HomeWinBuzzer NewsMicrosoft December 2024 Patch Tuesday Fixes 71 Windows Flaws, One Zero-Day

Microsoft December 2024 Patch Tuesday Fixes 71 Windows Flaws, One Zero-Day

December 2024 Patch Tuesday addresses 71 vulnerabilities, with 16 critical remote code execution issues and one zero-day.

-

Microsoft’s December 2024 Patch Tuesday addresses 71 documented security vulnerabilities across Windows and related products.

The collection of fixes includes one zero-day vulnerability actively exploited prior to the release of official patches.

In total, Microsoft’s updates remediate 27 elevation-of-privilege weaknesses, 30 remote code execution vulnerabilities, 7 information disclosure flaws, 5 denial-of-service issues, and 1 spoofing vulnerability.

Sixteen of these vulnerabilities are classified as critical, all involving remote code execution risks.

Windows Common Log File System Driver Zero-Day

A central focus of this update cycle is a zero-day vulnerability affecting the Windows Common Log File System (CLFS) driver, which attackers had exploited before the availability of an official fix.

By manipulating the CLFS driver’s memory management routines, attackers could gain SYSTEM-level privileges, potentially bypassing security controls and executing arbitrary code at the highest privilege level. Microsoft’s documentation identifies this flaw as CVE-2024-49138.

Other Microsoft Fixes

Beyond the CLFS zero-day, the December updates resolve other remote code execution issues, including those affecting Microsoft Message Queuing (MSMQ) and Windows Remote Desktop Services. (See the complete table below)

For example, vulnerabilities in MSMQ (CVE-2024-49118, CVE-2024-49122) and Windows Remote Desktop Services (CVE-2024-49106, CVE-2024-49108, CVE-2024-49115, CVE-2024-49116, CVE-2024-49119, CVE-2024-49120, CVE-2024-49123, CVE-2024-49128, CVE-2024-49132) could allow attackers to execute malicious code remotely, potentially compromising systems if not promptly patched.

Issues affecting LDAP (Lightweight Directory Access Protocol) components in Windows present both remote code execution and denial-of-service risks.

Vulnerabilities such as CVE-2024-49112, CVE-2024-49124, and CVE-2024-49127 highlight how attackers could potentially abuse directory services to escalate privileges or halt operations.

Elevation of Privilege Vulnerabilities

The December updates also address multiple elevation of privilege vulnerabilities across various Windows components.

Examples include issues in Windows Kernel-Mode Drivers (CVE-2024-49074) and the Windows Cloud Files Mini Filter Driver (CVE-2024-49114). Exploiting these could allow attackers with limited access to gain more powerful control over targeted systems.

Additionally, vulnerabilities in Windows Wireless Wide Area Network Service (CVE-2024-49081, CVE-2024-49101, CVE-2024-49109, CVE-2024-49111, CVE-2024-49094, CVE-2024-49098, CVE-2024-49099, CVE-2024-49103) and Windows Mobile Broadband (CVE-2024-49073, CVE-2024-49077, CVE-2024-49083, CVE-2024-49092, CVE-2024-49087, CVE-2024-49110, CVE-2024-49078) emphasize the importance of securing networking services against privilege escalation attempts and information disclosure.

Additional issues cover a broad set of Microsoft products, including Microsoft Office and SharePoint. Updates fix remote code execution flaws in Microsoft Access (CVE-2024-49142), Excel (CVE-2024-49069), Word (CVE-2024-49065), Publisher (CVE-2024-49079), and SharePoint (CVE-2024-49070).

There are also information disclosure and elevation of privilege vulnerabilities in SharePoint (CVE-2024-49064, CVE-2024-49062, CVE-2024-49068) and Office as a whole (CVE-2024-49059, CVE-2024-43600).

A defense in depth update is also available for Microsoft Office (ADV240002) to enhance overall security posture.

Other addressed vulnerabilities involve Windows Hyper-V (CVE-2024-49117) and DNS (CVE-2024-49091), each capable of enabling remote code execution under particular conditions.

Updates to Windows IP Routing Management Snapin (CVE-2024-49080) and Windows Routing and Remote Access Service (CVE-2024-49085, CVE-2024-49086, CVE-2024-49089, CVE-2024-49125, CVE-2024-49104, CVE-2024-49102) mitigate potential network-level code execution pathways.

Additional elevation of privilege vulnerabilities are resolved in components like Windows Task Scheduler (CVE-2024-49072) and Windows PrintWorkflowUserSvc (CVE-2024-49095, CVE-2024-49097).

