In a significant move to bolster cybersecurity, Microsoft has addressed a total of 71 vulnerabilities in its December Patch Tuesday update, including a critical zero-day flaw that is already being exploited in the wild. This update underscores the ongoing commitment of the tech giant to protect its users from emerging threats.
Windows Security Flaws Patched
The majority of the vulnerabilities—59 in total—affect various versions of Windows, including Windows 10, Windows 11, and Windows Server. While Microsoft has ceased reporting on Windows 7 and 8.1, users of these older systems should be aware that they may still be at risk. Transitioning to Windows 10 version 22H2 or Windows 11 version 23H2 is advisable for continued security updates, although users might consider postponing the Windows 11 24H2 update until its initial issues are resolved.
Windows Under Attack in the Wild
Among the vulnerabilities, CVE-2024-49138 stands out as a high-risk buffer overflow issue affecting the shared protocol file system driver. This flaw allows attackers to gain system authorization through privilege escalation. When combined with a Remote Code Execution (RCE) vulnerability, it could enable full control over the affected Windows system, a scenario often seen in ransomware attacks that are increasingly prevalent.
Tip: To safeguard your system, it is essential to keep your operating system updated and utilize reputable antivirus and VPN software. Explore our recommendations for the best Windows antivirus solutions and VPN services.
Other Critical Windows Security Flaws
Microsoft has classified 16 RCE vulnerabilities as critical, with the Remote Desktop service accounting for nine of these. While there have been no known exploits in the wild for these vulnerabilities, administrators are urged not to overlook them. Noteworthy among these is CVE-2024-49112, which affects the Lightweight Directory Access Protocol (LDAP) and could allow code injection without user login, executing it with elevated privileges. Microsoft advises disconnecting vulnerable domain controllers from the internet as a precautionary measure.
Another critical RCE vulnerability, CVE-2024-49117, affects Hyper-V, allowing code from a guest system to execute on the host system with just a user login.
Office Security Flaws Patched
In addition to Windows updates, Microsoft has resolved eight security vulnerabilities in its Office suite, including three RCE vulnerabilities. These include issues in Excel, Access, and a notable vulnerability (CVE-2024-49065) that can be exploited through the Outlook preview for file attachments. Fortunately, Microsoft has indicated that this vulnerability does not allow attackers to access user data, although it can disrupt its availability.
The First in a Long Line of AI Vulnerabilities?
In an intriguing development, Microsoft has also addressed CVE-2024-49063, the first identified security flaw in its open-source AI research project, Muzic. This vulnerability highlights potential risks in the realm of artificial intelligence, particularly concerning deserialization errors that could allow attackers to execute malicious code during data conversion processes.
As we approach the new year, the next Patch Tuesday is scheduled for January 14, 2025, with no new Windows malware removal tools announced as of December 2024. The landscape of cybersecurity continues to evolve rapidly, and vigilance remains paramount for users and administrators alike.
