Microsoft's December 2024 Patch Tuesday addresses 71 flaws, including 1 actively exploited zero-day and 16 critical remote code execution vulnerabilities.

Microsoft’s December 2024 Patch Tuesday has arrived, bringing with it a wave of security updates to address 71 vulnerabilities. Among these are fixes for one actively exploited zero-day vulnerability and a total of sixteen critical vulnerabilities, all of which are classified as remote code execution flaws.

Vulnerability Breakdown

The 71 vulnerabilities patched this month span various categories, including:

Elevation of Privilege Vulnerabilities: 27
Remote Code Execution Vulnerabilities: 30
Information Disclosure Vulnerabilities: 7
Denial of Service Vulnerabilities: 5
Spoofing Vulnerabilities: 1

This count excludes two Edge flaws addressed earlier in December.

Actively Exploited Zero-Day Vulnerability

Of particular concern was an actively exploited zero-day vulnerability, a flaw that is publicly disclosed or actively exploited before an official fix is available. This month’s Patch Tuesday addresses one such vulnerability:

CVE-2024-49138: Windows Common Log File System Driver Elevation of Privilege Vulnerability

This vulnerability allows attackers to gain SYSTEM privileges on Windows devices. While the specifics of its exploitation remain undisclosed, it’s worth noting that the flaw was discovered by the Advanced Research Team with CrowdStrike.

Recent Updates from Other Companies

Microsoft isn’t alone in its efforts to bolster security. Other vendors have also released updates and advisories this month, including:

Adobe: Security updates for various products, including Photoshop, Commerce, Illustrator, InDesign, After Effects, Bridge, and more.
CISA: Advisories on industrial control system vulnerabilities in MOBATIME, Schneider Electric, National Instruments, Horner Automation, Rockwell Automation, and Ruijie.
Cleo: Addressed an actively exploited zero-day in its security file transfer product, which was used in data theft attacks.
Cisco: Released security updates for multiple products, including Cisco NX-OS and Cisco ASA.
IO-Data: Patched zero-day router flaws that were exploited to take over devices.
0patch: Issued an unofficial patch for a Windows zero-day vulnerability that allowed attackers to capture NTLM credentials.
OpenWrt: Released security updates for a Sysupgrade flaw that allowed attackers to distribute malicious firmware images.
SAP: Released security updates for multiple products as part of its December Patch Day.
Veeam: Released security updates for a critical RCE bug in Service Provider Console.

About the author

View All Posts

Mahak Aggarwal

With a BA in Mass Communication from Symbiosis, Pune, and 5 years of experience, Mahak brings compelling tech stories to life. Her engaging style has won her the 'Rising Star in Tech Journalism' award at a recent media conclave. Her in-depth research and engaging writing style make her pieces both informative and captivating, providing readers with valuable insights.