2 Zero-Day Bugs in Microsoft’s Nov. Update Under Active Exploit

November 12, 2024 at 05:45PM Microsoft’s November security update addresses 89 vulnerabilities, including four zero-day bugs actively exploited by attackers. Among these, CVE-2024-43451 allows unauthorized access to NTLMv2 hashes, while CVE-2024-49039 enables privilege escalation. Microsoft also adopted the Common Security Advisory Framework (CSAF) to improve vulnerability disclosure. ### Meeting Takeaways: 1. **Vulnerability Update**: – Microsoft … Read more