Critical remote code execution flaws also affect Windows Local Security Authority Subsystem Service (LSASS) (CVE-2024-49126) and Windows Hyper-V, while the Windows Resilient File System (ReFS) elevation of privilege vulnerability (CVE-2024-49093) and other components reinforce the necessity of systematic patching.

Microsoft December 2024 Patch Tuesday Fixes

Product CVE ID CVE Title Severity
GitHub CVE-2024-49063 Microsoft/Muzic Remote Code Execution Vulnerability Important
Microsoft Defender for Endpoint CVE-2024-49057 Microsoft Defender for Endpoint on Android Spoofing Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2024-12053 Chromium: CVE-2024-12053 Type Confusion in V8 Unknown
Microsoft Edge (Chromium-based) CVE-2024-49041 Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate
Microsoft Office ADV240002 Microsoft Office Defense in Depth Update Moderate
Microsoft Office CVE-2024-49059 Microsoft Office Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2024-43600 Microsoft Office Elevation of Privilege Vulnerability Important
Microsoft Office Access CVE-2024-49142 Microsoft Access Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2024-49069 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Publisher CVE-2024-49079 Input Method Editor (IME) Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2024-49064 Microsoft SharePoint Information Disclosure Vulnerability Important
Microsoft Office SharePoint CVE-2024-49062 Microsoft SharePoint Information Disclosure Vulnerability Important
Microsoft Office SharePoint CVE-2024-49068 Microsoft SharePoint Elevation of Privilege Vulnerability Important
Microsoft Office SharePoint CVE-2024-49070 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2024-49065 Microsoft Office Remote Code Execution Vulnerability Important
Role: DNS Server CVE-2024-49091 Windows Domain Name Service Remote Code Execution Vulnerability Important
Role: Windows Hyper-V CVE-2024-49117 Windows Hyper-V Remote Code Execution Vulnerability Critical
System Center Operations Manager CVE-2024-43594 System Center Operations Manager Elevation of Privilege Vulnerability Important
Windows Cloud Files Mini Filter Driver CVE-2024-49114 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2024-49088 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2024-49138 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2024-49090 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows File Explorer CVE-2024-49082 Windows File Explorer Information Disclosure Vulnerability Important
Windows IP Routing Management Snapin CVE-2024-49080 Windows IP Routing Management Snapin Remote Code Execution Vulnerability Important
Windows Kernel CVE-2024-49084 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel-Mode Drivers CVE-2024-49074 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important
Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49121 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important
Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49124 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability Critical
Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49112 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical
Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49113 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important
Windows LDAP – Lightweight Directory Access Protocol CVE-2024-49127 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical
Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-49126 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability Critical
Windows Message Queuing CVE-2024-49118 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical
Windows Message Queuing CVE-2024-49122 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical
Windows Message Queuing CVE-2024-49096 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Important
Windows Mobile Broadband CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows Mobile Broadband CVE-2024-49077 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows Mobile Broadband CVE-2024-49083 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows Mobile Broadband CVE-2024-49092 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows Mobile Broadband CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability Important
Windows Mobile Broadband CVE-2024-49110 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows Mobile Broadband CVE-2024-49078 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows PrintWorkflowUserSvc CVE-2024-49095 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important
Windows PrintWorkflowUserSvc CVE-2024-49097 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important
Windows Remote Desktop CVE-2024-49132 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49115 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49116 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49123 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49129 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Important
Windows Remote Desktop Services CVE-2024-49075 Windows Remote Desktop Services Denial of Service Vulnerability Important
Windows Remote Desktop Services CVE-2024-49128 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49106 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49108 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49119 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Remote Desktop Services CVE-2024-49120 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Windows Resilient File System (ReFS) CVE-2024-49093 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-49085 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-49086 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-49089 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-49125 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-49104 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2024-49102 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Task Scheduler CVE-2024-49072 Windows Task Scheduler Elevation of Privilege Vulnerability Important
Windows Virtualization-Based Security (VBS) Enclave CVE-2024-49076 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49081 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49103 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49111 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49109 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49101 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49094 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49098 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Important
Windows Wireless Wide Area Network Service CVE-2024-49099 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Important
WmsRepair Service CVE-2024-49107 WmsRepair Service Elevation of Privilege Vulnerability Important
Markus Kasanmascheff
Markus Kasanmascheff
Markus has been covering the tech industry for more than 15 years. He is holding a Master´s degree in International Economics and is the founder and managing editor of Winbuzzer.com.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x