Lately is Microsoft’s November 2024 Patch Tuesday, which incorporates safety updates for 89 flaws, together with 4 zero-days, two of which can be actively exploited.
This Patch Tuesday fastened 4 vital vulnerabilities, which come with two far off code execution and two elevation of privileges flaws.
The choice of insects in every vulnerability class is indexed under:
- 26 Elevation of Privilege vulnerabilities
- 2 Safety Function Bypass vulnerabilities
- 52 Far off Code Execution vulnerabilities
- 1 Knowledge Disclosure vulnerability
- 4 Denial of Carrier vulnerabilities
- 3 Spoofing vulnerabilities
This rely does now not come with two Edge flaws that have been prior to now fastened on November seventh.
To be informed extra in regards to the non-security updates launched lately, you’ll overview our devoted articles at the new Home windows 11 KB5046617 and KB5046633 cumulative updates and the Home windows 10 KB5046613 replace.
4 zero-days disclosed
This month’s Patch Tuesday fixes 4 zero-days, two of which have been actively exploited in assaults, and 3 have been publicly disclosed.
Microsoft classifies a zero-day flaw as one this is publicly disclosed or actively exploited whilst no legit repair is to be had.
The 2 actively exploited zero-day vulnerabilities in lately’s updates are:
CVE-2024-43451 – NTLM Hash Disclosure Spoofing Vulnerability
Microsoft has fastened a vulnerability that exposes NTLM hashes to far off attackers with minimum interplay with a malicious document.
“This vulnerability discloses a person’s NTLMv2 hash to the attacker who may just use this to authenticate because the person,” defined Microsoft.
“Minimum interplay with a malicious document by way of a person comparable to settling on (single-click), examining (right-click), or appearing an motion rather than opening or executing may just cause this vulnerability,” endured Microsoft.
Microsoft says Israel Yeshurun of ClearSky Cyber Safety came upon this vulnerability and that it was once publicly disclosed, however didn’t percentage any longer main points.
CVE-2024-49039 – Home windows Job Scheduler Elevation of Privilege Vulnerability
A specifically crafted software might be completed that elevates privilege to Medium Integrity stage.
“On this case, a a hit assault might be carried out from a low privilege AppContainer. The attacker may just carry their privileges and execute code or get right of entry to assets at the next integrity stage than that of the AppContainer execution surroundings,” defined Microsoft.
Microsoft says that exploiting this vulnerability would permit attackers to execute RPC purposes which can be most often limited to privileged accounts.
The flaw was once came upon by way of Vlad Stolyarov and Bahare Sabouri of Google’s Danger Research Team.
It’s not recognized how the flaw was once exploited in assaults.
The opposite 3 vulnerabilities that have been publicly disclosed however now not exploited in assaults are:
CVE-2024-49040 – Microsoft Trade Server Spoofing Vulnerability
Microsoft has fastened a Microsoft Trade vulnerability that permits risk actors to spoof the sender’s e-mail deal with in emails to native recipients.
“Microsoft is conscious about a vulnerability (CVE-2024-49040) that permits attackers to run spoofing assaults in opposition to Microsoft Trade Server,” explains a comparable advisory by way of Microsoft.
“The vulnerability is brought about by way of the present implementation of the P2 FROM header verification, which occurs in shipping.”
Beginning with this month’s Microsoft Trade safety updates, Microsoft is now detecting and flagging spoofed emails with an alert prepended to the e-mail frame that states, “Understand: This e-mail seems to be suspicious. Don’t accept as true with the tips, hyperlinks, or attachments on this e-mail with out verifying the supply thru a depended on way.”
Microsoft says the flaw was once came upon by way of Slonser at Solidlab, who publicly disclosed the flaw on this article.
CVE-2024-49019 – Lively Listing Certificates Products and services Elevation of Privilege Vulnerability
Microsoft fastened a flaw that permits attackers to realize area administrator privileges by way of abusing integrated default model 1 certificates templates.
