
- Windows Registry
- Windows Secure Kernel Mode
- Windows SMB
- Windows SMBv3 Client/Server
- Windows Task Scheduler
- Windows Telephony Service
- Windows Update Stack
- Windows USB Video Driver
- Windows VMSwitch
- Windows Win32 Kernel Subsystem
CVE-2024-49039 is being exploited in the wild. This is a Windows Task Scheduler Elevation of Privilege Vulnerability and to exploit this vulnerability, an authenticated attacker would need to run a specially crafted application on the target system and exploit the vulnerability to elevate their privileges to a Medium Integrity Level.
CVE-2024-43451 is being exploited in the wild and is a NTLM Hash Disclosure Spoofing Vulnerability. To exploit the vulnerability, user interaction is required.
A Proof of Concept exploit code Is publicly available for CVE-2024-49040 . This is a Microsoft Exchange Server Spoofing Vulnerability.
Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.
support@matscosolutions.com
Beijing +86 400 120 2782
Hong Kong +852 8101 8418
London +44 (0)20 7821 4950
New York +1 866 446 9226
Singapore +65 6100 1090