What is included in Microsoft's final security update for 2024?

Microsoft's final security update for 2024 addresses 71 vulnerabilities across Windows, Office, and Edge products. This includes 30 Remote Code Execution Vulnerabilities, 27 Elevation of Privilege Vulnerabilities, 7 Information Disclosure Vulnerabilities, 5 Denial of Service Vulnerabilities, and 1 Spoofing Vulnerability.

What are the most critical vulnerabilities addressed in this update?

The most critical vulnerabilities include CVE-2024-49112 (CVSS 9.8) affecting Windows LDAP, CVE-2024-49117 (CVSS 8.8) affecting Windows Hyper-V, and multiple critical Remote Desktop Services vulnerabilities with CVSS scores of 8.1. Additionally, there's an actively exploited zero-day vulnerability (CVE-2024-49138) in the Windows Common Log File System Driver.

Which major Windows components are affected by these vulnerabilities?

The major affected components include Windows LDAP, Windows Remote Desktop Services, Windows Hyper-V, Microsoft Message Queuing, Windows LSASS, multiple Office products (SharePoint, Excel, and Word), Windows Mobile Broadband, and Windows Routing and Remote Access Service (RRAS).

What is the zero-day vulnerability discovered in this update?

CVE-2024-49138 is an actively exploited zero-day elevation of privilege vulnerability in the Windows Common Log File System Driver. It has a CVSS score of 7.8 and allows attackers to gain SYSTEM-level privileges through a heap-based buffer overflow.

How many Remote Desktop Services vulnerabilities were patched?

Nine critical Remote Desktop Services Remote Code Execution vulnerabilities were patched, all with CVSS scores of 8.1. These include CVE-2024-49106, CVE-2024-49108, CVE-2024-49115, CVE-2024-49116, CVE-2024-49119, CVE-2024-49120, CVE-2024-49123, CVE-2024-49128, and CVE-2024-49132.

Advisory

Microsoft December 2024 update addresses 71 flaws, 16 critical, 1 actively exploited

published: Dec. 10, 2024

Take action: Your first priority this month should be patching Windows OS - there is one actively exploited flaws and critical issues in RDP, LDAP. Then move to your Hyper-V systems to patch them. Then update the rest of the Microsoft products you are using.

Learn More

Microsoft has released its final security update for 2024, addressing 71 vulnerabilities across Windows, Office, and Edge products. The update addresses vulnerabilities across several categories:

30 Remote Code Execution Vulnerabilities
27 Elevation of Privilege Vulnerabilities
7 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities
1 Spoofing Vulnerability

Vulnerability summary

CVE-2024-49138 (CVSS score 7.8) - An actively exploited zero-day elevation of privilege vulnerability in the Windows Common Log File System Driver that allows attackers to gain SYSTEM-level privileges through a heap-based buffer overflow

Vulnerabilities tagged as critical by Microsoft:

CVE-2024-49124 (CVSS score 8.1) - Windows LDAP Client Remote Code Execution Vulnerability
CVE-2024-49126 (CVSS score 8.1) - Windows LSASS Remote Code Execution Vulnerability
CVE-2024-49112 (CVSS score 9.8) - Windows LDAP Remote Code Execution Vulnerability
CVE-2024-49127 (CVSS score 8.1) - Windows LDAP Remote Code Execution Vulnerability
CVE-2024-49117 (CVSS score 8.8) - Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-49118, CVE-2024-49122 (both CVSS score 8.1) - Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerabilities
Multiple Remote Desktop Services RCE Vulnerabilities:
- CVE-2024-49106 (CVSS score 8.1)
- CVE-2024-49108 (CVSS score 8.1)
- CVE-2024-49115 (CVSS score 8.1)
- CVE-2024-49116 (CVSS score 8.1)
- CVE-2024-49119 (CVSS score 8.1)
- CVE-2024-49120 (CVSS score 8.1)
- CVE-2024-49123 (CVSS score 8.1)
- CVE-2024-49128 (CVSS score 8.1)
- CVE-2024-49132 (CVSS score 8.1)

Major Components Affected by the flaws in this release:

Windows LDAP
Windows Remote Desktop Services
Windows Hyper-V
Microsoft Message Queuing
Windows LSASS
Multiple Office products including SharePoint, Excel, and Word
Windows Mobile Broadband
Windows Routing and Remote Access Service (RRAS)