“Test in case you have printed any certificate created the use of a model 1 certificates template the place the Supply of matter title is ready to “Equipped within the request” and the Join permissions are granted to a broader set of accounts, comparable to area customers or area computer systems,” explains Microsoft.
“An instance is the integrated Internet Server template, however it’s not inclined by way of default because of its limited Join permissions.”
The flaw was once came upon by way of Lou Scicchitano, Scot Berner, and Justin Bollinger with TrustedSec, who disclosed the “EKUwu” vulnerability in October.
“The use of integrated default model 1 certificates templates, an attacker can craft a CSR to incorporate software insurance policies which can be most popular over the configured Prolonged Key Utilization attributes specified within the template,” reads TrustedSec’s file.
“The one requirement is enrollment rights, and it may be used to generate consumer authentication, certificates request agent, and codesigning certificate the use of the WebServer template.”
As defined above, CVE-2024-43451 was once additionally publicly disclosed.
Fresh updates from different corporations
Different distributors who launched updates or advisories in November 2024 come with:
- Adobe launched safety updates for a large number of packages, together with Photoshop, Illustrator, and Trade.
- Cisco releases safety updates for more than one merchandise, together with Cisco Telephones, Nexus Dashboard, Id Products and services Engine, and extra.
- Citrix releases safety updates for NetScaler ADC and NetScaler Gateway vulnerabilities. In addition they launched an replace for the Citrix Digital Apps and Desktops reported by way of Watchtowr.
- Dell releases safety updates for code execution and safety bypass flaws in SONiC OS.
- D-Hyperlink releases a safety replace for a vital DSL6740C flaw that permits amendment of account passwords.
- Google launched Chrome 131, which incorporates 12 safety fixes. No zero-days.
- Ivanti releases safety updates for twenty-five vulnerabilities in Ivanti Attach Safe (ICS), Ivanti Coverage Safe (IPS), Ivanti Safe Get admission to Consumer (ISAC).
- SAP releases safety updates for more than one merchandise as a part of November Patch Day.
- Schneider Electrical releases safety updates for flaws in Modicon M340, Momentum, and MC80 merchandise.
- Siemens launched a safety replace for a vital 10/10 flaw in TeleControl Server Fundamental tracked as CVE-2024-44102.
The November 2024 Patch Tuesday Safety Updates
Under is the entire listing of resolved vulnerabilities within the November 2024 Patch Tuesday updates.
To get right of entry to the whole description of every vulnerability and the techniques it impacts, you’ll view the complete file right here.
| Tag | CVE ID | CVE Identify | Severity |
|---|---|---|---|
| .NET and Visible Studio | CVE-2024-43499 | .NET and Visible Studio Denial of Carrier Vulnerability | Necessary |
| .NET and Visible Studio | CVE-2024-43498 | .NET and Visible Studio Far off Code Execution Vulnerability | Vital |
| Airlift.microsoft.com | CVE-2024-49056 | Airlift.microsoft.com Elevation of Privilege Vulnerability | Vital |
| Azure CycleCloud | CVE-2024-43602 | Azure CycleCloud Far off Code Execution Vulnerability | Necessary |
| LightGBM | CVE-2024-43598 | LightGBM Far off Code Execution Vulnerability | Necessary |
| Microsoft Defender for Endpoint | CVE-2024-5535 | OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overread | Necessary |
| Microsoft Edge (Chromium-based) | CVE-2024-10826 | Chromium: CVE-2024-10826 Use after loose in Circle of relatives Stories | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2024-10827 | Chromium: CVE-2024-10827 Use after loose in Serial | Unknown |
| Microsoft Trade Server | CVE-2024-49040 | Microsoft Trade Server Spoofing Vulnerability | Necessary |
| Microsoft Graphics Element | CVE-2024-49031 | Microsoft Workplace Graphics Far off Code Execution Vulnerability | Necessary |
| Microsoft Graphics Element | CVE-2024-49032 | Microsoft Workplace Graphics Far off Code Execution Vulnerability | Necessary |
