Microsoft Fixes Zero-Day, Critical RCEs in Patch Tuesday

Microsoft’s December 2024 Patch Tuesday security update is not bringing much cheer to security admins, as it includes a whopping 71 patches to address various vulnerabilities across Windows, Office, SharePoint Server, Hyper-V, Defender for Endpoint, and System Center Operations Manager.

This month’s release brings the total number of patches for the year to 1,020, making it the second busiest year for fixes after 2020. Out of the 71 patches, 16 are rated as critical.

Windows CLFS Zero-Day Allows Privilege Escalation

The highlight of this security update is the zero-day vulnerability tracked as CVE-2024-49138 (CVSS 7.8) in the Windows Common Log File System (CLFS) Driver, which is actively being exploited.

The potential impact of this bug is significant, as it could lead to SYSTEM-level privileges on Windows Server, making it a serious threat when combined with a remote code execution (RCE) bug.

Related:Microsoft NTLM Zero-Day to Remain Unpatched Until April

Ransomware operators have shown interest in exploiting CLFS elevation-of-privilege flaws, highlighting the urgency for organizations to address this vulnerability.

Critical Remote-Code Execution Vulnerabilities in LDAP, Hyper-V, RDP

Another critical vulnerability to note is CVE-2024-49112 (CVSS 9.8), an unauthenticated remote code execution issue in the Windows Lightweight Directory Access Protocol (LDAP), which could compromise Domain Controllers.

Related:Microsoft Expands Access to Windows Recall AI Feature

The security update also addresses critical RCE vulnerabilities in Windows Hyper-V and Remote Desktop Services, emphasizing the importance of prompt patching to mitigate these risks.

Related:Open Source Security Priorities Get a Reshuffle

Other December 2024 Security Vulnerabilities to Patch Now

In addition to the critical vulnerabilities, security experts have highlighted other bugs that require immediate attention, including an elevation-of-privilege vulnerability in the Windows Resilient File System (ReFS) and a remote code execution vulnerability in Musik, an AI-generated music project.