Full table of patched flaws

Tag	CVE ID	CVE Title	Severity
GitHub	CVE-2024-49063	Microsoft/Muzic Remote Code Execution Vulnerability	Important
Microsoft Defender for Endpoint	CVE-2024-49057	Microsoft Defender for Endpoint on Android Spoofing Vulnerability	Important
Microsoft Edge (Chromium-based)	CVE-2024-12053	Chromium: CVE-2024-12053 Type Confusion in V8	Unknown
Microsoft Edge (Chromium-based)	CVE-2024-49041	Microsoft Edge (Chromium-based) Spoofing Vulnerability	Moderate
Microsoft Office	ADV240002	Microsoft Office Defense in Depth Update	Moderate
Microsoft Office	CVE-2024-49059	Microsoft Office Elevation of Privilege Vulnerability	Important
Microsoft Office	CVE-2024-43600	Microsoft Office Elevation of Privilege Vulnerability	Important
Microsoft Office Access	CVE-2024-49142	Microsoft Access Remote Code Execution Vulnerability	Important
Microsoft Office Excel	CVE-2024-49069	Microsoft Excel Remote Code Execution Vulnerability	Important
Microsoft Office Publisher	CVE-2024-49079	Input Method Editor (IME) Remote Code Execution Vulnerability	Important
Microsoft Office SharePoint	CVE-2024-49064	Microsoft SharePoint Information Disclosure Vulnerability	Important
Microsoft Office SharePoint	CVE-2024-49062	Microsoft SharePoint Information Disclosure Vulnerability	Important
Microsoft Office SharePoint	CVE-2024-49068	Microsoft SharePoint Elevation of Privilege Vulnerability	Important
Microsoft Office SharePoint	CVE-2024-49070	Microsoft SharePoint Remote Code Execution Vulnerability	Important
Microsoft Office Word	CVE-2024-49065	Microsoft Office Remote Code Execution Vulnerability	Important
Role: DNS Server	CVE-2024-49091	Windows Domain Name Service Remote Code Execution Vulnerability	Important
Role: Windows Hyper-V	CVE-2024-49117	Windows Hyper-V Remote Code Execution Vulnerability	Critical
System Center Operations Manager	CVE-2024-43594	System Center Operations Manager Elevation of Privilege Vulnerability	Important
Windows Cloud Files Mini Filter Driver	CVE-2024-49114	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	Important
Windows Common Log File System Driver	CVE-2024-49088	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Important
Windows Common Log File System Driver	CVE-2024-49138	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Important
Windows Common Log File System Driver	CVE-2024-49090	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Important
Windows File Explorer	CVE-2024-49082	Windows File Explorer Information Disclosure Vulnerability	Important
Windows IP Routing Management Snapin	CVE-2024-49080	Windows IP Routing Management Snapin Remote Code Execution Vulnerability	Important
Windows Kernel	CVE-2024-49084	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Kernel-Mode Drivers	CVE-2024-49074	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability	Important
Windows LDAP - Lightweight Directory Access Protocol	CVE-2024-49121	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability	Important
Windows LDAP - Lightweight Directory Access Protocol	CVE-2024-49124	Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability	Critical
Windows LDAP - Lightweight Directory Access Protocol	CVE-2024-49112	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability	Critical
Windows LDAP - Lightweight Directory Access Protocol	CVE-2024-49113	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability	Important
Windows LDAP - Lightweight Directory Access Protocol	CVE-2024-49127	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability	Critical
Windows Local Security Authority Subsystem Service (LSASS)	CVE-2024-49126	Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability	Critical
Windows Message Queuing	CVE-2024-49118	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	Critical
Windows Message Queuing	CVE-2024-49122	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	Critical
Windows Message Queuing	CVE-2024-49096	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability	Important
Windows Mobile Broadband	CVE-2024-49073	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability	Important
Windows Mobile Broadband	CVE-2024-49077	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability	Important
Windows Mobile Broadband	CVE-2024-49083	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability	Important
Windows Mobile Broadband	CVE-2024-49092	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability	Important
Windows Mobile Broadband	CVE-2024-49087	Windows Mobile Broadband Driver Information Disclosure Vulnerability	Important
Windows Mobile Broadband	CVE-2024-49110	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability	Important
Windows Mobile Broadband	CVE-2024-49078	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability	Important
Windows PrintWorkflowUserSvc	CVE-2024-49095	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability	Important
Windows PrintWorkflowUserSvc	CVE-2024-49097	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability	Important
Windows Remote Desktop	CVE-2024-49132	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49115	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49116	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49123	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49129	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability	Important
Windows Remote Desktop Services	CVE-2024-49075	Windows Remote Desktop Services Denial of Service Vulnerability	Important
Windows Remote Desktop Services	CVE-2024-49128	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49106	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49108	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49119	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Remote Desktop Services	CVE-2024-49120	Windows Remote Desktop Services Remote Code Execution Vulnerability	Critical
Windows Resilient File System (ReFS)	CVE-2024-49093	Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-49085	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-49086	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-49089	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-49125	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-49104	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Routing and Remote Access Service (RRAS)	CVE-2024-49102	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important
Windows Task Scheduler	CVE-2024-49072	Windows Task Scheduler Elevation of Privilege Vulnerability	Important
Windows Virtualization-Based Security (VBS) Enclave	CVE-2024-49076	Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49081	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49103	Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49111	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49109	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49101	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49094	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49098	Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability	Important
Windows Wireless Wide Area Network Service	CVE-2024-49099	Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability	Important
WmsRepair Service	CVE-2024-49107	WmsRepair Service Elevation of Privilege Vulnerability	Important

Microsoft December 2024 update addresses 71 flaws, 16 critical, 1 actively exploited

Read More
EncryptHub gang actively exploiting Microsoft Management Console vulnerability
Google patches actively exploited Chrome vulnerability
Apple patches actively exploited critical flaws in latest …
Microsoft releases June 2025 Patch, fixing actively exploited …
Microsoft releases massive July patch addressing 142 flaws, …