| Microsoft Workplace Excel | CVE-2024-49029 | Microsoft Excel Far off Code Execution Vulnerability | Necessary |
| Microsoft Workplace Excel | CVE-2024-49026 | Microsoft Excel Far off Code Execution Vulnerability | Necessary |
| Microsoft Workplace Excel | CVE-2024-49027 | Microsoft Excel Far off Code Execution Vulnerability | Necessary |
| Microsoft Workplace Excel | CVE-2024-49028 | Microsoft Excel Far off Code Execution Vulnerability | Necessary |
| Microsoft Workplace Excel | CVE-2024-49030 | Microsoft Excel Far off Code Execution Vulnerability | Necessary |
| Microsoft Workplace SharePoint | ADV240001 | Microsoft SharePoint Server Protection in Intensity Replace | None |
| Microsoft Workplace Phrase | CVE-2024-49033 | Microsoft Phrase Safety Function Bypass Vulnerability | Necessary |
| Microsoft PC Supervisor | CVE-2024-49051 | Microsoft PC Supervisor Elevation of Privilege Vulnerability | Necessary |
| Microsoft Digital Arduous Power | CVE-2024-38264 | Microsoft Digital Arduous Disk (VHDX) Denial of Carrier Vulnerability | Necessary |
| Microsoft Home windows DNS | CVE-2024-43450 | Home windows DNS Spoofing Vulnerability | Necessary |
| Position: Home windows Lively Listing Certificates Products and services | CVE-2024-49019 | Lively Listing Certificates Products and services Elevation of Privilege Vulnerability | Necessary |
| Position: Home windows Hyper-V | CVE-2024-43633 | Home windows Hyper-V Denial of Carrier Vulnerability | Necessary |
| Position: Home windows Hyper-V | CVE-2024-43624 | Home windows Hyper-V Shared Digital Disk Elevation of Privilege Vulnerability | Necessary |
| SQL Server | CVE-2024-48998 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-48997 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-48993 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49001 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49000 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-48999 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49043 | Microsoft.SqlServer.XEvent.Configuration.dll Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-43462 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-48995 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-48994 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-38255 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-48996 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-43459 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49002 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49013 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49014 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49011 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49012 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49015 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49018 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49021 | Microsoft SQL Server Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49016 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49017 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49010 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49005 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49007 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49003 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49004 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49006 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49009 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| SQL Server | CVE-2024-49008 | SQL Server Local Consumer Far off Code Execution Vulnerability | Necessary |
| TorchGeo | CVE-2024-49048 | TorchGeo Far off Code Execution Vulnerability | Necessary |
| Visible Studio | CVE-2024-49044 | Visible Studio Elevation of Privilege Vulnerability | Necessary |
| Visible Studio Code | CVE-2024-49050 | Visible Studio Code Python Extension Far off Code Execution Vulnerability | Necessary |
| Visible Studio Code | CVE-2024-49049 | Visible Studio Code Far off Extension Elevation of Privilege Vulnerability | Average |
| Home windows CSC Carrier | CVE-2024-43644 | Home windows Consumer-Aspect Caching Elevation of Privilege Vulnerability | Necessary |
