November 12, 2024 at 02:04PM
Microsoft’s November 2024 Patch Tuesday addresses 91 vulnerabilities, including four critical flaws and two actively exploited zero-days. Notable vulnerabilities include NTLM Hash Disclosure and Windows Task Scheduler issues. The update also highlights fixes for other major products and features from various vendors, ensuring enhanced security across systems.
### Meeting Takeaways – Microsoft November 2024 Patch Tuesday
**Date:** November 2024
**Key Highlights:**
– Microsoft released security updates addressing **91 vulnerabilities**, including **four zero-day vulnerabilities**, two of which are **actively exploited**.
– There are **four critical vulnerabilities** detected: two for **Remote Code Execution** (RCE) and two for **Elevation of Privileges** (EoP).
**Vulnerability Breakdown:**
– **Total Vulnerabilities:** 91
– **26**: Elevation of Privilege
– **2**: Security Feature Bypass
– **52**: Remote Code Execution
– **1**: Information Disclosure
– **4**: Denial of Service
– **3**: Spoofing
**Zero-Day Vulnerabilities:**
1. **CVE-2024-43451** – NTLM Hash Disclosure Spoofing Vulnerability
– Exposes NTLM hashes to remote attackers through minimal user interaction.
2. **CVE-2024-49039** – Windows Task Scheduler Elevation of Privilege Vulnerability
– Allows an attacker to elevate privileges from a low privilege AppContainer.
**Publicly Disclosed but Not Exploited:**
1. **CVE-2024-49040** – Microsoft Exchange Server Spoofing Vulnerability
– Exploits sender’s email address spoofing.
2. **CVE-2024-49019** – Active Directory Certificate Services Elevation of Privilege Vulnerability
– Attackers gain domain admin privileges via certificate templates.
**Recent Updates from Other Companies:**
– **Adobe**: Security updates for various applications.
– **Cisco**: Updates for multiple products.
– **Citrix**: Security updates for NetScaler ADC and Gateway.
– **Dell**: Updates for SONiC OS vulnerabilities.
– **D-Link**: Critical updates for DSL6740C flaw.
– **Ivanti**: Updates for 25 vulnerabilities in ICS, IPS, and ISAC.
– **SAP**: Security updates for several products.
– **Schneider Electric**: Updates for multiple product vulnerabilities.
– **Siemens**: Critical update for TeleControl Server Basic tracked as CVE-2024-44102.
**Actions Suggested:**
– Review and apply the security updates released today.
– Monitor for updates and alerts regarding vulnerabilities from other vendors.
– Educate users on the identified vulnerabilities, especially regarding phishing techniques exploiting email spoofing risks.
For a detailed list of resolved vulnerabilities and affected systems, refer to the full report.