Microsoft has released it’s Patch Tuesday December update, usually available on the second Tuesday of every month, with a bunch of security updates and patches.
Many of the patches are for vulnerabilities with at least a medium severity CVSS (Common Vulnerability Scoring System) score (most are over 6.0 on a scale of 1-10, 10 being most critical).
This also includes CVE-2024-49112, a LDAP (lightweight directory access protocol) service bug. It allowed an authenticated attackers to send a request to a vulnerable LDAP server to execute arbitrary malicious code.
One vulnerability with a high likelihood of exploitation, and which has been seen exploited in the wild, is the CLFS (Common Log File System) flaw (tagged CVE-2024-49088 and also affecting CVE-2024-49090). CLFS is a logging service for user and system operations, but the vulnerabilities allow a malicious user to manipulate the service or its validation. This allowed unauthenticated attackers to elevate privileges to that of an administrator.
There are many other patches, 73 total, including a republishing of one patching the Microsoft Edge V8 vulnerabiity. It allowed movement in memory from maliciously crafted HTML pages. The V8 JavasSript engine is what’s behind Chromium, which powers Edge.
Update Windows
Keep your Windows up to date and secure by updating on a regular schedule or setting up automatic updates. Learn more about managing updates or setting active hours for updates to finish installing when least likely in use.
Leave a Reply