| Home windows Defender Utility Keep watch over (WDAC) | CVE-2024-43645 | Home windows Defender Utility Keep watch over (WDAC) Safety Function Bypass Vulnerability | Necessary |
| Home windows DWM Core Library | CVE-2024-43636 | Win32k Elevation of Privilege Vulnerability | Necessary |
| Home windows DWM Core Library | CVE-2024-43629 | Home windows DWM Core Library Elevation of Privilege Vulnerability | Necessary |
| Home windows Kerberos | CVE-2024-43639 | Home windows Kerberos Far off Code Execution Vulnerability | Vital |
| Home windows Kernel | CVE-2024-43630 | Home windows Kernel Elevation of Privilege Vulnerability | Necessary |
| Home windows NT OS Kernel | CVE-2024-43623 | Home windows NT OS Kernel Elevation of Privilege Vulnerability | Necessary |
| Home windows NTLM | CVE-2024-43451 | NTLM Hash Disclosure Spoofing Vulnerability | Necessary |
| Home windows Package deal Library Supervisor | CVE-2024-38203 | Home windows Package deal Library Supervisor Knowledge Disclosure Vulnerability | Necessary |
| Home windows Registry | CVE-2024-43641 | Home windows Registry Elevation of Privilege Vulnerability | Necessary |
| Home windows Registry | CVE-2024-43452 | Home windows Registry Elevation of Privilege Vulnerability | Necessary |
| Home windows Safe Kernel Mode | CVE-2024-43631 | Home windows Safe Kernel Mode Elevation of Privilege Vulnerability | Necessary |
| Home windows Safe Kernel Mode | CVE-2024-43646 | Home windows Safe Kernel Mode Elevation of Privilege Vulnerability | Necessary |
| Home windows Safe Kernel Mode | CVE-2024-43640 | Home windows Kernel-Mode Motive force Elevation of Privilege Vulnerability | Necessary |
| Home windows SMB | CVE-2024-43642 | Home windows SMB Denial of Carrier Vulnerability | Necessary |
| Home windows SMBv3 Consumer/Server | CVE-2024-43447 | Home windows SMBv3 Server Far off Code Execution Vulnerability | Necessary |
| Home windows Job Scheduler | CVE-2024-49039 | Home windows Job Scheduler Elevation of Privilege Vulnerability | Necessary |
| Home windows Telephony Carrier | CVE-2024-43628 | Home windows Telephony Carrier Far off Code Execution Vulnerability | Necessary |
| Home windows Telephony Carrier | CVE-2024-43621 | Home windows Telephony Carrier Far off Code Execution Vulnerability | Necessary |
| Home windows Telephony Carrier | CVE-2024-43620 | Home windows Telephony Carrier Far off Code Execution Vulnerability | Necessary |
| Home windows Telephony Carrier | CVE-2024-43627 | Home windows Telephony Carrier Far off Code Execution Vulnerability | Necessary |
| Home windows Telephony Carrier | CVE-2024-43635 | Home windows Telephony Carrier Far off Code Execution Vulnerability | Necessary |
| Home windows Telephony Carrier | CVE-2024-43622 | Home windows Telephony Carrier Far off Code Execution Vulnerability | Necessary |
| Home windows Telephony Carrier | CVE-2024-43626 | Home windows Telephony Carrier Elevation of Privilege Vulnerability | Necessary |
| Home windows Replace Stack | CVE-2024-43530 | Home windows Replace Stack Elevation of Privilege Vulnerability | Necessary |
| Home windows USB Video Motive force | CVE-2024-43643 | Home windows USB Video Magnificence Machine Motive force Elevation of Privilege Vulnerability | Necessary |
| Home windows USB Video Motive force | CVE-2024-43449 | Home windows USB Video Magnificence Machine Motive force Elevation of Privilege Vulnerability | Necessary |
| Home windows USB Video Motive force | CVE-2024-43637 | Home windows USB Video Magnificence Machine Motive force Elevation of Privilege Vulnerability | Necessary |
| Home windows USB Video Motive force | CVE-2024-43634 | Home windows USB Video Magnificence Machine Motive force Elevation of Privilege Vulnerability | Necessary |
| Home windows USB Video Motive force | CVE-2024-43638 | Home windows USB Video Magnificence Machine Motive force Elevation of Privilege Vulnerability | Necessary |
| Home windows VMSwitch | CVE-2024-43625 | Microsoft Home windows VMSwitch Elevation of Privilege Vulnerability | Vital |
| Home windows Win32 Kernel Subsystem | CVE-2024-49046 | Home windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Necessary |
Replace 11/13/24: Modified choice of flaws to 89 as we prior to now integrated Edge flaws fastened on November 7.